- 11 Jun, 2018 1 commit
-
-
Tor Didriksen authored
client/mysql.cc: In function void build_completion_hash(bool, bool): client/mysql.cc:2674:37: error: invalid conversion from char to char* [-fpermissive] field_names[i][num_fields*2]= '\0'; ^~~~
-
- 28 May, 2018 1 commit
-
-
Balasubramanian Kandasamy authored
-
- 21 May, 2018 1 commit
-
-
Arun Kuruvila authored
Description:- MyISAM table gets corrupted with concurrent executions of INSERT, DELETE statements in a particular sequence. Analysis:- Due to the inappropriate manipulation of w_lock and r_lock associated with a MyISAM table, there arises a scenario where the table's state information becomes invalid. Fix:- A lock is introduced to resolve this issue.
-
- 14 May, 2018 1 commit
-
-
Arun Kuruvila authored
Description:- Client applications establishes connection to server, which does not support SSL, via TCP even when SSL is enforced via MYSQL_OPT_SSL_MODE or MYSQL_OPT_SSL_ENFORCE or MYSQL_OPT_SSL_VERIFY_SERVER_CERT. Analysis:- There exist no error handling for catching client applications which enforces SSL connection to connect to a server which does not support SSL. Fix:- Error handling is done to catch above mentioned scenarios.
-
- 10 May, 2018 1 commit
-
-
Arun Kuruvila authored
SHOW_ROUTINE_GRANTS Description :- Server crashes in show_routine_grants(). Analysis :- When "grant_reload_procs_priv" encounters an error, the grant structures (structures with column, function and procedure privileges) are freed. Server crashes when trying to access these structures later. Fix :- Grant structures are retained even when "grant_reload_procs_priv()" encounters an error while reloading column, function and procedure privileges.
-
- 24 Apr, 2018 1 commit
-
-
Arun Kuruvila authored
INSERT PRIVILEGES FOR MYSQL.USER TABLE Description:- Incorrect granting of EXECUTE and ALTER ROUTINE privileges when the 'automatic_sp_privileges' variable is set. Fix:- EXECUTE and ALTER ROUTINE privileges are correctly granted to the creator of the procedure when the 'automatic_sp_privileges' is SET.
-
- 09 Apr, 2018 2 commits
-
-
Ajo Robert authored
WRONG VALUES User variables will have the default session collation associated with it. And a select which uses it as part of a union may infer the collation while type merging. This leads to problems when the result is of DECIMAL type. Setting the appropriate collation of DECIMAL result type is missing in 5.7 code base. Added code to set appropriate collation when the result is of DECIMAL type during Item_type_holder::join_types().
-
Arun Kuruvila authored
Description: Mysqldump utility fails for specific clauses used with the option, 'where'. Analysis:- Method, "fix_identifier_with_newline()" that prefixes all occurrences of newline char ('\n') in incoming buffer does not verify the size of the buffer. The buffer in which the incoming buffer is copied is limited to 2048 bytes and the method does not try to allocate additional memory for larger incoming buffers. Fix:- Method, "fix_identifier_with_newline()" is modified to fix this issue.
-
- 26 Feb, 2018 2 commits
-
-
Balasubramanian Kandasamy authored
-
Nisha Gopalakrishnan authored
PREBUILT->TABLE->N_MYSQL_HANDLES_OPENED == 1 ANALYSIS: ========= Adding unique index to a InnoDB table which is locked as mutliple instances may trigger an InnoDB assert. When we add a primary key or an unique index, we need to drop the original table and rebuild all indexes. InnoDB expects that only the instance of the table that is being rebuilt, is open during the process. In the current scenario we have opened multiple instances of the table. This triggers an assert during table rebuild. 'Locked_tables_list' encapsulates a list of all instances of tables locked by LOCK TABLES statement. FIX: === We are now temporarily closing all the instances of the table except the one which is being altered and later reopen them via Locked_tables_list::reopen_tables().
-
- 23 Feb, 2018 1 commit
-
-
Lars Tangvald authored
Change the file to refer to published git repository directly
-
- 14 Feb, 2018 1 commit
-
-
Karthik Kamath authored
No commit message
-
- 12 Feb, 2018 1 commit
-
-
Arun Kuruvila authored
Description:- Mysql client crashes when trying to connect to a fake server which is sending incorrect packets. Analysis:- Mysql client crashes when it tries to read server version details. Fix:- A check is added in "red_one_row()".
-
- 09 Feb, 2018 1 commit
-
-
Pavan Naik authored
PREVIOUS TO MYSQL 8.0 Description : ------------- The mysqld--defaults-file test fails when the test suite is run from a non-canonical path, which happens when the current working directory when mysql-test-run.pl is started contains a symbolic link. The problem is that this test case uses --replace-result with $MYSQL_TEST_DIR. This variable is a potentially non-canonical path based on the current working directory when mtr is started. However, the path in the expected error message from mysqld contains a canonical path. This means it does not contain $MYSQL_TEST_DIR if mtr's working directory is not the canonical path of the working directory. Because other tests produce output that may contain non-canonical paths, making $MYSQL_TEST_DIR always canonical is not a fix. Fix : ----- Introduced a new environment variable '$ABS_MYSQL_TEST_DIR' which will contin the canonical path to the test directory and replaced $MYSQL_TEST_DIR with the new variable in main.mysqld--defaults-file test file. This is a back-port of BUG#24579973. Change-Id: I3b8df6f2d7ce2b04e188a896d76250cc1addbbc1
-
- 02 Feb, 2018 1 commit
-
-
Joao Gramacho authored
Problem ======= When facing decoding of corrupt binary log files, server may misbehave without detecting the events corruption. This patch makes MySQL server more resilient to binary log decoding. Fixes for events de-serialization and apply =========================================== @sql/log_event.cc Query_log_event::Query_log_event: added a check to ensure query length is respecting event buffer limits. Query_log_event::do_apply_event: extended a debug print, added a check to character set to determine if it is "parseable" or not, verified if database name is valid for system collation. Start_log_event_v3::do_apply_event: report an error on applying a non-supported binary log version. Load_log_event::copy_log_event: added a check to table_name length. User_var_log_event::User_var_log_event: added checks to avoid reading out of buffer limits. User_var_log_event::do_apply_event: reported an sanity check error properly and added individual sanity checks for variable types that expect fixed (or minimum) amount of bytes to be read. Rows_log_event::Rows_log_event: added checks to avoid reading out of buffer limits. @sql/log_event_old.cc Old_rows_log_event::Old_rows_log_event: added a sanity check to avoid reading out of buffer limits. @sql/sql_priv.h Added a sanity check to available_buffer() function.
-
- 11 Jan, 2018 2 commits
-
-
Karthik Kamath authored
STATEMENTS ANALYSIS: ========= A user not having FILE privilege is not allowed to create custom data/index directories for a table or for its partitions via CREATE TABLE but is allowed to do so via ALTER TABLE statement. ALTER TABLE ignores DATA DIRECTORY and INDEX DIRECTORY when given as table options. The issue occurs during the creation of partitions for a table via ALTER TABLE statement with the DATA DIRECTORY and/or INDEX DIRECTORY options. The issue exists because of the absence of FILE privilege check for the user. FIX: ==== A FILE privilege check has been introduced for resolving the above scenario.
-
Bjorn Munch authored
Followup: now that the man pages have actually been removed, we no longer need to take deliberate action to ignore them. Thus we can remove that part of the original change. RPM: drop the conditional removal DEB: remove from the exclude list
-
- 21 Dec, 2017 2 commits
-
-
mysql-builder@oracle.com authored
No commit message
-
mysql-builder@oracle.com authored
No commit message
-
- 05 Dec, 2017 1 commit
-
-
Karthik Kamath authored
IS DROPPED ANALYSIS: ========= It is advised not to tamper with the system tables. When primary key is dropped from a system table, certain operations on the table which tries to access the table key information may lead to server exit. FIX: ==== An appropriate error is now reported in such a case.
-
- 02 Dec, 2017 1 commit
-
-
Shishir Jaiswal authored
ROOT DESCRIPTION =========== If the .pid file is created at a world-writable location, it can be compromised by replacing the server's pid with another running server's (or some other non-mysql process) PID causing abnormal behaviour. ANALYSIS ======== In such a case, user should be warned that .pid file is being created at a world-writable location. FIX === A new function is_file_or_dir_world_writable() is defined and it is called in create_pid_file() before .pid file creation. If the location is world-writable, a relevant warning is thrown. NOTE ==== 1. PID file is always created with permission bit 0664, so for outside world its read-only. 2. Ignoring the case when permission is denied to get the dir stats since the .pid file creation would fail anyway in such a case.
-
- 27 Nov, 2017 3 commits
-
-
Karthik Kamath authored
MDL_CONTEXT::TRY_ACQUIRE_LOCK_IMPL ANALYSIS: ========= Server sometimes exited when multiple threads tried to acquire and release metadata locks simultaneously (for example, necessary to access a table). The same problem could have occurred when new objects were registered/ deregistered in Performance Schema. The problem was caused by a bug in LF_HASH - our lock free hash implementation which is used by metadata locking subsystem in 5.7 branch. In 5.5 and 5.6 we only use LF_HASH in Performance Schema Instrumentation implementation. So for these versions, the problem was limited to P_S. The problem was in my_lfind() function, which searches for the specific hash element by going through the elements list. During this search it loads information about element checked such as key pointer and hash value into local variables. Then it confirms that they are not corrupted by concurrent delete operation (which will set pointer to 0) by checking if element is still in the list. The latter check did not take into account that compiler (and processor) can reorder reads in such a way that load of key pointer will happen after it, making result of the check invalid. FIX: ==== This patch fixes the problem by ensuring that no such reordering can take place. This is achieved by using my_atomic_loadptr() which contains compiler and processor memory barriers for the check mentioned above and other similar places. The default (for non-Windows systems) implementation of my_atomic*() relies on old __sync intrisics and implements my_atomic_loadptr() as read-modify operation. To avoid scalability/performance penalty associated with addition of my_atomic_loadptr()'s we change the my_atomic*() to use newer __atomic intrisics when available. This new default implementation doesn't have such a drawback.
-
Balasubramanian Kandasamy authored
-
Balasubramanian Kandasamy authored
-
- 17 Nov, 2017 1 commit
-
-
Aditya A authored
PROBLEM ------- This warning message is printed when trx_sys->rseg_history_len is greater than some arbitrary magic number (2000000). By seeing the reproducing scenario where we keep a read view open and do a lot of transactions on table which increases the hitsory length it is entirely possible that trx_sys->rseg_history_len can exceed 2000000. So this is not a bug due to corruption of history length.The warning message was just added to test some scenario and not removed. FIX --- 1.Print this warning message only for debug versions. 2.Modified the warning message with more detailed information. 3.Don't crash even in debug versions. [#rb 17929 Reviewed by jimmy and satya]
-
- 16 Nov, 2017 1 commit
-
-
Sreeharsha Ramanavarapu authored
Issue: ------ VALUES doesn't have a type() function and is considered a Item_field. Solution for 5.7: ----------------- Add a new type() function for Item_values_insert. On 8.0 and trunk it was fixed by Mithun's Bug#19601973. Solution for 5.6: ----------------- Additionally Bug#17458914 is backported. This will address the problem of using VALUES() in INSERT ... ON DUPLICATE KEY UPDATE. Create a field object only if it is in the UPDATE clause, else return a NULL item. This will also address the problems mentioned in Bug#14789787 and Bug#16756402. Solution for 5.5: ----------------- As mentioned above Bug#17458914 is backported. Additionally Bug#14786324 is also backported. When VALUES() is detected outside its meaningful place, it should be treated as NULL and is thus replaced with a Field_null object, with the same name as the original field. Fields with type NULL are generally not handled well inside the server (e.g Innodb will not accept them and it is impossible to create them in regular tables). So create a new const NULL item instead.
-
- 13 Nov, 2017 1 commit
-
-
Balasubramanian Kandasamy authored
- Update the default plugin directory for debug builds
-
- 09 Nov, 2017 2 commits
-
-
Tor Didriksen authored
-
Tor Didriksen authored
Remove cmake code for signing executables. Automatic signing has always failed anyways. It should be done manually as part of the release process.
-
- 03 Nov, 2017 1 commit
-
-
Bjorn Munch authored
Removed relevant man pages from file lists for RPM and DEB RPM: added conditional removal of them, so it works both before and after man pages are actually removed DEB: added to exclude list (5.6+)
-
- 26 Oct, 2017 1 commit
-
-
Arun Kuruvila authored
NOT UPDATE FILE ON DISK Description:- When the server variable, "myisam_use_mmap" is enabled, MyISAM tables on windows are not updating the file on disk even when the server variable "flush" is set to 1. This is inturn making the table corrupted when encountering a power failure. Analysis:- When the server variable "myisam_use_mmap" is set, files of MyISAM tables will be memory mapped using the OS APIs mmap()/munmap()/msync() on Unix and CreateFileMapping() /UnmapViewOfFile()/FlushViewOfFile() on Windows. msync() and FlushViewOfFile() is responsible for flushing the changes made to the in-core copy of a file that was mapped into memory using mmap()/CreateFileMapping() back to the file system. FLUSH is determined by the OS unless explicitly called using msync()/FlushViewOfFile(). When the server variables "myisam_use_mmap" and "flush" are enabled, MyISAM is only flushing the files from file system cache to disc using "mysql_file_sync()" and not the memory mapped file from memory to FS cache using "my_msync()". ["my_msync()" inturn calls msync() on Unix and FlushViewOfFile() on Windows. Fix:- As part of the fix, if server variable "myisam_use_mmap" is enabled along with "flush", "my_msync()" is invoked to flush the data in memory to file system cache and followed by "mysql_file_sync()" which will flush the data from file system cache to disk.
-
- 23 Oct, 2017 1 commit
-
-
Karthik Kamath authored
UNEXPECTED ERROR ANALYSIS: ========= Creating many indexes with large amount of index information causes a server exit. FIX: ==== A appropriate error is reported when the cumulative index information length exceeds the 2 byte range (i.e 65535).
-
- 19 Oct, 2017 1 commit
-
-
Sreeharsha Ramanavarapu authored
AND PARAM IN ORDER BY Issue: ------ This issue can occur when the ORDER BY list refers to a column that contains a parameter in the select list. Solution: --------- In JOIN::update_depend_map and get_sort_by_table, the ORDER BY list's used_tables isn't checked for parameters. This can result in incorrect behavior. This is a partial backport of Roy's
-
- 16 Oct, 2017 1 commit
-
-
Nawaz Nazeer Ahamed authored
-
- 09 Oct, 2017 1 commit
-
-
Tor Didriksen authored
Building with ninja shows the problem: cmake .. -G Ninja ninja ninja: error: dependency cycle: sql/GenServerSource -> sql/CMakeFiles/GenServerSource -> sql/sql_builtin.cc -> cmake_order_depends_target_sq sql/GenServerSource Bug#16877045 5.6-CLUSTER-7.3 WIN32 SQL_YACC.CC BUILD PROBLEM - Somewhat circular dependency caused by the configured files sql_builtin.cc being included as part of the files to generate in sql/ - Move sql_builtin.cc out of GEN_SOURCES variable. - Create new variable CONF_SOURCES to be used for configured files.
-
- 13 Sep, 2017 3 commits
-
-
mysql-builder@oracle.com authored
No commit message
-
Anushree Prakash B authored
DESCRIPTION: =========== The bug is related to incorrect parsing of SQL queries when typed in on the CLI. The incorrect parsing can result in unexpected results. ANALYSIS: ======== The scenarios mainly happens for identifier names with a typical combination of backslashes and backticks. The incorrect parsing can either result in executing additional queries or can result in query truncation. This can impact mysqldump as well. FIX: === The fix makes sure that such identifier names are correctly parsed and a proper query is sent to the server for execution. (cherry picked from commit 31a372aa1c2b93dc75267d1f05a7f7fca6080dc0)
-
mysql-builder@oracle.com authored
No commit message
-
- 08 Sep, 2017 2 commits
-
-
Tor Didriksen authored
Reintroduce environment variable MYSQL_GROUP_SUFFIX to be used as --default-group-suffix value if not already set. The environment variable was accidentally renamed to DEFAULT_GROUP_SUFFIX_ENV in MySQL server 5.5.
-
Anushree Prakash B authored
DESCRIPTION: =========== The bug is related to incorrect parsing of SQL queries when typed in on the CLI. The incorrect parsing can result in unexpected results. ANALYSIS: ======== The scenarios mainly happens for identifier names with a typical combination of backslashes and backticks. The incorrect parsing can either result in executing additional queries or can result in query truncation. This can impact mysqldump as well. FIX: === The fix makes sure that such identifier names are correctly parsed and a proper query is sent to the server for execution.
-