Bug#17667: An attacker has the opportunity to bypass query logging.
This adds a new, local-only printf format specifier to our *printf functions
that allows us to print known-size buffers that must not be interpreted as
NUL-terminated "strings."
It uses this format-specifier to print to the log, thus fixing this
problem.
Updating data in HEAP table with BTREE index results in wrong index_length
counter value, which keeps growing after each update.
When inserting new record into tree counter is incremented by:
sizeof(TREE_ELEMENT) + key_size + tree->size_of_element
But when deleting element from tree it doesn't decrement counter by key_size:
sizeof(TREE_ELEMENT) + tree->size_of_element
This fix makes accurate allocated memory counter for tree. That is
decrease counter by key_size when deleting tree element.
The bug caused a reported index corruption in the cases when
key_cache_block_size was not a multiple of myisam_block_size,
e.g. when key_cache_block_size=1536 while myisam_block_size=1024.
- Improved solution by adding an else stetment so that do find next is avoided if erorr occurs, but we still return zero files found instaed of an error
- Grab the path from "configure --sysconfdir=<path>" and set it as
the first place to look for my.cnf files
Do this both in Makefiles for libmysql and mysys
- Patch provided by Francesco Riosa. Thank you!
A wrong cast led to numeric overflow for data files
greater than 4GB. The parallel repair assumed end of
file after reading the amount of data that the file
was bigger than 4GB. It truncated the data file and
noted the number of records it found so far in the
index file header as the number of rows in the table.
Removing the cast fixed the problem.
I added some cosmetic changes too.
The normal repair worked because it uses a different
function to read from the data file.
when high concurrency": remove HASH::current_record and make it
an external search parameter, so that it can not be the cause of a
race condition under high concurrent load.
The bug was in a race condition in table_hash_search,
when column_priv_hash.current_record was overwritten simultaneously
by multiple threads, causing the search for a suitable grant record
to fail.
No test case as the bug is repeatable only under concurrent load.
several times, it was causing corruption of charset data stored in once_mem_pool.
my_end() deallocated once_mem pool, but did not put a flag that charsets have
to be reloaded. The fix addresses this problem.
several times, it was causing corruption of charset data stored in once_mem_pool.
my_end() deallocated once_mem pool, but did not put a flag that charsets have
to be reloaded. The fix addresses this problem.
my_sopen() on win32 which allows to use FILE_SHARE_DELETE flag to
allow deleting opened files. my_sopen() implementation is added to
support this functionality.
1. Made sure that base64 string is terminated with NUL.
2. Made calculation of needed size for base64 string exact.
Added checks in test for the above two fixes.
