1. 15 Jul, 2009 1 commit
    • Anurag Shekhar's avatar
      Bug#37740 Server crashes on execute statement with full text search and · c77b836a
      Anurag Shekhar authored
                match against.
      
      
      Server crashes when executing prepared statement with duplicating
      MATCH() function calls in SELECT and ORDER BY expressions, e.g.:
      SELECT MATCH(a) AGAINST('test') FROM t1 ORDER BY MATCH(a) AGAINST('test')
      
      This query gets optimized by the server, so the value returned
      by MATCH() from the SELECT list is reused for ORDER BY purposes.
      To make this optimization server is comparing items from
      SELECT and ORDER BY lists. We were getting server crash because
      comparision function for MATCH() item is not intended to be called
      at this point of execution.
      
      In 5.0 and 5.1 this problem is workarounded by resetting MATCH()
      item to the state as it was during PREPARE.
      
      In 6.0 correct comparision function will be implemented and
      duplicating MATCH() items from the ORDER BY list will be
      optimized.
      
      mysql-test/r/fulltext.result:
        Updated with the test case for Bug#37740
      mysql-test/t/fulltext.test:
        A test case for Bug#37740.
      sql/item_func.h:
        True initialization of 'table' happens in ::fix_fields(). As
        Item_func_match::eq() may be called before ::fix_fields(), it is
        expected that 'table' is initialized to 0 when it is reused.
        
        This is mostly affecting prepared statements, when the same item
        doesn't get destroyed, but rather cleaned up and reused.
      c77b836a
  2. 14 Jul, 2009 1 commit
  3. 13 Jul, 2009 2 commits
    • Georgi Kodinov's avatar
      Bug #40113: Embedded SELECT inside UPDATE or DELETE can timeout · 410e1a72
      Georgi Kodinov authored
      without error
      
      When using quick access methods for searching rows in UPDATE or 
      DELETE there was no check if a fatal error was not already sent 
      to the client while evaluating the quick condition.
      As a result a false OK (following the error) was sent to the 
      client and the error was thus transformed into a warning.
      
      Fixed by checking for errors sent to the client during 
      SQL_SELECT::check_quick() and treating them as real errors.
      
      Fixed a wrong test case in group_min_max.test
      Fixed a wrong return code in mysql_update() and mysql_delete()
      
      mysql-test/r/bug40113.result:
        Bug #40013: test case
      mysql-test/r/group_min_max.result:
        Bug #40013: fixed a wrong test case
      mysql-test/t/bug40113-master.opt:
        Bug #40013: test case
      mysql-test/t/bug40113.test:
        Bug #40013: test case
      mysql-test/t/group_min_max.test:
        Bug #40013: fixed a wrong test case
      sql/sql_delete.cc:
        Bug #40113: check for errors evaluating the quick select
      sql/sql_update.cc:
        Bug #40113: check for errors evaluating the quick select
      410e1a72
    • Georgi Kodinov's avatar
  4. 10 Jul, 2009 4 commits
  5. 07 Jul, 2009 2 commits
  6. 06 Jul, 2009 7 commits
  7. 03 Jul, 2009 3 commits
  8. 02 Jul, 2009 1 commit
  9. 01 Jul, 2009 1 commit
    • Staale Smedseng's avatar
      Bug #45790 Potential DoS vector: Writing of user input to log · 3cd431d5
      Staale Smedseng authored
      without proper formatting
            
      The problem is that a suitably crafted database identifier
      supplied to COM_CREATE_DB or COM_DROP_DB can cause a SIGSEGV,
      and thereby a denial of service. The database name is printed
      to the log without using a format string, so potential
      attackers can control the behavior of my_b_vprintf() by
      supplying their own format string. A CREATE or DROP privilege
      would be required.
            
      This patch supplies a format string to the printing of the
      database name. A test case is added to mysql_client_test.
      
      
      sql/sql_parse.cc:
        Added format strings.
      tests/mysql_client_test.c:
        Added new test case.
      3cd431d5
  10. 29 Jun, 2009 2 commits
  11. 26 Jun, 2009 1 commit
  12. 25 Jun, 2009 2 commits
    • Satya B's avatar
      Applying InnoDB snashot 5.0-ss5406, part 2. Fixes BUG#40565 · faaa9e08
      Satya B authored
      BUG#40565 - Update Query Results in "1 Row Affected" But Should Be "Zero Rows"
      
      Detailed revision comments:
      
      r5232 | marko | 2009-06-03 14:31:04 +0300 (Wed, 03 Jun 2009) | 21 lines
      branches/5.0: Merge r3590 from branches/5.1 in order to fix Bug #40565
      (Update Query Results in "1 Row Affected" But Should Be "Zero Rows").
      
      Also, add a test case for Bug #40565.
      
      rb://128 approved by Heikki Tuuri
        ------------------------------------------------------------------------
        r3590 | marko | 2008-12-18 15:33:36 +0200 (Thu, 18 Dec 2008) | 11 lines
      
        branches/5.1: When converting a record to MySQL format, copy the default
        column values for columns that are SQL NULL.  This addresses failures in
        row-based replication (Bug #39648).
      
        row_prebuilt_t: Add default_rec, for the default values of the columns in
        MySQL format.
      
        row_sel_store_mysql_rec(): Use prebuilt->default_rec instead of
        padding columns.
      
        rb://64 approved by Heikki Tuuri
        ------------------------------------------------------------------------
      faaa9e08
    • Satya B's avatar
      Applying InnoDB snashot 5.0-ss5406, part 1. Fixes BUG#38479 · 0158cafa
      Satya B authored
      BUG#38479 - valgrind warnings in show table status for innodb tables
      
      Detailed revision comments:
      
      r5080 | vasil | 2009-05-22 14:45:34 +0300 (Fri, 22 May 2009) | 6 lines
      branches/5.0:
      
      Fix Bug#38479 valgrind warnings in show table status for innodb tables
      
      by initializing prebuilt->hint_need_to_fetch_extra_cols.
      
      0158cafa
  13. 22 Jun, 2009 1 commit
  14. 19 Jun, 2009 6 commits
    • Matthias Leich's avatar
      99392b75
    • Matthias Leich's avatar
    • Matthias Leich's avatar
      Fix for Bug#40545, Bug#40209, Bug#40618, Bug#38346 · 59730d8f
      Matthias Leich authored
        Details:
        - Limit the queries to character sets and collations
          which are most probably available in all build types.
          But try to preserve the intention of the tests.
        - Remove the variants adjusted to some build types.
      
        Note:
        1. The results of the review by Bar are included.
        2. I am not able to check the correctness of this patch
           on any existing build type and any MySQL version.
           So it could happen that the new test fails somewhere.
      59730d8f
    • Georgi Kodinov's avatar
      Bug #36654: mysqld_multi cannot start instances with different versions · 014e2891
      Georgi Kodinov authored
      occasionally.
      
      mysql_multi can call mysqld_safe. In doing this it's not changing the 
      current working directory. This may cause confusion in the case where 
      mysqld_multi is handling instances of servers of different versions 
      and the current working directory is the installation directory of one 
      of these servers.
      
      Fixed by enhancing the meaning of basedir in [mysqldN] sections of 
      mysqld_multi. If specified, mysqld_multi will change the current 
      working directory to the basedir directory before starting the server 
      in mysqld_multi ... start ... and then change it back to what it was.
      
      scripts/mysqld_multi.sh:
        Bug #36654: optionally preserve, change and restore the cwd when 
        starting server instances
      014e2891
    • V Narayanan's avatar
      Bug#43572 Handle failures from hash_init · 336c8106
      V Narayanan authored
            
      Failure to allocate memory for the hash->array element,
      caused hash_init to return without initializing the other
      members of the hash. Thus although the dynamic array
      buffer may be allocated at a later point in the code, the
      incompletely initialized hash caused fatal failures.
      
      This patch moves the initialization of the other members
      of the hash above the array allocation, so that the usage
      of this hash will not result in fatal failures.
      
      include/hash.h:
        Bug#43572 Handle failures from hash_init
        
        hash_inited is used to verify that the hash is
        valid. After the change induced by the current
        patch hash->array.buffer !=0 is not a valid check
        for this condition, since, the dynamic array can
        be allocated even at a later time. Bootstrap SQL
        script is setting some variables, which are
        actually not set due to this hash_inited issue.
        Thus we get empty grant tables.
        
        A better way to check if the hash is valid is
        to verify that hash->blength is greater than 0.
      mysys/hash.c:
        Bug#43572 Handle failures from hash_init
        
        Move the initialization of the other members
        of the hash above the array allocation, so that
        the usage of this hash will not result in fatal
        failures.
      336c8106
    • Staale Smedseng's avatar
      Bug #32223 SETting max_allowed_packet variable · 37d2019d
      Staale Smedseng authored
            
      Inconsistent behavior of session variable max_allowed_packet 
      (and net_buffer_length); only assignment to the global variable 
      has any effect, without this being obvious to the user.
            
      The patch for Bug#22891 is backported to 5.0, making the two
      session variables read-only. As this is a backport to GA 
      software, the error used when trying to assign to the read-
      only variable is ER_UNKNOWN_ERROR. The error message is the 
      same as in 5.1+.
      
      mysql-test/t/variables.test:
        Tests are changed to account for the new semantics, and assignment to the read-only variables is added to test 
        the emission of the correct error message.
      sql/set_var.cc:
        Both max_allowed_packet and net_buffer_length are changed 
        to be of type sys_var_thd_ulong_session_readonly. ER_UNKNOWN_ERROR is used to indicate an attempt to assign 
        to an instance of a read-only variable.
      sql/set_var.h:
        Class sys_var_thd_ulong_session_readonly is added.
      37d2019d
  15. 18 Jun, 2009 2 commits
    • Alfranio Correia's avatar
    • Alexey Kopytov's avatar
      Bug #41710: MySQL 5.1.30 crashes on the latest OpenSolaris 10 · e544285d
      Alexey Kopytov authored
       
      Change the default optimization level for Sun Studio to "-O1". 
      This is a workaround for a Sun Studio bug (see bug #41710 
      comments for details): 
       
      1. Use $GCC instead of $ac_cv_prog_gcc to check for gcc, since 
      the first one is the only documented way to do it. 
       
      2. Use $GXX instead of $ac_cv_prog_cxx_g to check for g++, 
      since the latter is set to "yes" when the C++ compiler accepts 
      "-g" which is the case for both g++ and CC. 
       
      3. When building with Sun Studio, set the default values for 
      CFLAGS/CXXFLAGS to "-O1", since unlike GCC, Sun Studio 
      interprets "-O" as "-xO3" (see the manual pages for cc and CC). 
      
      configure.in:
        1. Use $GCC instead of $ac_cv_prog_gcc to check for gcc, since 
        the first one is the only documented way to do it. 
         
        2. Use $GXX instead of $ac_cv_prog_cxx_g to check for g++, 
        since the latter is set to "yes" when the C++ compiler accepts 
        "-g" which is the case for both g++ and CC. 
         
        3. When building with Sun Studio, set the default values for 
        CFLAGS/CXXFLAGS to "-O1", since unlike GCC, Sun Studio 
        interprets "-O" as "-xO3" (see the manual pages for cc and CC).
      e544285d
  16. 17 Jun, 2009 4 commits