error evaluating WHERE"
DELETE with a subquery in WHERE clause would sometimes ignore subquery
evaluation error and proceed with deletion.
The fix is to check for an error after evaluation of the WHERE clause
in DELETE.
Addressed review comments.
If a stored function that contains a drop temporary table statement
is invoked by a create temporary table of the same name may cause
a server crash. The problem is that when dropping a table no check
is done to ensure that table is not being used by some outer query
(or outer statement), potentially leaving the outer query with a
reference to a stale (freed) table.
The solution is when dropping a temporary table, always check if
the table is being used by some outer statement as a temporary
table can be dropped inside stored procedures.
The check is performed by looking at the TABLE::query_id value for
temporary tables. To simplify this check and to solve a bug related
to handling of temporary tables in prelocked mode, this patch changes
the way in which this member is used to track the fact that table is
used/unused. Now we ensure that TABLE::query_id is zero for unused
temporary tables (which means that all temporary tables which were
used by a statement should be marked as free for reuse after it's
execution has been completed).
"ALTER SERVER can cause server to crash"
While retrieving values, it would erronously set the socket value
to NULL and attempt to use it in strcmp().
Ensure it is correctly set to "" so that strcmp may not crash.
The mysql_change_user command fails to properly update the database pointer
when no database is selected, leading to "use after free" errors. The same
happens on the user privilege pointer in the thread security context.
The solution is to properly reset and update the database name. Also update
the user_priv pointer so that it doesn't point to freed memory.
The HAVING clause is subject to the same rules as the SELECT list
about using aggregated and non-aggregated columns.
But this was not enforced when processing implicit grouping from
using aggregate functions.
Fixed by performing the same checks for HAVING as for SELECT.
fulltext index
Having a table with broken multibyte characters may cause fulltext
parser dead-loop.
Since normally it is not possible to insert broken multibyte sequence
into a table, this problem may arise only if table is damaged.
Affected statements are:
- CHECK/REPAIR against damaged table with fulltext index;
- boolean mode phrase search against damaged table with or
without fulltext inex;
- boolean mode searches without index;
- nlq searches.
No test case for this fix. Affects 5.0 only.
during udf initialization. The bug is spotted while working on Bug 12713.
If a user-defined function was used in a SELECT statement, and an
error would occur during UDF initialization, this error would not terminate
execution of the SELECT, but rather would be converted to a warning.
The fix is to use a stack buffer to store the message from udf_init instead
of private my_error() buffer.
check_user()/check_connection()/check_for_max_user_connections().
This is a pre-requisite patch for the fix for Bug#12713 "Error in a stored
function called from a SELECT doesn't cause ROLLBACK of statem"
Implement review comments.
