1. 03 May, 2010 1 commit
    • Kristofer Pettersson's avatar
      Bug#50373 --secure-file-priv="" · bf1887fa
      Kristofer Pettersson authored
      Iterative patch improvement. Previously committed patch
      caused wrong result on Windows. The previous patch also
      broke secure_file_priv for symlinks since not all file
      paths which must be compared against this variable are
      normalized using the same norm.
      
      The server variable opt_secure_file_priv wasn't
      normalized properly and caused the operations
      LOAD DATA INFILE .. INTO TABLE ..
      and
      SELECT load_file(..)
      to do different interpretations of the 
      --secure-file-priv option.
           
      The patch moves code to the server initialization
      routines so that the path always is normalized
      once and only once.
            
      It was also intended that setting the option
      to an empty string should be equal to 
      lifting all previously set restrictions. This
      is also fixed by this patch.
      
      
      mysql-test/r/loaddata.result:
        * Removed test code which will currently break the much used --mem feature of mtr.
      mysql-test/t/loaddata.test:
        * Removed test code which will currently break the much used --mem feature of mtr.
      sql/item_strfunc.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      sql/mysql_priv.h:
        * Added signature for is_secure_file_path()
      sql/mysqld.cc:
        * New function for checking if a path compatible with the secure path restriction.
        * Added initialization of the opt_secure_file_priv variable.
      sql/sql_class.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      sql/sql_load.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      bf1887fa
  2. 30 Apr, 2010 2 commits
    • Alexey Kopytov's avatar
      Automerge. · 9dca1273
      Alexey Kopytov authored
      9dca1273
    • Alexey Kopytov's avatar
      Bug #48419: another explain crash.. · e65751ef
      Alexey Kopytov authored
      WHERE predicates containing references to empty tables in a
      subquery were handled incorrectly by the optimizer when
      executing EXPLAIN. As a result, the optimizer could try to
      evaluate such predicates rather than just stop with
      "Impossible WHERE noticed after reading const tables" as 
      it would do in a non-subquery case. This led to valgrind 
      errors and crashes.
      
      Fixed the code checking the above condition so that subqueries
      are not excluded and hence are handled in the same way as top
      level SELECTs.
      
      mysql-test/r/explain.result:
        Added a test case for bug #48419.
      mysql-test/r/ps.result:
        Updated test results to take the new (and more correct)
        "Extra" comments in execution plans.
      mysql-test/t/explain.test:
        Added a test case for bug #48419.
      sql/sql_select.cc:
        There is no point in excluding subqueries from checking
        for identically false WHERE conditions.
      e65751ef
  3. 29 Apr, 2010 3 commits
    • Davi Arnaut's avatar
      Manual merge. · be053c4b
      Davi Arnaut authored
      be053c4b
    • Davi Arnaut's avatar
      Bug#50974: Server keeps receiving big (> max_allowed_packet) packets indefinitely. · 4f02e2f3
      Davi Arnaut authored
      The server could be tricked to read packets indefinitely if it
      received a packet larger than the maximum size of one packet.
      This problem is aggravated by the fact that it can be triggered
      before authentication.
      
      The solution is to no skip big packets for non-authenticated
      sessions. If a big packet is sent before a session is authen-
      ticated, a error is returned and the connection is closed.
      
      include/mysql_com.h:
        Add skip flag. Only used in server builds.
      sql/net_serv.cc:
        Control whether big packets can be skipped.
      4f02e2f3
    • Ramil Kalimullin's avatar
      Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing · 5273a6b9
      Ramil Kalimullin authored
      Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only
      SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not
      checked for sanity. By sending long data for the table a buffer is overflown, which can
      be used deliberately to include code that harms".
      
      Fix: check incoming data length.
      
      
      sql/sql_parse.cc:
        Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing
          - check incoming mysql_list_fields() table name arg length.
      5273a6b9
  4. 26 Apr, 2010 1 commit
    • Alexey Kopytov's avatar
      Backport of the fix for bug #50335 to 5.0. · e961768d
      Alexey Kopytov authored
      The problem was in an incorrect debug assertion. The expression
      used in the failing assertion states that when finding
      references matching ORDER BY expressions, there can be only one
      reference to a single table. But that does not make any sense,
      all test cases for this bug are valid examples with multiple
      identical WHERE expressions referencing the same table which
      are also present in the ORDER BY list.
      
      Fixed by removing the failing assertion. We also have to take
      care of the 'found' counter so that we count multiple
      references only once. We rely on this fact later in
      eq_ref_table().
      
      mysql-test/r/join.result:
        Added a test case for bug #50335.
      mysql-test/t/join.test:
        Added a test case for bug #50335.
      sql/sql_select.cc:
        Removing the assertion in eq_ref_table() as it does not make
        any sense. We also have to take care of the 'found' counter so
        that we count multiple references only once. We rely on this
        fact later in eq_ref_table().
      e961768d
  5. 06 Apr, 2010 2 commits
  6. 01 Apr, 2010 1 commit
    • Davi Arnaut's avatar
      Bug#50755: Crash if stored routine def contains version comments · 8c2153a1
      Davi Arnaut authored
      The problem was that a syntactically invalid trigger could cause
      the server to crash when trying to list triggers. The crash would
      happen due to a mishap in the backup/restore procedure that should
      protect parser items which are not associated with the trigger. The
      backup/restore is used to isolate the parse tree (and context) of
      a statement from the load (and parsing) of a trigger. In this case,
      a error during the parsing of a trigger could cause the improper
      backup/restore sequence.
      
      The solution is to properly restore the original statement context
      before the parser is exited due to syntax errors in the trigger body.
      
      mysql-test/r/trigger.result:
        Add test case result for Bug#50755
      mysql-test/t/trigger.test:
        Add test case for Bug#50755
      sql/sp_head.cc:
        Merge sp_head::destroy() and sp_head destructor. Retrieve THD
        from the LEX so that m_thd is not necessary.
      sql/sql_lex.cc:
        Explicitly restore the original environment.
      8c2153a1
  7. 29 Apr, 2010 1 commit
  8. 28 Apr, 2010 1 commit
    • Georgi Kodinov's avatar
      Bug #47453: InnoDB incorrectly changes TIMESTAMP columns when JOINed · 1e561e97
      Georgi Kodinov authored
      during an UPDATE
      
      Extended the fix for bug 29310 to multi-table update:
      
      When a table is being updated it has two set of fields - fields required for
      checks of conditions and fields to be updated. A storage engine is allowed
      not to retrieve columns marked for update. Due to this fact records can't
      be compared to see whether the data has been changed or not. This makes the
      server always update records independently of data change.
        
      Now when an auto-updatable timestamp field is present and server sees that
      a table handle isn't going to retrieve write-only fields then all of such
      fields are marked as to be read to force the handler to retrieve them.
      1e561e97
  9. 27 Apr, 2010 1 commit
  10. 26 Apr, 2010 2 commits
  11. 25 Apr, 2010 1 commit
    • Ramil Kalimullin's avatar
      Fix for bug#50946: fast index creation still seems to copy the table · d5928827
      Ramil Kalimullin authored
      Problem: ALTER TABLE ADD INDEX may lead to table copying if there's
      numeric field(s) with non-default display width modificator specified.
      
      Fix: compare numeric field's storage lenghts when we decide whether 
      they can be considered 'equal' for table alteration purposes.
      
      
      mysql-test/r/error_simulation.result:
        Fix for bug#50946: fast index creation still seems to copy the table
          - test result.
      mysql-test/t/error_simulation.test:
        Fix for bug#50946: fast index creation still seems to copy the table
          - test case.
      sql/field.cc:
        Fix for bug#50946: fast index creation still seems to copy the table
          - check numeric field's pack lengths instead of it's display lenghts
        comparing fields equality for table alteration purposes.
      sql/sql_table.cc:
        Fix for bug#50946: fast index creation still seems to copy the table
          - check compare_tables() result for testing purposes.
      d5928827
  12. 22 Apr, 2010 1 commit
    • Staale Smedseng's avatar
      Bug#46261 Plugins can be installed with --skip-grant-tables · 5a071379
      Staale Smedseng authored
      Previously installed dynamic plugins are explicitly not loaded
      on startup with --skip-grant-tables enabled. However, INSTALL
      PLUGIN/UNINSTALL PLUGIN commands are allowed, and result in
      inconsistent error messages (reporting duplicate plugin or
      plugin does not exist).
      
      This patch adds a check for --skip-grant-tables mode, and
      returns error ER_OPTION_PREVENTS_STATEMENT to the user when
      the above commands are attempted.
      5a071379
  13. 20 Apr, 2010 2 commits
    • Kristofer Pettersson's avatar
      automerge · 2f0733f6
      Kristofer Pettersson authored
      2f0733f6
    • Kristofer Pettersson's avatar
      Bug#50373 --secure-file-priv="" · d70f897e
      Kristofer Pettersson authored
      Correcting a patch misstake. The converted file path is placed in 'buff' not in opt_secure_file_priv.
      
      mysql-test/r/loaddata.result:
        * Updated test case; Since secure_file_priv now is normalized the previous values are changed.
      sql/mysqld.cc:
        * Fixed patch misstake
      d70f897e
  14. 19 Apr, 2010 1 commit
  15. 16 Apr, 2010 6 commits
    • Kristofer Pettersson's avatar
      Automerge · ea9b3b9d
      Kristofer Pettersson authored
      ea9b3b9d
    • Kristofer Pettersson's avatar
      Bug#50373 --secure-file-priv="" · 2fdbb288
      Kristofer Pettersson authored
      The server variable opt_secure_file_priv wasn't
      normalized properly and caused the operations
      LOAD DATA INFILE .. INTO TABLE ..
      and
      SELECT load_file(..)
      to do different interpretations of the 
      --secure-file-priv option.
      
      The patch moves code to the server initialization
      routines so that the path always is normalized
      once and only once.
      
      It was also intended that setting the option
      to an empty string should be equal to 
      lifting all previously set restrictions. This
      is also fixed by this patch.
      
      
      sql/mysqld.cc:
        * If --secure_file_option is an empty string then the option variable
          should be unset.
        * opt_secure_file_option should be normalized once when the server starts.
      sql/sql_load.cc:
        * moved variable normalization code to fix_paths()
      2fdbb288
    • Staale Smedseng's avatar
      Bug#51591 deadlock in the plugins+status+variables · 5b8817f1
      Staale Smedseng authored
            
      Potential deadlock situation involving LOCK_plugin,
      LOCK_global_system_variables and LOCK_status.
            
      This patch backports the fix from next-mr, unlocking
      LOCK_plugin before calling plugin->init() and
      add_status_vars().
      5b8817f1
    • Sergey Glukhov's avatar
      Bug#52124 memory leaks like a sieve in datetime, timestamp, time, date fields + warnings · fb34af77
      Sergey Glukhov authored
      Arg_comparator initializes 'comparators' array in case of
      ROW comparison and does not free this array on destruction.
      It leads to memory leaks.
      The fix:
      -added Arg_comparator::cleanup() method which frees
       'comparators' array.
      -added Item_bool_func2::cleanup() method which calls 
       Arg_comparator::cleanup() method
      
      
      mysql-test/r/ps.result:
        test case
      mysql-test/r/row.result:
        test case
      mysql-test/t/ps.test:
        test case
      mysql-test/t/row.test:
        test case
      sql/item_cmpfunc.h:
        -added Arg_comparator::cleanup() method which frees
         'comparators' array.
        -added Item_bool_func2::cleanup() method which calls 
         Arg_comparator::cleanup() method
      fb34af77
    • Georgi Kodinov's avatar
      Bug #52629: memory leak from sys_var_thd_dbug in binlog.binlog_write_error · 5885c534
      Georgi Kodinov authored
      When re-setting (SET GLOBAL debug='') the GLOBAL debug settings the 
      server was not freeing the data elements from the top (initial) frame 
      before setting them to 0 without freeing the underlying memory. As these 
      are global settings there's a chance that something is there already.
      Fixed by :
      1. making sure the allocated data are cleaned up before re-setting them
      while parsing a debug string
      2. making sure the stuff allocated in the global settings is freed on 
      shutdown.
      5885c534
    • Luis Soares's avatar
      011ba709
  16. 15 Apr, 2010 1 commit
  17. 14 Apr, 2010 2 commits
    • Sergey Vojtovich's avatar
      Merge fix for BUG39053 to 5.1-bugteam. · 44a6cfe1
      Sergey Vojtovich authored
      44a6cfe1
    • Sergey Vojtovich's avatar
      BUG#39053 - UNISTALL PLUGIN does not allow the storage engine · fe38084f
      Sergey Vojtovich authored
                  to cleanup open connections
      
      It was possible to UNINSTALL storage engine plugin when binding
      between THD object and storage engine is still active (e.g. in
      the middle of transaction).
      
      To avoid unclean deactivation (uninstall) of storage engine plugin
      in the middle of transaction, additional storage engine plugin
      lock is acquired by thd_set_ha_data().
      
      If ha_data is not null and storage engine plugin was not locked
      by thd_set_ha_data() in this connection before, storage engine
      plugin gets locked.
      
      If ha_data is null and storage engine plugin was locked by
      thd_set_ha_data() in this connection before, storage engine
      plugin lock gets released.
      
      If handlerton::close_connection() didn't reset ha_data, server does
      it immediately after calling handlerton::close_connection().
      
      Note that this is just a framework fix, storage engines must switch
      to thd_set_ha_data() from thd_ha_data() if they want to see fit.
      
      include/mysql/plugin.h:
        As thd_{get|set}_ha_data() have some extra logic now, they
        must be implemented on server side.
      include/mysql/plugin.h.pp:
        As thd_{get|set}_ha_data() have some extra logic now, they
        must be implemented on server side.
      sql/handler.cc:
        Make sure ha_data is reset and ha_data lock is released.
      sql/handler.h:
        hton is not supposed to be updated by ha_lock_engine(),
        make it const.
      sql/sql_class.cc:
        As thd_{get|set}_ha_data() have some extra logic now, they
        must be implemented on server side.
      sql/sql_class.h:
        Added ha_data lock.
      fe38084f
  18. 12 Apr, 2010 2 commits
  19. 09 Apr, 2010 2 commits
    • Davi Arnaut's avatar
      Backport revision alik@sun.com-20100223131824-comthndat57kx8s5: · 11ca63fc
      Davi Arnaut authored
      Add ignore pattern for valgrind messages.
      11ca63fc
    • Georgi Kodinov's avatar
      Bug #47095: Can't open_files_limit really be larger than 65535? · 29315b68
      Georgi Kodinov authored
      Several problems addressed:
      
      1. The maximum value for --open_files_limit on non-windows boxes
      is now raised to UINT_MAX (the maximum possible without significant
      changes in the code). The maximum value on windows is kept to be
      2048 due to a known limitation (bug 24509).
      
      2. mysqld_safe now supports --open_files_limit=xx in addition to 
      --open-files-limit=xx
      
      3. mysqld_safe always passes through --open[_-]files[_-]limit
      to the underlying mysqld. It used to pass it through only if it 
      the user running the script has access to the root directory or
      there was an --user argument specified.
      
      4. Fixed a prototype in my_file.c to match its counterpart in 
      the other #ifdef branch.
      29315b68
  20. 07 Apr, 2010 1 commit
  21. 06 Apr, 2010 5 commits
  22. 05 Apr, 2010 1 commit
    • Sergey Glukhov's avatar
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355 · 57659df5
      Sergey Glukhov authored
      The problem is that we can not use make_cond_for_table().
      This function relies on used_tables() condition
      which is not set properly for subqueries.
      As result subquery is not filtered out.
      The fix is to use remove_eq_conds() function instead
      of make_cond_for_table() func. 'remove_eq_conds()'
      algorithm relies on const_item() value and it allows
      to handle subqueries in right way.
      
      
      mysql-test/r/having.result:
        test case
      mysql-test/t/having.test:
        test case
      sql/sql_select.cc:
        The fix is to use remove_eq_conds() function instead
        of make_cond_for_table() function.
      57659df5