1. 30 Apr, 2010 2 commits
    • Alexey Kopytov's avatar
      Automerge. · 0f5afe5d
      Alexey Kopytov authored
      0f5afe5d
    • Alexey Kopytov's avatar
      Bug #48419: another explain crash.. · 96366e11
      Alexey Kopytov authored
      WHERE predicates containing references to empty tables in a
      subquery were handled incorrectly by the optimizer when
      executing EXPLAIN. As a result, the optimizer could try to
      evaluate such predicates rather than just stop with
      "Impossible WHERE noticed after reading const tables" as 
      it would do in a non-subquery case. This led to valgrind 
      errors and crashes.
      
      Fixed the code checking the above condition so that subqueries
      are not excluded and hence are handled in the same way as top
      level SELECTs.
      96366e11
  2. 29 Apr, 2010 3 commits
    • Davi Arnaut's avatar
      Manual merge. · 55b7b756
      Davi Arnaut authored
      55b7b756
    • Davi Arnaut's avatar
      Bug#50974: Server keeps receiving big (> max_allowed_packet) packets indefinitely. · 14ccbeb4
      Davi Arnaut authored
      The server could be tricked to read packets indefinitely if it
      received a packet larger than the maximum size of one packet.
      This problem is aggravated by the fact that it can be triggered
      before authentication.
      
      The solution is to no skip big packets for non-authenticated
      sessions. If a big packet is sent before a session is authen-
      ticated, a error is returned and the connection is closed.
      14ccbeb4
    • Ramil Kalimullin's avatar
      Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing · 933e5ca5
      Ramil Kalimullin authored
      Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only
      SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not
      checked for sanity. By sending long data for the table a buffer is overflown, which can
      be used deliberately to include code that harms".
      
      Fix: check incoming data length.
      933e5ca5
  3. 26 Apr, 2010 1 commit
    • Alexey Kopytov's avatar
      Backport of the fix for bug #50335 to 5.0. · 1a1fd04d
      Alexey Kopytov authored
      The problem was in an incorrect debug assertion. The expression
      used in the failing assertion states that when finding
      references matching ORDER BY expressions, there can be only one
      reference to a single table. But that does not make any sense,
      all test cases for this bug are valid examples with multiple
      identical WHERE expressions referencing the same table which
      are also present in the ORDER BY list.
      
      Fixed by removing the failing assertion. We also have to take
      care of the 'found' counter so that we count multiple
      references only once. We rely on this fact later in
      eq_ref_table().
      1a1fd04d
  4. 06 Apr, 2010 2 commits
  5. 01 Apr, 2010 1 commit
    • Davi Arnaut's avatar
      Bug#50755: Crash if stored routine def contains version comments · 49318af3
      Davi Arnaut authored
      The problem was that a syntactically invalid trigger could cause
      the server to crash when trying to list triggers. The crash would
      happen due to a mishap in the backup/restore procedure that should
      protect parser items which are not associated with the trigger. The
      backup/restore is used to isolate the parse tree (and context) of
      a statement from the load (and parsing) of a trigger. In this case,
      a error during the parsing of a trigger could cause the improper
      backup/restore sequence.
      
      The solution is to properly restore the original statement context
      before the parser is exited due to syntax errors in the trigger body.
      49318af3
  6. 29 Apr, 2010 1 commit
  7. 28 Apr, 2010 1 commit
    • Georgi Kodinov's avatar
      Bug #47453: InnoDB incorrectly changes TIMESTAMP columns when JOINed · 70a96913
      Georgi Kodinov authored
      during an UPDATE
      
      Extended the fix for bug 29310 to multi-table update:
      
      When a table is being updated it has two set of fields - fields required for
      checks of conditions and fields to be updated. A storage engine is allowed
      not to retrieve columns marked for update. Due to this fact records can't
      be compared to see whether the data has been changed or not. This makes the
      server always update records independently of data change.
        
      Now when an auto-updatable timestamp field is present and server sees that
      a table handle isn't going to retrieve write-only fields then all of such
      fields are marked as to be read to force the handler to retrieve them.
      70a96913
  8. 27 Apr, 2010 1 commit
  9. 26 Apr, 2010 2 commits
  10. 25 Apr, 2010 1 commit
  11. 22 Apr, 2010 1 commit
    • Staale Smedseng's avatar
      Bug#46261 Plugins can be installed with --skip-grant-tables · 9ea55766
      Staale Smedseng authored
      Previously installed dynamic plugins are explicitly not loaded
      on startup with --skip-grant-tables enabled. However, INSTALL
      PLUGIN/UNINSTALL PLUGIN commands are allowed, and result in
      inconsistent error messages (reporting duplicate plugin or
      plugin does not exist).
      
      This patch adds a check for --skip-grant-tables mode, and
      returns error ER_OPTION_PREVENTS_STATEMENT to the user when
      the above commands are attempted.
      9ea55766
  12. 20 Apr, 2010 2 commits
  13. 19 Apr, 2010 1 commit
  14. 16 Apr, 2010 6 commits
    • Kristofer Pettersson's avatar
      Automerge · f3945431
      Kristofer Pettersson authored
      f3945431
    • Kristofer Pettersson's avatar
      Bug#50373 --secure-file-priv="" · 2a37d531
      Kristofer Pettersson authored
      The server variable opt_secure_file_priv wasn't
      normalized properly and caused the operations
      LOAD DATA INFILE .. INTO TABLE ..
      and
      SELECT load_file(..)
      to do different interpretations of the 
      --secure-file-priv option.
      
      The patch moves code to the server initialization
      routines so that the path always is normalized
      once and only once.
      
      It was also intended that setting the option
      to an empty string should be equal to 
      lifting all previously set restrictions. This
      is also fixed by this patch.
      2a37d531
    • Staale Smedseng's avatar
      Bug#51591 deadlock in the plugins+status+variables · 6156581e
      Staale Smedseng authored
            
      Potential deadlock situation involving LOCK_plugin,
      LOCK_global_system_variables and LOCK_status.
            
      This patch backports the fix from next-mr, unlocking
      LOCK_plugin before calling plugin->init() and
      add_status_vars().
      6156581e
    • Sergey Glukhov's avatar
      Bug#52124 memory leaks like a sieve in datetime, timestamp, time, date fields + warnings · 0d242648
      Sergey Glukhov authored
      Arg_comparator initializes 'comparators' array in case of
      ROW comparison and does not free this array on destruction.
      It leads to memory leaks.
      The fix:
      -added Arg_comparator::cleanup() method which frees
       'comparators' array.
      -added Item_bool_func2::cleanup() method which calls 
       Arg_comparator::cleanup() method
      0d242648
    • Georgi Kodinov's avatar
      Bug #52629: memory leak from sys_var_thd_dbug in binlog.binlog_write_error · 51880686
      Georgi Kodinov authored
      When re-setting (SET GLOBAL debug='') the GLOBAL debug settings the 
      server was not freeing the data elements from the top (initial) frame 
      before setting them to 0 without freeing the underlying memory. As these 
      are global settings there's a chance that something is there already.
      Fixed by :
      1. making sure the allocated data are cleaned up before re-setting them
      while parsing a debug string
      2. making sure the stuff allocated in the global settings is freed on 
      shutdown.
      51880686
    • Luis Soares's avatar
      b5c258a8
  15. 15 Apr, 2010 1 commit
  16. 14 Apr, 2010 2 commits
    • Sergey Vojtovich's avatar
      Merge fix for BUG39053 to 5.1-bugteam. · 2fe70872
      Sergey Vojtovich authored
      2fe70872
    • Sergey Vojtovich's avatar
      BUG#39053 - UNISTALL PLUGIN does not allow the storage engine · b89feb5b
      Sergey Vojtovich authored
                  to cleanup open connections
      
      It was possible to UNINSTALL storage engine plugin when binding
      between THD object and storage engine is still active (e.g. in
      the middle of transaction).
      
      To avoid unclean deactivation (uninstall) of storage engine plugin
      in the middle of transaction, additional storage engine plugin
      lock is acquired by thd_set_ha_data().
      
      If ha_data is not null and storage engine plugin was not locked
      by thd_set_ha_data() in this connection before, storage engine
      plugin gets locked.
      
      If ha_data is null and storage engine plugin was locked by
      thd_set_ha_data() in this connection before, storage engine
      plugin lock gets released.
      
      If handlerton::close_connection() didn't reset ha_data, server does
      it immediately after calling handlerton::close_connection().
      
      Note that this is just a framework fix, storage engines must switch
      to thd_set_ha_data() from thd_ha_data() if they want to see fit.
      b89feb5b
  17. 12 Apr, 2010 2 commits
  18. 09 Apr, 2010 2 commits
    • Davi Arnaut's avatar
      Backport revision alik@sun.com-20100223131824-comthndat57kx8s5: · 9d59b270
      Davi Arnaut authored
      Add ignore pattern for valgrind messages.
      9d59b270
    • Georgi Kodinov's avatar
      Bug #47095: Can't open_files_limit really be larger than 65535? · 17a21c4f
      Georgi Kodinov authored
      Several problems addressed:
      
      1. The maximum value for --open_files_limit on non-windows boxes
      is now raised to UINT_MAX (the maximum possible without significant
      changes in the code). The maximum value on windows is kept to be
      2048 due to a known limitation (bug 24509).
      
      2. mysqld_safe now supports --open_files_limit=xx in addition to 
      --open-files-limit=xx
      
      3. mysqld_safe always passes through --open[_-]files[_-]limit
      to the underlying mysqld. It used to pass it through only if it 
      the user running the script has access to the root directory or
      there was an --user argument specified.
      
      4. Fixed a prototype in my_file.c to match its counterpart in 
      the other #ifdef branch.
      17a21c4f
  19. 07 Apr, 2010 1 commit
  20. 06 Apr, 2010 5 commits
  21. 05 Apr, 2010 1 commit
    • Sergey Glukhov's avatar
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355 · 416f3205
      Sergey Glukhov authored
      The problem is that we can not use make_cond_for_table().
      This function relies on used_tables() condition
      which is not set properly for subqueries.
      As result subquery is not filtered out.
      The fix is to use remove_eq_conds() function instead
      of make_cond_for_table() func. 'remove_eq_conds()'
      algorithm relies on const_item() value and it allows
      to handle subqueries in right way.
      416f3205
  22. 02 Apr, 2010 1 commit
    • Gleb Shchepa's avatar
      Bug #40625: Concat fails on DOUBLE values in a Stored · 99a0ace4
      Gleb Shchepa authored
                  Procedure, while DECIMAL works
      
      Selecting of the CONCAT(...<SP variable>...) result into
      a user variable may return wrong data.
      
      
      Item_func_concat::val_str contains a number of memory
      allocation-saving tricks. One of them concatenates
      strings inplace inserting the value of one string
      at the beginning of the other string. However,
      this trick didn't care about strings those points
      to the same data buffer: this is possible when
      a CONCAT() parameter is a stored procedure variable -
      Item_sp_variable::val_str() uses the intermediate
      Item_sp_variable::str_value field, where it may
      store a reference to an external buffer.
      
      
      The Item_func_concat::val_str function has been
      modified to take into account val_str functions
      (such as Item_sp_variable::val_str) that return
      a pointer to an internal Item member variable
      that may reference to a buffer provided.
      99a0ace4