TOCTOU bug. The path is checked to be valid, symlinks are resolved.
Then the resolved path is opened. Between the check and the open,
there's a window when one can replace some path component with a
symlink, bypassing validity checks.
Fix: after we resolved all symlinks in the path, don't allow open()
to resolve symlinks, there should be none.
Compared to the old MyISAM/Aria code:
* fastpath. Opening of not-symlinked files is just one open(),
no fn_format() and lstat() anymore.
* opening of symlinked tables doesn't do fn_format() and lstat() either.
it also doesn't to realpath() (which was lstat-ing every path
component), instead if opens every path component with O_PATH.
* share->data_file_name stores realpath(path) not readlink(path). So,
SHOW CREATE TABLE needs to do lstat/readlink() now (see ::info()),
and certain error messages (cannot open file "XXX") show the real
file path with all symlinks resolved.
my_thread_global_init() + my_thrad_global_end() repeatadily.
This caused THR_KEY_mysys to be allocated multiple times.
Deletion of THR_KEY_mysys was originally in my_thread_global_end() but was
moved to my_end() as DBUG uses THR_KEY_mysys and DBUG is released after
my_thread_global_end() is called.
Releasing DBUG before my_thread_global_end() and move THR_KEY_mysys back
into my_thread_global_end() could be a solution, but as safe_mutex and other
things called by my_thread_global_end is using DBUG it may not be completely
safe.
To solve this, I used the simple solution to add a marker that THR_KEY_mysys
is created and not re-create it in my_thread_global_init if it already
exists.
it was supposed to be used in command-line tools only.
Different fix for 4e5473862e:
Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE
file_logger became the service.
Data like query_id now are sent to the audit plugin.
Fix for MDEV-4770 ported from 10.0.
Fix added for the read_maria_plugin_info().
Log rotation can be disabled with 'set rotations=0'.
See also MySQL Bug #39750 and similar ones.
Fix my_delete() on Windows, to safely remvoe files on Windows, including files that are opened by another threads in the same process, antiviruses and backup applications. If file to be deleted is also opened by another thread, the file is renamed to unique name prior to deletion - this makes it possible to create file with the same name right after deletion.
With this patch my_delete_allow_opened() becomes obsolete and is replaced with my_delete().
This patch is rework of the patch http://lists.mysql.com/commits/59327 for MySQL bug#39750.
Problem:If Disk becomes full while writing into the binlog,
then the server instance hangs till someone frees the space.
After user frees up the disk space, mysql server crashes
with an assert (m_status != DA_EMPTY)
Analysis: wait_for_free_space is being called in an
infinite loop i.e., server instance will hang until
someone frees up the space. So there is no need to
set status bit in diagnostic area.
Fix: Replace my_error/my_printf_error with
sql_print_warning() which prints the warning in error log.
include/my_sys.h:
Provision to call sql_print_warning from mysys files
mysys/errors.c:
Replace my_error/my_printf_error with
sql_print_warning() which prints the warning in error log.
mysys/my_error.c:
implementation of my_printf_warning
mysys/my_write.c:
Adding logic to break infinite loop in the simulation
sql/mysqld.cc:
Provision to call sql_print_warning from mysys files
File names with colon are being disallowed because of the Alternate Data
Stream (ADS) feature of NTFS that could be misused. ADS allows data to be
written to alternate streams of a normal file. The data in alternate
streams cannot be seen by normal tools on Windows (explorer, cmd.exe). As
a result someone can use this feature to hide large amount of data in
alternate streams and admins will have no easy way of figuring out the
files that are using that disk space. The fix also disallows ADS in the
scenarios where file name is passed as some dynamic variable.
An important thing about the fix is that it DOES NOT disallow ADS file
names if they are not dynamic (i.e. if the file is created by using some
option that needs local access to the MySQL server, for example error log
file). The reasoning is that if some MySQL option related to files
requires access to the local machine (it is not dynamic), then user can very
well create data in ADS by some other means. This fixes only those scenarios
which can allow users to create data in ADS over the wire.
File names with colon are being disallowed only on Windows. UNIX
(Linux in particular) supports NTFS, but it will not be a common
scenario for someone to configure a NTFS file system to store MySQL
data on Linux.
Changes in file bug11761752-master.opt are needed due to
bug number 15937938.
When we append data to the binlog file, we use fdatasync() to ensure
the data gets to disk so that crash recovery can work.
Unfortunately there seems to be a bug in ext3/ext4 on linux, so that
fdatasync() does not correctly sync all data when the size of a file
is increased. This causes crash recovery to not work correctly (it
loses transactions from the binlog).
As a work-around, use fsync() for the binlog, not fdatasync(). Since
we are increasing the file size, (correct) fdatasync() will most
likely not be faster than fsync() on any file system, and fsync()
does work correctly on ext3/ext4. This avoids the need to try to
detect if we are running on buggy ext3/ext4.
Added the logger service that provides us with the rotating logs.
The plugin SQL_ERROR_LOG added. It logs the errors using the 'logger service'
for the rotating log files.
the example record from the log:
2012-03-09 15:07:29 root[root] @ localhost [] ERROR 1146: Table 'test.xyz' doesn't exist : select * from test.xyz
nes prefixed with .\ or ./
- Add my_basename() to mysys.
- Do not compile files that are not needed on Windows (my_addr_resolve, an
d safemalloc related stuff it it is not used)
Avoids linker warnings about compilation of essentially empty files.
cmake/maintainer.cmake:
don't do -Werror just yet
config.h.cmake:
according to MSDN PSAPI_VERSION should be 1 in a portable application
mysys/my_thr_init.c:
first, reset THR_KEY_mysys, and then free dbug data,
because dbug data are automacially created on the next dbug call,
unless THR_KEY_mysys is null.
sql/sql_insert.cc:
CREATE ... IF NOT EXISTS may do nothing, but
it is still not a failure. don't forget to my_ok it.
******
CREATE ... IF NOT EXISTS may do nothing, but
it is still not a failure. don't forget to my_ok it.
sql/sql_table.cc:
small cleanup
******
small cleanup
Added --debug-assert-on-error variable which, if set, will cause safe_mutex to assert if it founds an error.
include/my_sys.h:
Added my_assert_on_error
mysys/my_static.c:
Added my_assert_on_error
mysys/thr_mutex.c:
Assert when found wrong mutex usage if my_assert_on_error is set
sql/mysqld.cc:
Added setting of my_assert_on_error
The idea is that my_global_flags is ored to the MyFlags parameter for the above functions if the MY_WME flag is not set.
As the my_global_flags has ME_JUST_INFO (mark error as 'note') and possible ME_NOREFRESH (write error to log) this will force mysqld to log the not critical error to the log as a note.
include/my_sys.h:
Moved MY_SYNC_DIR to ensure it never clashes with ME_JUST_INFO
Added my_global_flags
mysql-test/Makefile.am:
Removed not used bugs directory
mysys/my_init.c:
Added my_global_flags, a variable that is ored to MyFlags in a those mysys functions we want extra logging.
mysys/my_malloc.c:
Added support for my_global_flags
mysys/my_open.c:
Added support for my_global_flags
mysys/my_pread.c:
Added support for my_global_flags
mysys/my_read.c:
Added support for my_global_flags
mysys/my_static.c:
Added my_global_flags
mysys/my_write.c:
Added support for my_global_flags
sql/mysqld.cc:
Set my_global_flags for warning levels 10 & 11
sql/sql_base.cc:
Don't increment unhandled errors for notes or warnings.
... but differently
client/mysqltest.cc:
my_safe_print_str() don't append \n anymore
dbug/dbug.c:
restore safemalloc as a part of dbug suite
dbug/user.r:
restore 'S' flag documentation
include/my_dbug.h:
restore safemalloc as a part of dbug suite
include/my_sys.h:
move valgrind defines to a dedicated header
mysys/my_malloc.c:
use new safemalloc
mysys/stacktrace.c:
don't append \n. let the calller do it, if needed
sql/mysqld.cc:
my_safe_print_str() don't append \n anymore
The patch replaces the use of the POSIX I/O interfaces in mysys on Windows with
the Win32 API calls (CreateFile, WriteFile, etc). The Windows HANDLE for the open
file is stored in the my_file_info struct, along with a flag for append mode
(because the Windows API does not support opening files in append mode in all cases)
The default max open files has been increased to 16384 and can be increased further
by setting --max-open-files=<value> during the server start.
Noteworthy benefit of this patch is that it removes limits from the table_cache size -
allowing for more simultaneus users
A lot of small fixes and new test cases.
client/mysqlbinlog.cc:
Cast removed
client/mysqltest.cc:
Added missing DBUG_RETURN
include/my_pthread.h:
set_timespec_time_nsec() now only takes one argument
mysql-test/t/date_formats.test:
Remove --disable_ps_protocl as now also ps supports microseconds
mysys/my_uuid.c:
Changed to use my_interval_timer() instead of my_getsystime()
mysys/waiting_threads.c:
Changed to use my_hrtime()
sql/field.h:
Added bool special_const_compare() for fields that may convert values before compare (like year)
sql/field_conv.cc:
Added test to get optimal copying of identical temporal values.
sql/item.cc:
Return that item_int is equal if it's positive, even if unsigned flag is different.
Fixed Item_cache_str::save_in_field() to have identical null check as other similar functions
Added proper NULL check to Item_cache_int::save_in_field()
sql/item_cmpfunc.cc:
Don't call convert_constant_item() if there is nothing that is worth converting.
Simplified test when years should be converted
sql/item_sum.cc:
Mark cache values in Item_sum_hybrid as not constants to ensure they are not replaced by other cache values in compare_datetime()
sql/item_timefunc.cc:
Changed sec_to_time() to take a my_decimal argument to ensure we don't loose any sub seconds.
Added Item_temporal_func::get_time() (This simplifies some things)
sql/mysql_priv.h:
Added Lazy_string_decimal()
sql/mysqld.cc:
Added my_decimal constants max_seconds_for_time_type, time_second_part_factor
sql/table.cc:
Changed expr_arena to be of type CONVENTIONAL_EXECUTION to ensure that we don't loose any items that are created by fix_fields()
sql/tztime.cc:
TIME_to_gmt_sec() now sets *in_dst_time_gap in case of errors
This is needed to be able to detect if timestamp is 0
storage/maria/lockman.c:
Changed from my_getsystime() to set_timespec_time_nsec()
storage/maria/ma_loghandler.c:
Changed from my_getsystime() to my_hrtime()
storage/maria/ma_recovery.c:
Changed from my_getsystime() to mmicrosecond_interval_timer()
storage/maria/unittest/trnman-t.c:
Changed from my_getsystime() to mmicrosecond_interval_timer()
storage/xtradb/handler/ha_innodb.cc:
Added support for new time,datetime and timestamp
unittest/mysys/thr_template.c:
my_getsystime() -> my_interval_timer()
unittest/mysys/waiting_threads-t.c:
my_getsystime() -> my_interval_timer()
* my_getsystime() is only an interval timer. Its value can beused for calculating
time intervals.
* renamed my_getsystime() to my_interval_timer(), to make the semantics
clearer and let the compiler catch wrong usages of my_getsystime()
(also future ones, that may come in merges).
* increased its granularity from 100ns to 1ns, old value was for UUID,
but as UUID can no longer use it directly there is no need to downgrade
the OS provided value
* fixed the UUID code to anchor the my_interval_timer() on the epoch, as
required by the UUID standard. That is, this was only needed by UUID,
and now I've moved it to UUID code from my_getsystime().
* fixed other wrong usages of my_getsystime() - e.g. in calculating
times for pthread_cond_timedwait. It was buggy and could've caused
long waits if OS clock would be changed.
include/my_time.h:
remove duplicate defines.
cast to ulonglong to avoid overflow
sql/field.cc:
perform sign extension when reading packed TIME values
sql/item_cmpfunc.cc:
when converting a string to a date for the purpose of comparing it with another date,
we should ignore strict sql mode.
sql/item_timefunc.cc:
better error message
sql/item_timefunc.h:
limit decimals appropriately
sql/share/errmsg.txt:
don't refer to an object as a "column" in error messages that are used not only for columns.
- COLUMN_CREATE(column_nr, value, [column_nr,value]...)
- COLUMN_ADD(blob,column_nr, value, column_nr,value]...)
- COLUMN_DELETE(blob, column_nr, column_nr...)
- COLUMN_EXISTS(blob, column_nr)
- COLUMN_LIST(blob, column_nr)
- COLUMN_GET(string, column_nr AS type)
Added cast(X as DOUBLE) and cast(x as INT)
Better warning and error messages for wrong cast's
Created some sub functions to simplify and reuse code.
Added a lot of conversation functions with error/warnings for what went wrong.
Fixed some issues when casting time to datetime.
Added functions to dynamic strings and Strings to allow one to move a string buffer from dynamic strings to String (to save malloc+ copy)
Added dynamic columns library to libmysqlclient
include/Makefile.am:
Added ma_dyncol.h
include/decimal.h:
Added 'const' to arguments for some functions.
include/my_sys.h:
Added dynstr_reassociate()
include/my_time.h:
Added TIME_SUBSECOND_RANGE
Added double_to_datetime()
Added flag argument to str_to_time()
libmysql/CMakeLists.txt:
Added mysys/ma_dyncol.c
libmysql/Makefile.shared:
Added ma_dyncol
libmysql/libmysql.c:
Added argument to str_to_time()
mysql-test/r/bigint.result:
Better error messages
mysql-test/r/cast.result:
Better warning and error messages
A lot of new cast() tests
mysql-test/r/func_math.result:
Better warning messages
mysql-test/r/func_str.result:
Better warning messages
mysql-test/r/func_time.result:
Better warning messages
mysql-test/r/sp-vars.result:
Better warning messages
mysql-test/r/strict.result:
Better warning messages
New test result
mysql-test/r/type_newdecimal.result:
Better warning messages
mysql-test/r/warnings.result:
Better warning messages
mysql-test/suite/funcs_1/r/innodb_func_view.result:
Updated results after better cast warnings
mysql-test/suite/funcs_1/r/memory_func_view.result:
Updated results after better cast warnings
mysql-test/suite/funcs_1/r/myisam_func_view.result:
Updated results after better cast warnings
mysql-test/suite/optimizer_unfixed_bugs/t/bug43448.test:
Added begin...commit to speed up test.
mysql-test/suite/parts/inc/part_supported_sql_funcs_delete.inc:
Added begin...commit to speed up test.
mysql-test/suite/parts/inc/partition_supported_sql_funcs.inc:
Added begin...commit to speed up test.
mysql-test/suite/parts/r/part_supported_sql_func_innodb.result:
Added begin...commit to speed up test.
mysql-test/suite/parts/r/part_supported_sql_func_myisam.result:
Added begin...commit to speed up test.
mysql-test/suite/parts/r/rpl_partition.result:
Added begin...commit to speed up test.
mysql-test/suite/parts/t/part_supported_sql_func_innodb.test:
Removed duplicated --big_test
mysql-test/suite/parts/t/rpl_partition.test:
Added begin...commit to speed up test.
mysql-test/suite/pbxt/r/cast.result:
Updated results after better cast warnings
mysql-test/suite/pbxt/r/func_str.result:
Updated results after better cast warnings
mysql-test/suite/pbxt/r/type_newdecimal.result:
Updated results after better cast warnings
mysql-test/suite/rpl/r/rpl_innodb_bug28430.result:
Added begin...commit to speed up test.
mysql-test/suite/rpl/t/rpl_innodb_bug28430.test:
Added begin...commit to speed up test.
mysql-test/suite/vcol/r/vcol_supported_sql_funcs_innodb.result:
More warnings
mysql-test/suite/vcol/r/vcol_supported_sql_funcs_myisam.result:
More warnings
mysql-test/t/cast.test:
A lot of new cast() tests
mysql-test/t/strict.test:
Added new test
mysys/CMakeLists.txt:
Added ma_dyncol.c
mysys/Makefile.am:
Added ma_dyncol.c
mysys/string.c:
Added dynstr_reassociate() to move a buffer from dynamic_strings to some other allocator
sql-common/my_time.c:
Added 'fuzzydate' flag to str_to_time()
Added support for microseconds to my_time_to_str() and my_datetime_to_str()
Reset second_parts in number_to_datetime()
Added double_to_datetime()
sql/field.cc:
Added double_to_longlong() and truncate_double() to simplify and reuse code
sql/field.h:
New prototypes
sql/item.cc:
Changed Item::get_date(MYSQL_TIME *ltime,uint fuzzydate) to be aware of type of argument.
(Needed to make it microsecond safe and get better warnings).
Updated call to str_to_time_with_warn()
sql/item.h:
Added struct st_dyncall_create_def used by dynamic columns
Added virtual bool dynamic_result() to tell if type of argument may change over calls.
sql/item_cmpfunc.cc:
Added Item_func_dyncol_exists()
sql/item_cmpfunc.h:
Added class Item_func_dyncol_exists
sql/item_create.cc:
Added get_length_and_scale() to simplify other functions
Simplified and extended create_func_cast()
Added support for cast(X as double(X,Y))
Added functions to create dynamic column functions.
sql/item_create.h:
Added prototypes
sql/item_func.cc:
Extended cast functions Item_func_signed() and Item_func_unsigned() to work with dynamic types
Added Item_double_typecast()
sql/item_func.h:
Added class Item_double_typecast()
sql/item_strfunc.cc:
Added functions for COLUMN_CREATE(), COLUMN_ADD(), COLUMN_GET() and COLUMN_LIST()
sql/item_strfunc.h:
Added classes for COLUMN_CREATE(), COLUMN_ADD(), COLUMN_GET() and COLUMN_LIST()
sql/item_timefunc.cc:
Added flag argument to str_to_time_with_warn()
Updated Item_char_typecast() to handle result type that may change between calls (for dynamic columns)
Added Item_time_typecast::get_date() to ensure that we cast a datetime to time properly.
sql/item_timefunc.h:
Added get_date() to Item_time_typecast() to allow proper results for casting time to datetime
sql/lex.h:
Added new SQL function names
sql/my_decimal.cc:
Added 'const' to some arguments.
Better error message in case of errors (we now print out the wrong value)
Added my_decimal2int()
sql/my_decimal.h:
Moved some constants to my_decimal_limits.h
Updated prototypes.
Made my_decimal2int() a function as it's rather long (no reason to have it inline)
Added decimal2my_decimal() function.
sql/mysql_priv.h:
Prototypes for new functions
sql/share/errmsg.txt:
New error messages for wrong casts and dynamic columns
sql/sql_acl.cc:
Fixed indentation
sql/sql_base.cc:
Added dynamic_column_error_message()
sql/sql_string.h:
Added reassociate() to move a buffer to be owned by String object.
sql/sql_yacc.yy:
Added syntax for COLUMN_ functions.
sql/time.cc:
Updated str_to_datetime_with_warn() flag argument to same type as other functions
Added conversion flag to str_to_time_with_warn() (Similar to all datetime functions)
Added conversion functions with warnings: double_to_datetime_with_warn() and decimal_to_datetime_with_warn()
strings/decimal.c:
Added 'const' to arguments for some functions.
unittest/mysys/Makefile.am:
Added test for dynamic columns code
