1. 25 Nov, 2013 2 commits
  2. 05 Nov, 2013 1 commit
  3. 01 Nov, 2013 3 commits
  4. 31 Oct, 2013 5 commits
    • unknown's avatar
      No commit message · 8f705054
      unknown authored
      No commit message
      8f705054
    • unknown's avatar
      No commit message · e87a37a2
      unknown authored
      No commit message
      e87a37a2
    • Venkata Sidagam's avatar
      Bug #12917164 DROP USER CAN'T DROP USERS WITH LEGACY · 186a9fc7
      Venkata Sidagam authored
          UPPER CASE HOST NAME ANYMORE
      Merging from mysql-5.1 to mysql-5.5
      186a9fc7
    • Venkata Sidagam's avatar
      Bug #12917164 DROP USER CAN'T DROP USERS WITH LEGACY · 19990c92
      Venkata Sidagam authored
          UPPER CASE HOST NAME ANYMORE
      
      Description:
      It is not possible to drop users with host names with upper case
      letters in them. i.e DROP USER 'root'@'Tmp_Host_Name'; is failing
      with error.
      
      Analysis: Since the fix 11748570 we came up with lower case hostnames
      as standard. But in the current bug the hostname is created by
      mysql_install_db script is still having upper case hostnames. 
      So, if we have the hostname with upper case letters like(Tmp_Host_Name)
      then we will have as it is stored in the mysql.user table. 
      In this case if use "'DROP USER 'root'@'Tmp_Host_Name';" it gives 
      error because we do compare with the lower case of hostname since the 
      11748570 fix.
      
      Fix: We need to convert the hostname to lower case before storing into 
      the mysql.user table when we run the mysql_install_db script.
      19990c92
    • unknown's avatar
      No commit message · 6e059fd1
      unknown authored
      No commit message
      6e059fd1
  5. 30 Oct, 2013 2 commits
  6. 29 Oct, 2013 3 commits
  7. 28 Oct, 2013 1 commit
  8. 25 Oct, 2013 2 commits
  9. 21 Oct, 2013 2 commits
    • Jon Olav Hauglid's avatar
      Bug#17632386: WITH_ASAN CONFLICTS WITH -WL,--NO-UNDEFINED · 63a205d4
      Jon Olav Hauglid authored
      -Wl,--no-undefined (=-z defs) gives linking errors when used with WITH_ASAN.
      According to the documentation:
      "When linking shared libraries, the AddressSanitizer run-time is not linked,
      so -Wl,-z,defs may cause link errors (don’t use it with AddressSanitizer)."
      
      This patch turns off -Wl,--no-undefined if WITH_ASAN is used.
      63a205d4
    • Aditya A's avatar
      Bug #16051817 GOT ERROR 124 FROM STORAGE ENGINE · c5896384
      Aditya A authored
                     ON DELETE FROM A PARTITIONED TABLE
      
      PROBLEM
      -------
      
      The user first disables all the non unique indexes
      in the table and then rebuilds one partition.
      During rebuild the indexes on that particular
      partition are enabled. Now when we give a query 
      the optimizer is unaware that on one partition 
      indexes are enabled and if the optimizer selects
      that index,myisam thinks that the index is not 
      active and gives an error.
      
      FIX
      ---
      
      Before rebuilding a partition check whether non
      unique indexes are disabled on the partitons.
      If they are disabled then after rebuild disable
      the index on the partition. 
      
      [Approved by Mattiasj #rb3469]
      c5896384
  10. 19 Oct, 2013 1 commit
  11. 18 Oct, 2013 7 commits
    • Mattias Jonsson's avatar
      post-push fix for bug17565888. · a91fcaf4
      Mattias Jonsson authored
      Too restrictive assertion, failing during purge
      a91fcaf4
    • Mattias Jonsson's avatar
      post-push fix for bug17565888. · e6a734a7
      Mattias Jonsson authored
      Too restrictive assertion, can fail during purge
      e6a734a7
    • Mattias Jonsson's avatar
      Bug#17565888: UP TO 75% INCREASE IN DBT3 QUERY (Q7) EXECUTION TIME · 20f579ea
      Mattias Jonsson authored
      Regression from bug#14621190 due to disabled optimistic restoration
      of cursor, which required full key lookup instead of verifying
      if previously positioned btree cursor could be reused.
      
      Fixed by enable optimistic restore and adjust cursor afterward.
      
      rb#3324 approved by Marko.
      20f579ea
    • Anirudh Mangipudi's avatar
      Bug #17357535 BACKPORT BUG#16241992 TO 5.5 · 18079ac9
      Anirudh Mangipudi authored
      Problem:
      COM_CHANGE_USER allows brute-force attempts to crack a password at a very high
      rate as it does not cause any significant delay after a login attempt has
      failed. This issue was reproduced using John-The-Ripper password
      cracking tool through which about 5000 passwords per second could be attempted.
      
      Solution:
      The non-GA version's solution was to disconnect the connection when a login
      attempt failed. Now since our aim to to reduce the rate at which passwords 
      are tested, we introduced a sleep(1) after every login attempt failed. This
      significantly increased the delay with which the password was cracked.
      18079ac9
    • Luis Soares's avatar
      BUG#17460821 · 6fd6b38c
      Luis Soares authored
      Automerged from mysql-5.5 bug branch into latest mysql-5.5.
      6fd6b38c
    • Aditya A's avatar
      Bug#17559867 AFTER REBUILDING , A MYISAM PARTITION ENDS UP · 94630ddd
      Aditya A authored
                   AS A INNODB PARTITTION.
      [Merged from 5.1]             
      94630ddd
    • Aditya A's avatar
      Bug#17559867 AFTER REBUILDING,A MYISAM PARTITION ENDS UP · cd6f3b55
      Aditya A authored
                   AS A INNODB PARTITTION.
      
      PROBLEM
      -------
      The correct engine_type was not being set during 
      rebuild of the partition due to which the handler
      was always created with the default engine,
      which is innodb for 5.5+ ,therefore even if the
      table was myisam, after rebuilding the partitions
      ended up as innodb partitions.
      
      FIX
      ---
      Set the correct engine type during rebuild.  
      
      [Approved by mattiasj #rb3599]
      cd6f3b55
  12. 17 Oct, 2013 4 commits
    • Luis Soares's avatar
      BUG#17460821: ASSERTION ERROR WHEN STOPPING SLAVE AFTER SEMI-SYNC ON MASTER IS DISABLED · 863d67e3
      Luis Soares authored
      The assertion happens when: (i) the master and slave are configured to
      use the semisync plugin; (ii) the DBA disables semisync on the master;
      (iii) and he also unsets the option to wait for slaves ACK even if the
      semisync slave count reaches 0 during the waiting period. This
      combination of factors makes the server run into an assertion as soon
      as the last semisync slave disconnects and its dump thread exits.
        
      The root of the problem is the fact that when the dump thread
      disconnects and calls the observer hook transmit_stop, which ends up
      calling ReplSemiSyncMaster::remove_slave, there is no check whether
      the master has already disabled semisync or not. If it has, the then a
      second call to the switch_off member function must be avoided.
        
      The quick fix is to avoid calling switch_off if the DBA has disabled
      the semisync plugin interactively on the master. Also, the switch_off
      member function should only be called if the plugin has not been
      switched off already. This is basically the pattern throughout the
      rest of the semisync plugin and no other calls seem vulnerable to
      similar crashes/assertions.
      
      (This a backport of the patch to 5.5, which is also vulnerable.)
      863d67e3
    • Anil Toshniwal's avatar
      Bug#17513737 INTRODUCE CHECK TABLE...QUICK · 7c3d3f19
      Anil Toshniwal authored
      --Implemented CHECK TABLE...QUICK.
        Introduce CHECK TABLE...QUICK that would skip the btr_validate_index()
        and btr_search_validate() call, and count the no. of records in each index.
      
      Approved by Marko and Kevin. (rb#3567).
      
      7c3d3f19
    • unknown's avatar
      No commit message · 1b199c14
      unknown authored
      No commit message
      1b199c14
    • Luis Soares's avatar
      BUG#17508351 · 54a36531
      Luis Soares authored
      Merging mysql-5.5 bug branch into latest mysql-5.5.
      54a36531
  13. 16 Oct, 2013 6 commits
    • Venkatesh Duggirala's avatar
      Bug#17234370 LAST_INSERT_ID IS REPLICATED INCORRECTLY IF · 633cc16e
      Venkatesh Duggirala authored
      REPLICATION FILTERS ARE USED.
      Merging fix from mysql-5.1
      
      633cc16e
    • Venkatesh Duggirala's avatar
      Bug#17234370 LAST_INSERT_ID IS REPLICATED INCORRECTLY IF · 2b07397b
      Venkatesh Duggirala authored
      REPLICATION FILTERS ARE USED.
      
      Problem:
      When Filtered-slave applies Int_var_log_event and when it
      tries to write the event to its own binlog, LAST_INSERT_ID
      value is written wrongly.
      
      Analysis:
      THD::stmt_depends_on_first_successful_insert_id_in_prev_stmt
      is a variable which is set when LAST_INSERT_ID() is used by
      a statement. If it is set, first_successful_insert_id_in_
      prev_stmt_for_binlog will be stored in the statement-based
      binlog. This variable is CUMULATIVE along the execution of
      a stored function or trigger: if one substatement sets it
      to 1 it will stay 1 until the function/trigger ends,
      thus making sure that first_successful_insert_id_in_
      prev_stmt_for_binlog does not change anymore and is
      propagated to the caller for binlogging. This is achieved
      using the following code
      if(!stmt_depends_on_first_successful_insert_id_in_prev_stmt)               
      {                                                                           
        /* It's the first time we read it */                                      
        first_successful_insert_id_in_prev_stmt_for_binlog=                       
        first_successful_insert_id_in_prev_stmt;                                
        stmt_depends_on_first_successful_insert_id_in_prev_stmt= 1;               
      }
      
      Slave server, after receiving Int_var_log_event event from
      master, it is setting
      stmt_depends_on_first_successful_insert_id_in_prev_stmt
      to true(*which is wrong*) and not setting
      first_successful_insert_id_in_prev_stmt_for_binlog. Because
      of this problem, when the actual DML statement with
      LAST_INSERT_ID() is parsed by slave SQL thread,
      first_successful_insert_id_in_prev_stmt_for_binlog is not
      set. Hence the value zero (default value) is written to
      slave's binlog.
      
      Why only *Filtered slave* is effected when the code is
      in common place:
      -------------------------------------------------------
      In Query_log_event::do_apply_event,
      THD::stmt_depends_on_first_successful_insert_id_in_prev_stmt
      is reset to zero at the end of the function. In case of
      normal slave (No Filters), this variable will be reset. 
      In Filtered slave, Slave SQL thread defers all IRU events's
      execution until IRU's Query_log event is received. Once it
      receives Query_log_event it executes all pending IRU events
      and then it executes Query_log_event. Hence the variable is
      not getting reset to 0, causing this bug.
      
      Fix: As described above, the root cause was setting 
      THD::stmt_depends_on_first_successful_insert_id_in_prev_stmt
      when Int_var_log_event was executed by a SQL thread. Hence
      removing the problematic line from the code.
      2b07397b
    • Venkata Sidagam's avatar
      Bug#16900358 FIX FOR CVE-2012-5611 IS INCOMPLETE · e84d4874
      Venkata Sidagam authored
      Merging from mysql-5.1 to mysql-5.5
      e84d4874
    • Venkata Sidagam's avatar
      Bug#16900358 FIX FOR CVE-2012-5611 IS INCOMPLETE · de0e8a02
      Venkata Sidagam authored
      Description: Fix for bug CVE-2012-5611 (bug 67685) is 
      incomplete. The ACL_KEY_LENGTH-sized buffers in acl_get() and 
      check_grant_db() can be overflown by up to two bytes. That's 
      probably not enough to do anything more serious than crashing 
      mysqld.
      Analysis: In acl_get() when "copy_length" is calculated it 
      just adding the variable lengths. But when we are using them 
      with strmov() we are adding +1 to each. This will lead to a 
      three byte buffer overflow (i.e two +1's at strmov() and one 
      byte for the null added by strmov() function). Similarly it 
      happens for check_grant_db() function as well.
      Fix: We need to add "+2" to "copy_length" in acl_get() 
      and "+1" to "copy_length" in check_grant_db(). 
      de0e8a02
    • Sujatha Sivakumar's avatar
      Bug#17429677:LAST ARGUMENT OF LOAD DATA ...SET ...STATEMENT · 4522a870
      Sujatha Sivakumar authored
      REPEATED TWICE IN BINLOG
      
      Problem:
      =======
      If LOAD DATA ... SET ... is used the last argument of SET is
      repeated twice in replication binlog.
      
      Analysis:
      ========
      LOAD DATA statements are reconstructed once again before
      they are written to the binary log. When SET clauses are
      specified as part of LOAD DATA statement, these SET clause
      user command strings need to be stored in order to rebuild
      the original user command. During parsing each column and
      the value in the SET command are stored in two differenet
      lists. All the values are stored in a string list.
      
      When SET expression has more than one value as shown in the
      following example:
      SET a = @A, b = CONCAT(@b, '| 123456789');
      
      Parser extracts values in the following manner i.e Item name
      , value string, actual length of the value of the item with
      in the string.
      
      Item a:
      Value for a:"= @A, b = CONCAT(@b, '| 123456789')
      str_length = 4
      Item b:
      Value for b:"= CONCAT(@b, '| 123456789')
      str_length = 27
      
      During reconstructing the LOAD DATA command the above
      strings are retrived as it is and appended to the LOAD DATA
      statement. Hence it becomes as shown below.
      
      SET `a`= @A, b = CONCAT(@b, '| 123456789'),
      `b`= CONCAT(@b, '| 123456789')
      
      Fix:
      ===
      During reconstruction of SET command, retrieve exact item
      value string rather than reading the entire string.
      
      sql/sql_load.cc:
        Added code to extract the exact Item value.
      4522a870
    • Sreedhar.S's avatar
  14. 14 Oct, 2013 1 commit