The problem was in the validation of the input data for blob types.
When assigned binary data, the character blob types were only checking if
the length of these data is a multiple of the minimum char length for the
destination charset.
And since e.g. UTF-8's minimum character length is 1 (becuase it's
variable length) even byte sequences that are invalid utf-8 strings (e.g.
wrong leading byte etc) were copied verbatim into utf-8 columns when
coming from binary strings or fields.
Storing invalid data into string columns was having all kinds of ill effects
on code that assumed that the encoding data are valid to begin with.
Fixed by additionally checking the incoming binary string for validity when
assigning it to a non-binary string column.
Made sure the conversions to charsets with no known "invalid" ranges
are not covered by the extra check.
Removed trailing spaces.
Test case added.
Analysis:
--------
REPLACE operation provides incorrect output when
user variable is supplied as an argument and there
are multiple rows on which the operation is performed.
Consider the example below:
SET @var='(( 00000000 ++ 00000000 ))';
SELECT REPLACE(@var, '00000000', table_name) AS a FROM
INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='mysql';
Invalid output:
+---------------------------------------+
| REPLACE(@var, '00000000', TABLE_NAME) |
+---------------------------------------+
| (( columns_priv ++ columns_priv )) |
| (( columns_priv ++ columns_priv )) |
......
......
| (( columns_priv ++ columns_priv )) |
| (( columns_priv ++ columns_priv )) |
| (( columns_priv ++ columns_priv )) |
+---------------------------------------+
The user argument supplied as the string to REPLACE
operation is overwritten after the first iteration
to '(( columns_priv ++ columns_priv ))'.
The overwritten string after the first iteration
is used for the subsequent REPLACE iteration. Since
the pattern string is not found, it returns invalid
output as mentioned above.
Fix:
---
If the Alloced_length is zero, realloc() and create a
copy of the string which is then used for the REPLACE
operation for every iteration.
sql/sql_insert.cc:
CREATE ... IF NOT EXISTS may do nothing, but
it is still not a failure. don't forget to my_ok it.
******
CREATE ... IF NOT EXISTS may do nothing, but
it is still not a failure. don't forget to my_ok it.
sql/sql_table.cc:
small cleanup
******
small cleanup
The buffer was simply too small.
In 5.5 and trunk, the size is 311 + 31,
in 5.1 and below, the size is 331
client/sql_string.cc:
Increase buffer size in String::set(double, ...)
include/m_string.h:
Increase FLOATING_POINT_BUFFER
mysql-test/r/type_float.result:
New test cases.
mysql-test/t/type_float.test:
New test cases.
sql/sql_string.cc:
Increase buffer size in String::set(double, ...)
sql/unireg.h:
Move definition of FLOATING_POINT_BUFFER
A lot of small fixes and new test cases.
client/mysqlbinlog.cc:
Cast removed
client/mysqltest.cc:
Added missing DBUG_RETURN
include/my_pthread.h:
set_timespec_time_nsec() now only takes one argument
mysql-test/t/date_formats.test:
Remove --disable_ps_protocl as now also ps supports microseconds
mysys/my_uuid.c:
Changed to use my_interval_timer() instead of my_getsystime()
mysys/waiting_threads.c:
Changed to use my_hrtime()
sql/field.h:
Added bool special_const_compare() for fields that may convert values before compare (like year)
sql/field_conv.cc:
Added test to get optimal copying of identical temporal values.
sql/item.cc:
Return that item_int is equal if it's positive, even if unsigned flag is different.
Fixed Item_cache_str::save_in_field() to have identical null check as other similar functions
Added proper NULL check to Item_cache_int::save_in_field()
sql/item_cmpfunc.cc:
Don't call convert_constant_item() if there is nothing that is worth converting.
Simplified test when years should be converted
sql/item_sum.cc:
Mark cache values in Item_sum_hybrid as not constants to ensure they are not replaced by other cache values in compare_datetime()
sql/item_timefunc.cc:
Changed sec_to_time() to take a my_decimal argument to ensure we don't loose any sub seconds.
Added Item_temporal_func::get_time() (This simplifies some things)
sql/mysql_priv.h:
Added Lazy_string_decimal()
sql/mysqld.cc:
Added my_decimal constants max_seconds_for_time_type, time_second_part_factor
sql/table.cc:
Changed expr_arena to be of type CONVENTIONAL_EXECUTION to ensure that we don't loose any items that are created by fix_fields()
sql/tztime.cc:
TIME_to_gmt_sec() now sets *in_dst_time_gap in case of errors
This is needed to be able to detect if timestamp is 0
storage/maria/lockman.c:
Changed from my_getsystime() to set_timespec_time_nsec()
storage/maria/ma_loghandler.c:
Changed from my_getsystime() to my_hrtime()
storage/maria/ma_recovery.c:
Changed from my_getsystime() to mmicrosecond_interval_timer()
storage/maria/unittest/trnman-t.c:
Changed from my_getsystime() to mmicrosecond_interval_timer()
storage/xtradb/handler/ha_innodb.cc:
Added support for new time,datetime and timestamp
unittest/mysys/thr_template.c:
my_getsystime() -> my_interval_timer()
unittest/mysys/waiting_threads-t.c:
my_getsystime() -> my_interval_timer()
sql/event_parse_data.cc:
don't use "not_used" variable
sql/item_timefunc.cc:
Item_temporal_func::fix_length_and_dec()
and other changes
sql/item_timefunc.h:
introducing Item_timefunc::fix_length_and_dec()
sql/share/errmsg.txt:
don't say "column X" in the error message that used not only for columns
Problem: in case of string CASE/WHEN arguments with different
character sets, Item_func_case::find_item() called comparator
cmp_items[x] on mixed character set Items, so a 8-bit value could
be errouneously referenced to as being utf16/utf32 value,
which led to crash on DBUG_ASSERT() because of wrong value length.
This was wrong, as string comparator expects arguments in the same
character set.
Fix: modify Item_func_case's argument list after calling
agg_arg_charsets_for_comparison() - put the Items in "agg" array
back to "args", because some of the Items in the "agg" array might
have been changed to character set converters:
- to Item_func_conv_charset for non-constant items
- to Item_string for constant items
In other words, perform the same substitution which is done in
all other operations string comparison or string result operations:
Replace
CASE latin1_item WHEN utf16_item THEN ... END
to
CASE CONVERT(latin1_item USING utf16) WHEN utf16_item THEN ... END
Replace
CASE utf16_item WHEN latin1_item THEN ... END
to
CASE utf16_item WHEN CONVERT(latin1_item USING utf16) THEN ... END
@ mysql-test/r/ctype_utf16.result
@ mysql-test/r/ctype_utf32.result
@ mysql-test/t/ctype_utf16.test
@ mysql-test/t/ctype_utf32.test
Adding tests
@ sql/item_cmpfunc.cc
Put "agg" back to "args".
@ sql/sql_string.cc
Backporting a fix for String::set_or_copy_aligned() from 5.6,
for better test coverage:
"SELECT _utf16 0x61" should expand the string to 0x0061 rather
than to 0x000061.
This fix was made in 5.6 under terms of "WL#4616 Implement UTF16-LE".
other crashes
Some string manipulating SQL functions use a shared string object intended to
contain an immutable empty string. This object was used by the SQL function
SUBSTRING_INDEX() to return an empty string when one argument was of the wrong
datatype. If the string object was then modified by the sql function INSERT(),
undefined behavior ensued.
Fixed by instead modifying the string object representing the function's
result value whenever string manipulating SQL functions return an empty
string.
Relevant code has also been documented.
Avoid doing reallocs
Prealloc some strings / provide extension allocation size to some strings
This gave a 25 % speedup in some mysql-test-run tests.
mysys/safemalloc.c:
More DBUG_PRINT
sql/net_serv.cc:
Make all mallocs() look the similar. (just-for-safety fix)
sql/protocol.cc:
Ensure that communication packet buffer is allocated.
(It's freed by stored precedures and some DLL statements)
sql/sp.cc:
Fixed valgrind warning
sql/sql_select.cc:
Set extent allocation for buffer that has a lot of append() calls.
sql/sql_show.cc:
Fixed wrong usage of string buffer. Old code worked in test suite 'just-by-chance'
sql/sql_string.cc:
Call realloc_with_extra_if_needed() in append() functions.
sql/sql_string.h:
Added 'extra_alloc' member, to specify chunck size for realloc().
extra_alloc is addaptive to catch cases where preallocation of buffers is not done properly.
Simplified free() to allow compiler to optimize things better (and to keep things consistent).
Fixed shrink() to take into account the extra memory added to the Alloced_length in realloc(). This saves us a realloc() per query.
sql/sql_test.cc:
Set extent allocation for buffer that has a lot of append() calls.
sql/table.cc:
Set extent allocation for buffer that has a lot of append() calls.
file .\dtoa.c
The assertion failure was correct because the 'width' argument
of my_gcvt() has the signed integer type, whereas the unsigned
value UINT_MAX32 was being passed by the caller
(Field_double::val_str()) leading to a negative width in
my_gcvt().
The following chain of problems was found by further analysis:
1. The display width for a floating point number is calculated
in Field_double::val_str() as either field_length or the
maximum possible length of string representation of a floating
point number, whichever is greater. Since in the bug's test
case field_length is UINT_MAX32, we get the same value as the
display width. This does not make any sense because for numeric
values field_length only matters for ZEROFILL columns,
otherwise it does not make sense to allocate that much memory
just to print a number. Field_float::val_str() has a similar
problem.
2. Even if the above wasn't the case, we would still get a
crash on a slightly different test case when trying to allocate
UINT_MAX32 bytes with String::alloc() because the latter does
not handle such large input values correctly due to alignment
overflows.
3. Even when String::alloc() is fixed to return an error when
an alignment overflow occurs, there is still a problem because
almost no callers check its return value, and
Field_double::val_str() is not an exception (same for
Field_float::val_str()).
4. Even if all of the above wasn't the case, creating a
Field_double object with UINT_MAX32 as its field_length does
not make much sense either, since the .frm code limits it to
MAX_FIELD_CHARLENGTH (255) bytes. Such a beast can only be
created by create_tmp_field_from_item() from an Item with
REAL_RESULT as its result_type() and UINT_MAX32 as its
max_length.
5. For the bug's test case, the above condition (REAL_RESULT
Item with max_length = UINT_MAX32) was a result of
Item_func_if::fix_length_and_dec() "shortcutting" aggregation
of argument types when one of the arguments was a constant
NULL. In this case, the attributes of the aggregated type were
simply copied from the other, non-NULL argument, but max_length
was still calculated as per the general, non-shortcut case, by
choosing the greatest of argument's max_length, which is
obviously not correct.
The patch addresses all of the above problems, even though
fixing the assertion failure for the particular test case would
require only a subset of the above problems to be solved.
client/sql_string.cc:
Return an error in case of uint32 overflow in alignment.
Also assert there was no overflow to help find such conditions
in debug builds, since almost no callers check the return value
of String::alloc().
mysql-test/r/func_if.result:
Add a test case for bug #55077.
mysql-test/t/func_if.test:
Add a test case for bug #55077.
sql/field.cc:
- Assert we don't operate with fields wider than 255
(MAX_FIELD_CHARLENGTH) bytes in both Field_float and
Field_double.
- Don't take field_length into account when calculating the
output buffer length.
- Check the return value of String::alloc()
sql/item_cmpfunc.cc:
When shortcutting type aggregation, don't take the NULL
argument's max_length into account.
sql/sql_string.cc:
Return an error in case of uint32 overflow in alignment.
Also assert there was no overflow to help find such conditions
in debug builds, since almost no callers check the return value
of String::alloc().
Although the C standard mandates that sprintf return the number
of bytes written, some very ancient systems (i.e. SunOS 4)
returned a pointer to the buffer instead. Since these systems
are not supported anymore and are hopefully long dead by now,
simply remove the portability wrapper that dealt with this
discrepancy. The autoconf check was causing trouble with GCC.
Allow stored procedure variables in LIMIT clause.
Only allow variables of INTEGER types.
Handle negative values by means of an implicit cast to UNSIGNED
(similarly to prepared statement placeholders).
Add tests.
Make sure replication works by not doing NAME_CONST substitution
for variables in LIMIT clause.
Add replication tests.
mysql-test/r/sp.result:
Update results (Bug#11918).
mysql-test/suite/rpl/r/rpl_sp.result:
Update results (Bug#11918).
mysql-test/suite/rpl/t/rpl_sp.test:
Add a test case for Bug#11918.
mysql-test/t/sp.test:
Add a test case for Bug#11918.
sql/item.cc:
Mark sp variables in LIMIT clause (a hack for replication).
sql/item.h:
Mark sp variables in LIMIT clause (a hack for replication).
sql/share/errmsg-utf8.txt:
Add a new error message (a type mismatch for LIMIT
clause parameter).
sql/sp_head.cc:
Binlog rewrite sp variables in LIMIT clause without NAME_CONST
substitution.
sql/sql_string.cc:
Implement append_ulonglong method.
sql/sql_string.h:
Declare append_ulonglong().
sql/sql_yacc.yy:
Support stored procedure variables in LIMIT.
config/ac-macros/character_sets.m4:
- Adding configure definitions for utf8mb4, utf16, utf32
include/config-win.h:
- Enabling utf8mb4, utf16, utf32 in Windows build
include/m_ctype.h:
- Adding new flags
- Adding new shared functions prototypes
mysql-test/include/ctype_datetime.inc:
- Adding test to check that datetime functions
work with "real" multibyte character sets.
mysql-test/include/ctype_like.inc:
- Adding LIKE tests
mysql-test/include/have_utf16.inc:
New file
mysql-test/include/have_utf32.inc:
New file
mysql-test/include/have_utf8mb4.inc:
New file
mysql-test/r/ctype_ldml.result:
- Adding tests for utf8mb4, utf16, utf32
mysql-test/r/ctype_many.result:
- Adding tests to check superset/subset relations
between all Unicode character sets.
mysql-test/r/ctype_utf16.result:
New file
mysql-test/r/ctype_utf16_uca.result:
New file
mysql-test/r/ctype_utf32.result:
New file
mysql-test/r/ctype_utf32_uca.result:
New file
mysql-test/r/ctype_utf8.result:
- Adding tests for utf8mn3 alias
mysql-test/r/ctype_utf8mb4.result:
- Adding tests for utf8mb4
mysql-test/r/have_utf16.require:
New file
mysql-test/r/have_utf32.require:
New file
mysql-test/r/have_utf8mb4.require:
New file
mysql-test/std_data/Index.xml:
- Adding tests for loadable utf8m4, utf16, utf32 collations
mysql-test/suite/sys_vars/r/character_set_client_basic.result:
- Adding tests for utf16, utf32.
- Fixing new number of character sets
mysql-test/suite/sys_vars/r/character_set_connection_basic.result:
- Fixing new number of character sets
mysql-test/suite/sys_vars/r/character_set_database_basic.result:
- Fixing new number of character sets
mysql-test/suite/sys_vars/r/character_set_filesystem_basic.result:
- Fixing new number of character sets
mysql-test/suite/sys_vars/r/character_set_results_basic.result:
- Fixing new number of character sets
mysql-test/suite/sys_vars/t/character_set_client_basic.test:
- Adding tests for new character sets
mysql-test/suite/sys_vars/t/character_set_connection_basic.test:
- Adding dependency on utf8mb4, utf16, utf32
mysql-test/suite/sys_vars/t/character_set_database_basic.test:
- Adding dependency on utf8mb4, utf16, utf32
mysql-test/suite/sys_vars/t/character_set_filesystem_basic.test:
- Adding dependency on utf8mb4, utf16, utf32
mysql-test/suite/sys_vars/t/character_set_results_basic.test:
- Adding dependency on utf8mb4, utf16, utf32
mysql-test/t/ctype_ldml.test:
- Adding tests for dynamic utf8mb4, utf16, utf32 collations
mysql-test/t/ctype_many.test:
- Adding tests to check superset/subset relations
between all Unicode character sets
mysql-test/t/ctype_utf16.test:
New file
mysql-test/t/ctype_utf16_uca.test:
New file
mysql-test/t/ctype_utf32.test:
New file
mysql-test/t/ctype_utf32_uca.test:
New file
mysql-test/t/ctype_utf8.test:
- Adding tests for utf8mb4 alias
mysql-test/t/ctype_utf8mb4.test:
New file
mysys/charset-def.c:
- Adding initialization of utf8mb4, utf16, utf32 built-int collations
mysys/charset.c:
- Adding initialization of utf8mb4, utf16, utf32 dynamic collations
sql/field.cc:
- Fixing "truncated" error with datetime functions:
Force conversion in case of non-ascii character sets.
sql/item.cc:
- Adding superset/subset relation check for utf8mb4/utf8
sql/item_strfunc.cc:
- Fixing a problem with CHAR(x USING utf32)
sql/sql_string.cc:
- Fixing problems with zero padding for UTF32
sql/sql_table.cc:
- Fixing buffer size, to make utf32 comma fit.
strings/ctype-mb.c:
- Making handlers for multi-byte binary collations public
strings/ctype-uca.c:
- Adding definitions for utf8mb4, utf16, utf32 UCA collations
strings/ctype-ucs2.c:
- Adding functions which are shared between ucs2, utf16, utf32
- Ading utf16 implementation
- Adding utf32 implementation
strings/ctype-utf8.c:
- Adding functions shared between utf8 and utf8mb4
- Adding implementation of utf8mb4
to string conversions and vice versa"
Initial import of the dtoa.c code and custom wrappers around it
to allow its usage from the server code.
Conversion of FLOAT/DOUBLE values to DECIMAL ones or strings
and vice versa has been significantly reworked. As the new
algoritms are more precise than the older ones, results of such
conversions may not always match those obtained from older
server versions. This in turn may break compatibility for some
applications.
This patch also fixes the following bugs:
- bug #12860 "Difference in zero padding of exponent between
Unix and Windows"
- bug #21497 "DOUBLE truncated to unusable value"
- bug #26788 "mysqld (debug) aborts when inserting specific
numbers into char fields"
- bug #24541 "Data truncated..." on decimal type columns
without any good reason"
STRING_RESULT argument
There is a "magic" number for precision : NOT_FIXED_DEC.
This means that the precision is not a fixed number.
But this constant was re-defined in several files and
was not available to the UDF developers.
Moved the NOT_FIXED_DEC definition to the correct header
and removed the redundant definitions.
Backported to 5.6.0 (mysql-next-mr-runtime)
client/sql_string.h:
moved NOT_FIXED_DEC to the correct header
include/mysql_com.h:
moved NOT_FIXED_DEC to the correct header
libmysql/libmysql.c:
moved NOT_FIXED_DEC to the correct header
sql/field.h:
moved NOT_FIXED_DEC to the correct header
sql/sql_string.h:
moved NOT_FIXED_DEC to the correct header
storage/ndb/include/kernel/signaldata/DictTabInfo.hpp:
moved NOT_FIXED_DEC to the correct header
