Commit graph

1691 commits

Author SHA1 Message Date
Alexey Botchkov
67e480d269 merging fix 2008-08-26 13:32:43 +05:00
Davi Arnaut
56f1d32674 Bug#36579 Dumping information about locks in use may lead to a server crash
Dumping information about locks in use by sending a SIGHUP signal
to the server or by invoking the "mysqladmin debug" command may
lead to a server crash in debug builds or to undefined behavior in
production builds.

The problem was that a mutex that protects a lock object (THR_LOCK)
might have been destroyed before the lock object was actually removed
from the list of locks in use, causing a race condition with other
threads iterating over the list. The solution is to destroy the mutex
only after removing lock object from the list.
2008-08-25 10:18:52 -03:00
Alexey Botchkov
69657f972b Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
test_if_data_home_dir fixed to look into real path.
            Checks added to mi_open for symlinks into data home directory.

per-file messages:
        include/my_sys.h
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          my_is_symlink interface added
        include/myisam.h
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          myisam_test_invalid_symlink interface added
        myisam/mi_check.c
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          mi_open_datafile calls modified
        myisam/mi_open.c
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          code added to mi_open to check for symlinks into data home directory.
          mi_open_datafile now accepts 'original' file path to check if it's
          an allowed symlink.
        myisam/mi_static.c
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          myisam_test_invlaid_symlink defined
        myisam/myisamchk.c
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          mi_open_datafile call modified
        myisam/myisamdef.h
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          mi_open_datafile interface modified - 'real_path' parameter added
        mysql-test/r/symlink.test
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          error codes corrected as some patch now rejected pointing inside datahome
        mysql-test/r/symlink.result
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          error messages corrected in the result
        mysys/my_symlink.c
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          my_is_symlink() implementsd
          my_realpath() now returns the 'realpath' even if a file isn't a symlink
        sql/mysql_priv.h
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          test_if_data_home_dir interface
        sql/mysqld.cc
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
        sql/sql_parse.cc
          Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
          
          error messages corrected
          test_if_data_home_dir code fixed
2008-08-22 17:31:53 +05:00
Chad MILLER
747c3c2b2a Bug#30394: Empty HOME environment variable causes several utilities to crash
Tilde expansion could fail when it was to expand to an empty string (such as
when HOME is set to an empty string), especially on systems where size_t is
unsigned.
2008-08-18 13:06:27 -04:00
Marc Alff
e087c05d3d Merge mysql-5.0-bugteam -> local bugfix branch 2008-08-11 15:21:29 -06:00
Marc Alff
fd324dd3ff Bug#37302 (missing DBUG_RETURN macro in function "find_key_block" (5.0 only))
Fixed missing DBUG_RETURN in the function find_key_block
2008-08-11 15:08:12 -06:00
Marc Alff
394691cd90 Bug#38296 (low memory crash with many conditions in a query)
This fix is for 5.0 only : back porting the 6.0 patch manually

The parser code in sql/sql_yacc.yy needs to be more robust to out of
memory conditions, so that when parsing a query fails due to OOM,
the thread gracefully returns an error.

Before this fix, a new/alloc returning NULL could:
- cause a crash, if dereferencing the NULL pointer,
- produce a corrupted parsed tree, containing NULL nodes,
- alter the semantic of a query, by silently dropping token values or nodes

With this fix:
- C++ constructors are *not* executed with a NULL "this" pointer
when operator new fails.
This is achieved by declaring "operator new" with a "throw ()" clause,
so that a failed new gracefully returns NULL on OOM conditions.

- calls to new/alloc are tested for a NULL result,

- The thread diagnostic area is set to an error status when OOM occurs.
This ensures that a request failing in the server properly returns an
ER_OUT_OF_RESOURCES error to the client.

- OOM conditions cause the parser to stop immediately (MYSQL_YYABORT).
This prevents causing further crashes when using a partially built parsed
tree in further rules in the parser.

No test scripts are provided, since automating OOM failures is not
instrumented in the server.
Tested under the debugger, to verify that an error in alloc_root cause the
thread to returns gracefully all the way to the client application, with
an ER_OUT_OF_RESOURCES error.
2008-08-11 10:10:00 -06:00
Timothy Smith
72209ac093 Bug #38180 options are read from ~/my.cnf instead of ~/.my.cnf
Pull out some of unpack_dirname() into normalize_dirname(); this
new function does not expand "~" to the home directory.  Use this
function in unpack_dirname(), and use it during init_default_directories()
to remove duplicate entries without losing track of which directory
is a user's home dir.
2008-07-16 16:58:45 -06:00
Georgi Kodinov
28e02b178f fixed a compilation warning on windows 64. 2008-07-09 13:03:48 +03:00
Timothy Smith
bbdcf6ca21 Fix "C++ code in C file" syntax error in mysys/default.c 2008-07-02 16:37:29 +02:00
Timothy Smith
0632a93e08 Bug #20748: Configuration files should not be read more than once
Normalize directory names before adding them to default_directories.
2008-06-24 19:25:23 -06:00
Hakan Kuecuekyilmaz
d6700c7e5a Fix for Bug#16902. 2008-06-16 10:05:00 +02:00
gkodinov/kgeorge@magare.gmz
5eaa779436 revert the push of bug 35616. 2008-05-06 11:57:19 +03:00
tnurnberg@noir.wlan.koehntopp.de
7d36de2f65 Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size
We could allocate chunks larger than 4GB, but did our size-accounting in 32-bit
values. This could lead to spurious warnings, inaccurate accounting, and, in
theory, data loss.

Affected: 64-bit platforms. Debug-build (with safemalloc). At least one buffer
larger than 4GB. For potential data loss, a re-alloc on such a buffer would be
necessary.
2008-05-06 02:55:35 +02:00
iggy@amd64.(none)
997af9c136 Avoid compilation problem on AIX. 2008-04-28 13:41:12 -04:00
gkodinov/kgeorge@macbook.gmz
fd9993db87 fixed warnings from the fix of 26243 2008-03-29 17:50:46 +02:00
kaa@kaamos.(none)
bd53f960dd Fix for bug #31781: multi-table UPDATE with temp-pool enabled fails
with errno 17

my_create() did not perform any checks for the case when a file is
successfully created by a call to open(), but the call to
my_register_filename() later fails because the number of open files
has exceeded the my_open_files limit. This can happen on platforms 
which do not have getrlimit(), and hence we do not know the real limit
for open files. In such a case an error was returned to a caller
although the file has actually been created. Since callers assume
my_create() to return an error only when it failed to create a file,
they did not perform any cleanups, leaving an 'orphaned' file on the
file system.

Fixed by adding a check for the above case to my_create() and ensuring
the newly created file is deleted before returning an error.

Creating a deterministic test case in the test suite is impossible,
because the exact steps required to reproduce the above situation
depend on the platform and/or environment (OS per-user limits, queries
executed by previous tests, startup parameters). The patch was
manually tested on Windows using examples posted in the bug report.
2008-03-03 17:34:06 +03:00
tnurnberg@white.intern.koehntopp.de
f7aa719268 Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-5.0-opt
into  mysql.com:/misc/mysql/31752_/50-31752_
2007-12-17 09:45:36 +01:00
tnurnberg@mysql.com/white.intern.koehntopp.de
e131a41281 Merge mysql.com:/misc/mysql/31752_/41-31752_
into  mysql.com:/misc/mysql/31752_/50-31752_
2007-12-17 09:13:38 +01:00
gluh@eagle.(none)
e039595029 Merge mysql.com:/home/gluh/MySQL/Merge/5.0
into  mysql.com:/home/gluh/MySQL/Merge/5.0-opt
2007-12-13 14:52:49 +04:00
tnurnberg@mysql.com/white.intern.koehntopp.de
dddced964b Bug#31752: check strmake() bounds
post-fixes: prevent semi-related overflow, additional comments
2007-12-06 11:48:27 +01:00
tnurnberg@white.intern.koehntopp.de
987ec3f306 Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-5.0-opt
into  mysql.com:/misc/mysql/31177/50-31177
2007-12-06 08:46:01 +01:00
tnurnberg@mysql.com/white.intern.koehntopp.de
b1e77cfc31 Bug#31177: Server variables can't be set to their current values
additional fixes for BDB and correct assignment of both signed
and unsigned 64-bit data to unsigned system variables
2007-12-06 01:28:01 +01:00
tsmith@ramayana.hindu.god
10cab933b2 Merge tsmith@bk-internal.mysql.com:/home/bk/mysql-5.0
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/50
2007-12-04 20:58:21 -07:00
tnurnberg@mysql.com/white.intern.koehntopp.de
658f66e36e Bug#31177: Server variables can't be set to their current values
additional fixes for 64-bit
2007-12-03 10:01:56 +01:00
tnurnberg@white.intern.koehntopp.de
55d6d04df0 Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-5.0-opt
into  mysql.com:/misc/mysql/31177/50-31177
2007-12-02 01:48:43 +01:00
tnurnberg@mysql.com/white.intern.koehntopp.de
31d4e58ad4 Bug#31177: Server variables can't be set to their current values
Default values of variables were not subject to upper/lower bounds
and step, while setting variables was. Bounds and step are also
applied to defaults now; defaults are corrected quietly, values
given by the user are corrected, and a correction-warning is thrown
as needed. Lastly, very large values could wrap around, starting
from 0 again. They are bounded at the maximum value for the
respective data-type now if no lower maximum is specified in the
variable's definition.
2007-11-30 06:32:04 +01:00
tsmith@ramayana.hindu.god
de0d55edf4 Eliminate 'unused variable' warnings when compiling non-debug build 2007-11-16 14:56:37 -07:00
joerg@trift2.
86674bc412 Merge trift2.:/MySQL/M50/mysql-5.0
into  trift2.:/MySQL/M50/push-5.0
2007-11-14 15:26:38 +01:00
svoj@june.mysql.com
5e44309422 Merge mysql.com:/home/svoj/devel/mysql/BUG32111/mysql-4.1-engines
into  mysql.com:/home/svoj/devel/mysql/BUG32111/mysql-5.0-engines
2007-11-12 15:16:00 +04:00
svoj@mysql.com/june.mysql.com
a6def1f4ab Merge mysql.com:/home/svoj/devel/mysql/BUG32111/mysql-4.0
into  mysql.com:/home/svoj/devel/mysql/BUG32111/mysql-4.1-engines
2007-11-12 15:02:42 +04:00
tsmith@ramayana.hindu.god
faf9d4e922 Fix Windows build problems. 2007-11-09 18:27:20 -07:00
tsmith@ramayana.hindu.god
30b56973cb Merge ramayana.hindu.god:/home/tsmith/m/bk/build/50
into  ramayana.hindu.god:/home/tsmith/m/bk/build/b20748/50
2007-11-07 16:26:29 -07:00
tsmith@ramayana.hindu.god
ef59ca3d78 Bug #20748: Configuration files should not be read more than once
A user could not override system-wide settings in their ~/.my.cnf,
because the DEFAULT_SYSCONFDIR was being searched last.  Also, in
some configurations (especially when the --sysconfdir compile-time
option is set to /etc or /etc/mysql), the system-wide my.cnf file
was read multiple times, causing confusion and potential problems.

Rearrange default directories to conform to the manual and logic.
Move --sysconfdir=<path> (DEFAULT_SYSCONFDIR) from the last default
directory to the middle of the list.  $HOME/.my.cnf should be last,
so the user is able to override the system-wide settings.

Change init_default_directories() to remove duplicates from the
list.
2007-11-07 15:23:50 -07:00
svoj@mysql.com/june.mysql.com
d06e2f9223 BUG#32111 - Security Breach via DATA/INDEX DIRECORY and RENAME TABLE
RENAME TABLE against a table with DATA/INDEX DIRECTORY overwrites
the file to which the symlink points.

This is security issue, because it is possible to create a table with
some name in some non-system database and set DATA/INDEX DIRECTORY
to mysql system database. Renaming this table to one of mysql system
tables (e.g. user, host) would overwrite the system table.

Return an error when the file to which the symlink points exist.
2007-11-06 18:09:33 +04:00
kaa@polly.(none)
3494f691c1 Replaced 'return' with DBUG_RETURN() in the fix for bug #31566. 2007-10-25 08:19:57 +04:00
kaa@polly.(none)
2c9720c20e Merge polly.(none):/home/kaa/src/maint/bug31566/my50-bug31566
into  polly.(none):/home/kaa/src/maint/mysql-5.0-maint
2007-10-24 21:30:38 +04:00
kaa@polly.(none)
78aa659979 Fix for bug #31566: my_write(fd, 0x0, 0, flags) fails with EFAULT on
some platforms

Since the behavior of write(fd, buf, 0) is undefined, it may fail with
EFAULT on some architectures when buf == NULL. The error was propagated
up to a caller, since my_write() code did not handle it properly.

Fixed by checking the 'number of bytes' argument in my_write() and
returning before calling the write() system call when there is nothing
to write.
2007-10-24 21:16:20 +04:00
svoj@june.mysql.com
9f1d9beffa Merge mysql.com:/home/svoj/devel/mysql/BUG31159/mysql-4.1-engines
into  mysql.com:/home/svoj/devel/mysql/BUG31159/mysql-5.0-engines
2007-10-24 16:39:13 +05:00
svoj@mysql.com/june.mysql.com
5d1ccce58a BUG#31159 - fulltext search on ucs2 column crashes server
ucs2 doesn't provide required by fulltext ctype array. Crash
happens because fulltext attempts to use unitialized ctype
array.

Fixed by converting ucs2 fields to compatible utf8 analogue.
2007-10-24 16:09:30 +05:00
tsmith@ramayana.hindu.god
c54e1855dc Merge ramayana.hindu.god:/home/tsmith/m/bk/50
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/50
2007-10-22 14:31:41 -06:00
malff@lambda.hsd1.co.comcast.net.
6fa35a5d3b Merge lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-base
into  lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-rt-merge
2007-10-18 16:39:55 -06:00
kaa@polly.(none)
3af902ec47 Merge polly.(none):/home/kaa/src/maint/bug31207/my50-bug31174
into  polly.(none):/home/kaa/src/maint/mysql-5.0-maint
2007-10-18 13:47:35 +04:00
kaa@polly.(none)
6d1f3e8de5 Fix for bug #31207: Test "join_nested" shows different strategy on IA64
CPUs / Intel's ICC compile

The bug is a combination of two problems:

1. IA64/ICC MySQL binaries use glibc's qsort(), not the one in mysys.

2. The order relation implemented by join_tab_cmp() is not transitive,
i.e. it is possible to choose such a, b and c that (a < b) && (b < c)
but (c < a). This implies that result of a sort using the relation
implemented by join_tab_cmp() depends on the order in which
elements are compared, i.e. the result is implementation-specific. Since
choose_plan() uses qsort() to pre-sort the
join tables using join_tab_cmp() as a compare function, the results of
the sorting may vary depending on qsort() implementation.

It is neither possible nor important to implement a better ordering
algorithm in join_tab_cmp(). Therefore the only way to fix it is to
force our own qsort() to be used by renaming it to my_qsort(), so we don't depend
on linker to decide that.

This patch also "fixes" bug #20530: qsort redefinition violates the
standard.
2007-10-17 20:08:58 +04:00
tsmith@ramayana.hindu.god
070dc3ffb5 Merge ramayana.hindu.god:/home/tsmith/m/bk/50
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/50
2007-10-10 14:12:36 -06:00
kostja@bodhi.(none)
7ec30183bb Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  bodhi.(none):/opt/local/work/mysql-5.0-runtime
2007-10-08 02:05:55 +04:00
kaa@polly.(none)
bd885daa4f Merge polly.(none):/home/kaa/src/maint/bug5731/my50-bug5731
into  polly.(none):/home/kaa/src/maint/mysql-5.0-maint
2007-10-04 13:29:37 +04:00
kaa@polly.(none)
1ba3f4f56b Issue a warning if a user sets an option or a variable to a value that is greater than a defined maximum for the option/variable.
This is for bug #29446 "Specifying a myisam_sort_buffer > 4GB on 64 bit machines not possible". Support for myisam_sort_buffer_size > 4 GB on 64-bit Windows will be looked at later in 5.2.
2007-10-04 12:34:00 +04:00
msvensson@pilot.mysql.com
18c6118911 Bug#30992 Wrong implementation of pthread_mutex_trylock()
It's not possible to use WaitForSingleObject to wait
on a CRITICAL_SECTION, instead use the TryEnterCriticalSection function.
 - if "mutex" was already taken => return EBUSY
 - if "mutex" was aquired => return 0
2007-10-03 21:38:32 +02:00
msvensson@pilot.mysql.com
e4d7e21683 Bug#27597 mysqld-debug broken
- "on" -> "restore" to avoid warning in MSVC when compiling with debug
2007-10-02 20:44:37 +02:00