When there are quotes in the USE statement, the mysql client does
not correctly escape them.

The USE statement is processed line by line from the client's parser,
and cannot handle multi-line commands as the server.

The fix is to escape the USE parameters whenever quotes are used.

               XML

DESCRIPTION
===========
LOAD XML INFILE performance becomes painfully slow if the
tags' value has any space(s) in between them. They're
usually kept intentionally for indentation purpose.

ANALYSIS
========
The extra spaces are calling clear_level() many a times
which is having overhead of clearing taglist etc. This can
be avoided altogether by skipping all such spaces.

FIX
===
Trim all the starting whitespaces from the value before
passing it to read_value()

Backport to 5.5

Current MySQL builds, even on Pushbuild, are not reproducible; they return
different results depending on which directory they are built from (and
Pushbuild uses several different directories). This is because absolute paths
leak into debug information, and even worse, __FILE__. The latter moves code
around enough that we've actually seen sysbench changes on the order of 4% in
some tests.

CMake seemingly insists on using absolute paths, but we can insert our own
layer between CMake and GCC to relativize all paths. Also give the right flags
to get debug information reproducible and turn off build stamping. This makes
the mysqld build 100% bit-for-bit reproducible between runs on my machine,
even when run from different directories.

No commit message

             SYMLINK CHECK RACE CONDITIONS

ANALYSIS:
=========
A potential defect exists in the handling of CREATE
TABLE .. DATA DIRECTORY/ INDEX DIRECTORY which gives way to
the user to gain access to another user table or a system
table.

FIX:
====
The lstat and fstat output of the target files are now
stored which help in determining the identity of the target
files thus preventing the unauthorized access to other
files.

- mysqladmin is needed by InnoDB Cluster, add tool to docker/minimal package.

               CLIENT (CONTRIBUTION)

DESCRIPTION:
============
Binary data should be printed as hex in the mysql client
when the option binary-as-hex is enabled.

ANALYSIS:
=========
The fix deals only with mysql command line client.
It does not change, at all, the data sent to the
applications. Printing binary data as hex also
allows to use the output in the where clause
of the query.

FIX:
====
A new option 'binary-as-hex' is introduced to print the
binary contents as hex in the mysql client. The option
is disabled by default. When the option is enabled, we
convert the binary data to hex before printing the
contents irrespective of whether it is in tabular,
xml or html format.

Description: If libmysql is compiled with WITH_SSL=NO,
             --ssl-* are not useful.

Solution: 1. Restricted WITH_SSL to values : bundled | yes | system
          2. Made "bundled" as default value for WITH_SSL. Also,
             not specifying WITH_SSL or even specifying WITH_SSL=no
             will be treated as/converted to WITH_SSL=bundled.
Reviewed-By: Tor Didriksen <tor.didriksen@oracle.com>
Reviewed-By: Georgi Kodinov <georgi.kodinov@oracle.com>
(cherry picked from commit 3eb2058be34d1a21771fe89ff1a0c08f156899bc)

(cherry picked from commit 7df8dc750c26ead87c643f87dccba28a66cf3c9b)

Description: If libmysql is compiled with WITH_SSL=NO,
             --ssl-* are not useful.

Solution: 1. Restricted WITH_SSL to values : bundled | yes | system
          2. Made "bundled" as default value for WITH_SSL. Also,
             not specifying WITH_SSL or even specifying WITH_SSL=no
             will be treated as/converted to WITH_SSL=bundled.
Reviewed-By: Tor Didriksen <tor.didriksen@oracle.com>
Reviewed-By: Georgi Kodinov <georgi.kodinov@oracle.com>

               FROM THE CURRENT DIRECTORY

DESCRIPTION
===========
When 'mysqlaccess' tool is run, it reads (and executes) the
content of its configuration file 'mysqlaccess.conf' from
the current directory. This is not a recommended behaviour
as someone with ill intentions can insert malicious
instructions into this file which could be executed
whenever this tool is run.

ANALYSIS
========
The configuration file is presently looked for, in the
following folders (in given order):
1. Current directory
2. SYSCONFDIR       //This gets expanded
3. /etc/

Owing to the reasons mentioned above, we should not permit
the file to be in the current directory. Since the other
two folders are assumed to be accessible only to authorized
people, the config file is safe to be read from there.

FIX
===
Modified the script so that it looks for the config file
now in the following two folders (in the given order):
1. SYSCONFDIR
2. /etc/

If it's absent from above locations but present in current
directory, an error is thrown asking the user to move the
file to one of the above locations and retry.

NOTE
====
The location paths and their precedence are not documented
for this tool. It needs to be noted as part of the
associated documentation.

No commit message

              PRIVILEGE.

Backport from mysql-5.7 to mysql-5.5 and mysql-5.6.

BUG#13969578: TEMPORARY TABLE IN A DATABASE ON A READ-ONLY
                  INSTANCE CAN BE OVERWRITTEN

Analysis:
========

Creation or modification of a persistent table by a non-super user
is NOT ALLOWED in read_only mode. Only TEMPORARY tables are allowed
to be created or modified in read_only mode. But the creation of
a persistent table was being allowed when a temporary table of
the same name existed.

The routine which denies updating a non-temporary table in a
read_only mode does not handle the case of creation of a regular
table when a temporary table of the same exists.

Fix:
===
Handled the condition where an attempt is made to create a persistent
table having the same name as that of the temporary table. Hence
the creation of a persistent table by a non-super user when a
temporary table of the same exists is denied under read_only mode.

Use cmake variable to adjust shebang to platform.

No commit message

While writing comments if database object names has a new
line character, then next line is considered a command, rather
than a comment.
This patch fixes the way comments are constructed in mysqldump.

(cherry picked from commit 1099f9d17b1c697c2760f86556f5bae7d202b444)

While writing comments if database object names has a new
line character, then next line is considered a command, rather
than a comment.
This patch fixes the way comments are constructed in mysqldump.

               FT_BOOLEAN_CHECK_SYNTAX_STRING

ISSUE: my_isalnum macro used for checking if character is
       alphanumeric dereferences uninitialized pointer
       in default character set structure resulting in
       server exiting abnormally.

FIX: Used standard isalnum function instead of macro my_isalnum.

Changed MYSQL_OPT_SSL_MODE to be the same as in 5.6 (ABI compatibility).

(cherry picked from commit 47bb4eb5df1629b5d5e30aebfa9d7a6d74388a5d)

Changed MYSQL_OPT_SSL_MODE to be the same as in 5.6 (ABI compatibility).

              THREE BYTES ON X86

Post push fix for resolving main.archive test failure in valgrind.

MYSQL_OPT_SSL_MODE option introduced.
It is set in case of --ssl-mode=REQUIRED and permits only SSL connection.

(cherry picked from commit 3b2d28578c526f347f5cfe763681eff365731f99)

MYSQL_OPT_SSL_MODE option introduced.
It is set in case of --ssl-mode=REQUIRED and permits only SSL connection.

mysqld_safe is working on real files, however passing these file paths
as is to mysqld as options gives different meaning when paths are
relative.

mysqld_safe uses current working directory as basedir for relative paths,
while mysqld uses $datadir as basedir.

              THREE BYTES ON X86

Analysis:
=========
The macro uint3korr reads 4 bytes of data instead of 3 on
on x86 machines.

Multiple definitions were created for this macro for
optimization in WIN32. The idea was to optimize reading of
3 byte ints by reading an ordinary int and masking away the
unused byte. However this is an undefined behavior. It will
be an issue unless users are aware of allocating an extra
byte for using this macro.

Fix:
====
Removing the definition which reads 4 bytes of data. The
only definition of this macro would now read just 3 bytes
of data thus prohibiting the usage of an extra byte.

Note:
=====
This is a backport of Patches #5 and #6 for Bug#17922198.

Description:
============
If you have a relay log index file that has ended up with
some relay log files that do not exists, then RESET SLAVE
ALL is not enough to get back to a clean state.

Analysis:
=========
In the bug scenario slave server is in stopped state and
some of the relay logs got deleted but the relay log index
file is not updated.

During slave server restart replication initialization fails
as some of the required relay logs are missing. User
executes RESET SLAVE/RESET SLAVE ALL command to start a
clean slave. As per the documentation RESET SLAVE command
clears the master info and relay log info repositories,
deletes all the relay log files, and starts a new relay log
file. But in a scenario where the slave server's
Relay_log_info object is not initialized slave will not
purge the existing relay logs. Hence the index file still
remains in a bad state. Users will not be able to start
the slave unless these files are cleared.

Fix:
===
RESET SLAVE/RESET SLAVE ALL commands should do the cleanup
even in a scenario where Relay_log_info object
initialization failed.

Backported a flag named 'error_on_rli_init_info' which is
required to identify slave's Relay_log_info object
initialization failure. This flag exists in MySQL-5.6
onwards as part of BUG#14021292 fix.

During RESET SLAVE/RESET SLAVE ALL execution this flag
indicates the Relay_log_info initialization failure.
In such a case open the relay log index/relay log files
and do the required clean up.

Patch for 5.5 and 5.6
Use default runtime libraries on windows, i.e. build with /MD

              SPORADICALLY ON PB2-5.5 FOR LINUX-VALGRIND

Description: Sporadic failure of variables-bug21503595 test
on pb2-5.5 for linux-valgrind platform.

Fix: This is a issue related to libc and not related to
MySQL code. During dlclose few blocks of memory left
unfreed. This is a known issue in libc and needs to be
suppressed.

Fix: Added a valgrind suppression.

Problem: CREATE TABLE using a fully qualified name with INDEX DIR/DATA DIR
option reports an error when the current database is not SET.

check_access() was incorrectly called with NULL as the database
argument in a situation where the database name was not needed for
the particular privilege being checked. This will cause the current
database to be used, or an error to be reported if there is no current
database.

Fix: Call check_access() with any_db as the database argument in this situation.

			  STRING FUNCTION

Fix:
=======
Added code in QUOTE string function to honor max_allowed_packet.

No commit message

In SysV initscripts for RPMS [mysqld] section was ignored for some options.

Fix of Bug#25088048 caused paths to be relative, not absolute, this
proved to be problematic.

Fix is to still ignore current working directory, however switch to
using full path of basedir, which is set to parent directory of bin/
directory where mysqld_safe is located.

References to legacy tool mysql_print_defaults are removed, only
my_print_defaults is used these days.

This will also fix:
  Bug#11745176 (11192) MYSQLD_SAFE ONLY EVALUATES --DEFAULTS-FILE OPTION WHEN IT IS THE FIRST OP
  Bug#23013510 (80866) MYSQLD_SAFE SHOULD NOT SEARCH $MY_BASEDIR_VERSION/VAR AS DATADIR
  Bug#25244898 (84173) MYSQLD_SAFE --NO-DEFAULTS & SILENTLY DOES NOT WORK ANY MORE
  Bug#25261472 (84219) INITSCRIPT ERRORS WHEN LAUCHING MYSQLD_SAFE IN NON DEFAULT BASEDIR
  Bug#25319392 (84263) MYSQL.SERVER (MYSQL SERVER STARTUP SCRIPT) CAN NOT WORK,AND EXPORT SOME ERROR.
  Bug#25319457         MYSQLD_SAFE MIGHT FAIL IF $DATADIR HAS TRAILING /
  Bug#25341981         MYSQLD_SAFE ASSUMES INCORRECT BASEDIR WHEN EXECUTED WITH ABSOLUTE PATH
  Bug#25356221 (84427) MYSQLD_SAFE FAILS TO START WHEN USING A FIFO FOR LOG-ERROR (REGRESSION)
  Bug#25365194 (84447) MYSQLD_SAFE DOESN'T CHECK EXISTENCE OF GIVEN BASEDIR PARAMETER
  Bug#25377815         ERRORS WHILE STARTING MYSQLD_SAFE WITH SYM LINK ENABLED

               MYSQLD_SAFE

DESCRIPTION
===========
Starting a mysql server by running init script:
/etc/init.d/mysqld start

is failing. This is happening after the changes done in
script 'mysqld_safe' as a patch to Bug#24464380.

ANALYSIS
========
Say customer's /etc/my.cnf has following content:

[mysqld_safe]
.
.
ledir  = /mysqld_ledir
mysqld = mysqld_wrapper

Patch to Bug#24464380 prohibits using "mysqld" (and few
other variables) in config file due to privilege reasons.
Since mysqld init scripts internally calls 'mysqld_safe'
script, the existing configuration has started failing.

FIX
===
In the init script, we now pass MYSQLD_OPTS as the first
argument (expected to be read from /etc/sysconfig/mysqld)
to mysqld_safe command. This new variable can have all the
mysqld_safe's special options as a string containing command
line arguments. For example:

MYSQLD_OPTS=" --ledir=/mysqld_ledir --mysqld=my_wrapper "

NOTE TO THE DOCUMENTATION TEAM
==============================
As mentioned above, the prohibited variables have to be
moved from /etc/my.cnf to /etc/sysconfig/mysqld as a string
containing command-line arguments in the form of variable
MYSQLD_OPTS. We can pass mysqld options as well in this new
variable which would be further passed to mysqld process.

This is backport of WL#7195 to MySQL-5.5. In 5.5, we
offload connection authentication from the acceptor
thread to tp worker threads.

Connection authentication happens in the acceptor thread that
accepts the connection for thread pool plugin. Connection authentication
involves exchanging packets with client and disk I/O
which is time consuming. This can cause other client
connections to starve and wait in the queue possibly increasing the
connect latency and decreasing throughput. In the worst case, some
connections could be dropped. n addition, SSL handshakes are quite
expensive and can stall connections in the accept queue.

This patch offloads connection authentication when thread pool
plugin is used for client connection. Each thread group
shall have a queue of connection_context objects, which represents
new connections that need to be processed by thread group threads.
The connection context is composed of THD object & list pointers
for intrusive queue implementation. Whenever a new connection
arrives, connection context object is created and added to the
queue. A new connect handler thread is created or woken up to handle
the authentication task. The worker thread loop is modified to
process connection events on connect handler threads in addition to
checking for query processing events. The initial number of connect
handler threads is one per thread group and it is restricted to
a maximum of 4 threads per thread group.