1. 25 Jan, 2011 1 commit
  2. 12 Jan, 2011 5 commits
    • Georgi Kodinov's avatar
      merge · 28b7f8ad
      Georgi Kodinov authored
      28b7f8ad
    • Alexey Botchkov's avatar
      Bug #57321 crashes and valgrind errors from spatial types · 8b5db960
      Alexey Botchkov authored
              Item_func_spatial_collection::fix_length_and_dec didn't call parent's method, so
              the maybe_null was set to '0' after it. But in this case the result was
              just NULL, that caused wrong behaviour.
      
      per-file comments:
        mysql-test/r/gis.result
      Bug #57321 crashes and valgrind errors from spatial types 
              test result updated.
      
        mysql-test/t/gis.test
      Bug #57321 crashes and valgrind errors from spatial types 
              test case added.
        sql/item_geofunc.h
      Bug #57321 crashes and valgrind errors from spatial types 
              Item_func_geometry::fix_length_and_dec() called in
              Item_func_spatial_collection::fix_length_and_dec().
      8b5db960
    • Dmitry Lenev's avatar
      Fix for bug #58499 "DEFINER-security view selecting from · d4c75324
      Dmitry Lenev authored
      INVOKER-security view access check wrong".
      
      When privilege checks were done for tables used from an 
      INVOKER-security view which in its turn was used from 
      a DEFINER-security view connection's active security
      context was incorrectly used instead of security context
      with privileges of the second view's creator.
      
      This meant that users which had enough rights to access
      the DEFINER-security view and as result were supposed to 
      be able successfully access it were unable to do so in 
      cases when they didn't have privileges on underlying tables 
      of the INVOKER-security view.
      
      This problem was caused by the fact that for INVOKER-security
      views TABLE_LIST::security_ctx member for underlying tables
      were set to 0 even in cases when particular view was used from 
      another DEFINER-security view. This meant that when checks of
      privileges on these underlying tables was done in
      setup_tables_and_check_access() active connection security 
      context was used instead of context corresponding to the 
      creator of caller view.
      
      This fix addresses the problem by ensuring that underlying
      tables of an INVOKER-security view inherit security context
      from the view and thus correct security context is used for
      privilege checks on underlying tables in cases when such view 
      is used from another view with DEFINER-security.
      
      mysql-test/r/view_grant.result:
        Added coverage for various combinations of DEFINER and
        INVOKER-security views, including test for bug #58499
        "DEFINER-security view selecting from INVOKER-security
        view access check wrong".
      mysql-test/t/view_grant.test:
        Added coverage for various combinations of DEFINER and
        INVOKER-security views, including test for bug #58499
        "DEFINER-security view selecting from INVOKER-security
        view access check wrong".
      sql/sql_view.cc:
        When opening a non-suid view ensure that its underlying 
        tables will get the same security context as use for
        checking privileges on the view, i.e. security context
        of view invoker. This context can be different from the
        security context which is currently active for connection 
        in cases when this non-suid view is used from a view with
        suid security. Inheriting security context in such situation
        allows correctly apply privileges of creator of suid view
        in checks for tables of non-suid view (since in this 
        situation creator/definer of suid view serves as invoker
        for non-suid view).
      d4c75324
    • Oystein Grovlen's avatar
      Bug#59211: Select Returns Different Value for min(year) Function · 44458c16
      Oystein Grovlen authored
      get_year_value() contains code to convert 2-digits year to
      4-digits.  The fix for Bug#49910 added a check on the size of
      the underlying field so that this conversion is not done for
      YEAR(4) values. (Since otherwise one would convert invalid
      YEAR(4) values to valid ones.)
      
      The existing check does not work when Item_cache is used, since
      it is not detected when the cache is based on a Field.  The
      reported change in behavior is due to Bug#58030 which added
      extra cached items in min/max computations.
      
      The elegant solution would be to implement
      Item_cache::real_item() to return the underlying Item.
      However, some side effects are observed (change in explain
      output) that indicates that such a change is not straight-
      forward, and definitely not appropriate for an MRU.
      
      Instead, a Item_cache::field() method has been added in order
      to get access to the underlying field.  (This field() method
      eliminates the need for Item_cache::eq_def() used in
      test_if_ref(), but in order to limit the scope of this fix,
      that code has been left as is.)
      
      
      mysql-test/r/type_year.result:
        Added test case for Bug#59211.
      mysql-test/t/type_year.test:
        Added test case for Bug#59211.
      sql/item.h:
        Added function Item_cache::field() to get access to the
        underlying Field of a cached field Value.
      sql/item_cmpfunc.cc:
        Also check underlying fields of Item_cache, not just Item_Field,
        when checking whether the value is of type YEAR(4) or not.
      44458c16
    • Martin Hansson's avatar
      Bug#58207: invalid memory reads when using default column value and · 73d88e80
      Martin Hansson authored
      tmptable needed
      
      The function DEFAULT() works by modifying the the data buffer pointers (often
      referred to as 'record' or 'table record') of its argument. This modification
      is done during name resolution (fix_fields().) Unfortunately, the same
      modification is done when creating a temporary table, because default values
      need to propagate to the new table.
      
      Fixed by skipping the pointer modification for fields that are arguments to
      the DEFAULT function.
      73d88e80
  3. 11 Jan, 2011 3 commits
    • Dmitry Shulga's avatar
      Fixed Bug#58887 - server not throwing "Packet too large" error · 5148eda6
      Dmitry Shulga authored
      if max_allowed_packet >= 16M.
      
      This bug was introduced by patch for bug#42503.
      
      This patch restores behaviour that there was before patch
      for bug#42503 was applied.
      
      sql/net_serv.cc:
        Restored original right condition.
      5148eda6
    • Davi Arnaut's avatar
      Bug#42054: SELECT CURDATE() is returning bad value · 644f0c1d
      Davi Arnaut authored
      The problem from a user point of view was that on Solaris the
      time related functions (e.g. NOW(), SYSDATE(), etc) would always
      return a fixed time.
      
      This bug was happening due to a logic in the time retrieving
      wrapper function which would only call the time() function every
      half second. This interval between calls would be calculated
      using the gethrtime() and the logic relied on the fact that time
      returned by it is monotonic.
      
      Unfortunately, due to bugs in the gethrtime() implementation,
      there are some cases where the time returned by it can drift
      (See Solaris bug id 6600939), potentially causing the interval
      calculation logic to fail.
      
      The solution is to retrieve the correct time whenever a drift in
      the time returned by gethrtime() is detected. That is, do not
      use the cached time whenever the values (previous and current)
      returned by gethrtime() are not monotonically increasing.
      
      mysys/my_getsystime.c:
        Do not used the cached time if gethrtime is not monotonic.
      644f0c1d
    • Jan Wedvik's avatar
      Fix for bug#58553, "Queries with pushed conditions causes 'explain extended' · 7f09ed8d
      Jan Wedvik authored
      to crash mysqld". 
            
      handler::pushed_cond was not always properly reset when table objects where
      recycled via the table cache.
            
      handler::pushed_cond is now set to NULL in handler::ha_reset(). This should 
      prevent pushed conditions from (incorrectly) re-apperaring in later queries.
      7f09ed8d
  4. 10 Jan, 2011 3 commits
  5. 08 Jan, 2011 2 commits
  6. 07 Jan, 2011 10 commits
  7. 06 Jan, 2011 3 commits
  8. 05 Jan, 2011 4 commits
  9. 04 Jan, 2011 3 commits
    • unknown's avatar
      43818 - Patch for mysql-5.1-innodb · 4aef2023
      unknown authored
      Avoid handler::info() call for three Information Schema tables;
      TABLE_CONSTRAINTS, KEY_COLUMN_USAGE, & REFERENTIAL_CONTRAINTS
      4aef2023
    • Jon Olav Hauglid's avatar
      Bug #50619 assert in handler::update_auto_increment · 2bbc6f38
      Jon Olav Hauglid authored
      This assert could be triggered if -1 was inserted into
      an auto increment column by a statement writing more than
      one row.
      
      Unless explicitly given, an interval of auto increment values
      is generated when a statement first needs an auto increment
      value. The triggered assert checks that the auto increment
      counter is equal to or higher than the lower bound of this
      interval.
      
      Generally, the auto increment counter starts at 1 and is
      incremented by 1 each time it is used. However, inserting an
      explicit value into the auto increment column, sets the auto
      increment counter to this value + 1 if this value is higher
      than the current value of the auto increment counter.
      
      This bug was triggered if the explicit value was -1. Since the
      value was converted to unsigned before any comparisons were made,
      it was found to be higher than the current vale of the auto
      increment counter and the counter was set to -1 + 1. This value
      was below the reserved interval and caused the assert to be
      triggered the next time the statement tried to write a row.
      
      With the patch for Bug#39828, this bug is no longer repeatable.
      Now, -1 + 1 is detected as an "overflow" which causes the auto
      increment counter to be set to ULONGLONG_MAX. This avoids hitting
      the assert for the next insert and causes a new interval of
      auto increment values to be generated. This resolves the issue.
      
      This patch therefore only contains a regression test and no code
      changes. Test case added to auto_increment.test.
      2bbc6f38
    • Mattias Jonsson's avatar
      merge · 2eba1e8b
      Mattias Jonsson authored
      2eba1e8b
  10. 31 Dec, 2010 1 commit
  11. 29 Dec, 2010 4 commits
    • Alexander Nozdrin's avatar
      Empty merge from mysql-5.0. · 664dd08e
      Alexander Nozdrin authored
      664dd08e
    • Alexander Nozdrin's avatar
      Auto-merge from mysql-5.1-bugteam. · 7983590d
      Alexander Nozdrin authored
      7983590d
    • Alexander Nozdrin's avatar
      Auto-merge from mysql-5.0-bugteam. · a218c24f
      Alexander Nozdrin authored
      a218c24f
    • unknown's avatar
      Bug #50914 mysqlbinlog not handling drop of current default database · b15f216c
      unknown authored
      mysqlbinlog only prints "use $database" statements to its output stream
      when the active default database changes between events. This will cause
      "No Database Selected" error when dropping and recreating that database.
      
      To fix the problem, we clear print_event_info->db when printing an event
      of CREATE/DROP/ALTER database statements, so that the Query_log_event
      after such statements will be printed with the use 'db' anyway except
      transaction keywords.
      
      mysql-test/r/mysqlbinlog.result:
        Test result for Bug#50914.
      mysql-test/t/mysqlbinlog.test:
        Added test to verify if the approach of the mysqlbinlog prints
        "use $database" statements to its output stream will cause
        "No Database Selected" error when dropping and recreating
        that database.
      sql/log_event.cc:
        Updated code to clear print_event_info->db when printing an event
        of CREATE/DROP/ALTER database statements, so that the Query_log_event
        after such statements will be printed with the use 'db' anyway except
        transaction keywords.
      b15f216c
  12. 28 Dec, 2010 1 commit