If a stored function that contains a drop temporary table statement
is invoked by a create temporary table of the same name may cause
a server crash. The problem is that when dropping a table no check
is done to ensure that table is not being used by some outer query
(or outer statement), potentially leaving the outer query with a
reference to a stale (freed) table.
The solution is when dropping a temporary table, always check if
the table is being used by some outer statement as a temporary
table can be dropped inside stored procedures.
The check is performed by looking at the TABLE::query_id value for
temporary tables. To simplify this check and to solve a bug related
to handling of temporary tables in prelocked mode, this patch changes
the way in which this member is used to track the fact that table is
used/unused. Now we ensure that TABLE::query_id is zero for unused
temporary tables (which means that all temporary tables which were
used by a statement should be marked as free for reuse after it's
execution has been completed).
The mysql_change_user command fails to properly update the database pointer
when no database is selected, leading to "use after free" errors. The same
happens on the user privilege pointer in the thread security context.
The solution is to properly reset and update the database name. Also update
the user_priv pointer so that it doesn't point to freed memory.
during udf initialization. The bug is spotted while working on Bug 12713.
If a user-defined function was used in a SELECT statement, and an
error would occur during UDF initialization, this error would not terminate
execution of the SELECT, but rather would be converted to a warning.
The fix is to use a stack buffer to store the message from udf_init instead
of private my_error() buffer.
check_user()/check_connection()/check_for_max_user_connections().
This is a pre-requisite patch for the fix for Bug#12713 "Error in a stored
function called from a SELECT doesn't cause ROLLBACK of statem"
Implement review comments.
Dropping users causes huge increase in memory usage because field values were
allocated on the server memory root for temporary usage but never deallocated.
This patch changes the target memory root to be that of the thread handler
instead since this root is cleared between each statement.
The SET PASSWORD statement is non-transactional (no explicit transaction
boundaries) in nature and hence is forbidden inside stored functions and
triggers, but it weren't being effectively forbidden.
The implemented fix is to issue a implicit commit with every SET PASSWORD
statement, effectively prohibiting these statements in stored functions
and triggers.
and convert it to a warning instead of direct manipulation with the
thread error stack.
Fix a bug in handler::print_erorr when a garbled message was
printed for HA_ERR_NO_SUCH_TABLE.
This is a pre-requisite patch for the fix for Bug#12713 Error in a stored
function called from a SELECT doesn't cause ROLLBACK of statem
rebuild the table.
The problem was that ROW_FORMAT clause in ALTER TABLE did not trigger
table reconstruction.
The fix is to rebuild a table if ROW_FORMAT is specified.
The root cause of this defect is that a call to my_error() is using a
'LEX_STRING' parameter instead of a 'char*'
This patch fixes the failing calls to my_error(), as well as similar calls
found during investigation.
This is a compiling bug (see the instrumentation in the bug report), no test cases provided.
Inserting Data.
The problem was that under some circumstances Field class was not
properly initialized before calling create_length_to_internal_length()
function, which led to assert failure.
The fix is to do the proper initialization.
The user-visible problem was that under some circumstances
CREATE TABLE ... SELECT statement crashed the server or led
to wrong error message (wrong results).
When doing indexed search the server constructs a key image for
faster comparison to the stored keys. While doing that it must not
perform (and stop if they fail) the additional date checks that can
be turned on by the SQL mode because there already may be values in
the table that don't comply with the error checks.
Fixed by ignoring these SQL mode bits while making the key image.
an error, asserts server
In case of a fatal error during filesort in find_all_keys() the error
was returned without the necessary handler uninitialization.
Fixed by changing the code so that handler uninitialization is performed
before returning the error.
Since, as of MySQL 5.0.15, CHAR() arguments larger than 255 are converted into multiple result bytes, a single CHAR() argument can now take up to 4 bytes. This patch fixes Item_func_char::fix_length_and_dec() to take this into account.
This patch also fixes a regression introduced by the patch for bug21513. As now we do not always have the 'name' member of Item set for Item_hex_string and Item_bin_string, an own print() method has been added to Item_hex_string so that it could correctly be printed by Item_func::print_args().
Assertion `table->key_read == 0' failed.
The problem was that key_read on a table in a sub-select was not
properly reset. That happens because the code responsible for that
is copy&pasted all around the server. In some place, it was obviously
forgotten to be pasted.
The fix is to reset key_read properly.
