Commit graph

68218 commits

Author SHA1 Message Date
Alexander Barkov
daf602a223 Merging from 5.1. 2011-01-18 09:50:03 +03:00
Alexander Barkov
5574a2cd91 Bug#44332 my_xml_scan reads behind the end of buffer
Problem: the scanner function tested for strings "<![CDATA[" and
"-->" without checking input string boundaries, which led to valgrind's
"Conditional jump or move depends on uninitialised value(s)" error.

Fix: Adding boundary checking.

  @ mysql-test/r/xml.result
  @ mysql-test/t/xml.test
  Adding test

  @ strings/xml.c
  Adding a helper function my_xml_parser_prefix_cmp(),
  with input string boundary check.
2011-01-18 09:38:41 +03:00
Vinay Fisrekar
377c9661e4 Merge from mysql-5.1 for
sys_vars.innodb_max_dirty_pages_pct_func fails sporadically
2011-01-18 09:30:00 +05:30
Vinay Fisrekar
afa2ec12d0 BUG#58858 : sys_vars.innodb_max_dirty_pages_pct_func fails sporadically
Committing After latest merge.      
Modified check_pct procedure to check return value of wait condition instead 
of calling "dirty_pct".
   
Adding Review comments:
1) Added comment for success variable value
2) Procedure check_pct changed For Adding BOOLEAN input and SELECT QUERY Change
2011-01-18 09:24:52 +05:30
Luis Soares
b36350842c BUG#42879: CHANGE MASTER RELAY_LOG_FILE=path fails on windows
Re-enabling the test case on windows since BUG#12190 has fixed
the issue.
2011-01-17 18:51:01 +00:00
Alexander Barkov
6665ca25af Bug#58371 Assertion failed: !s.uses_buffer_owned_by(this) with format string function
Introduced by the fix for bug#44766.

Problem: it's not correct to use args[0]->str_value as a buffer,
because args[0] may need this buffer for its own purposes.

Fix: adding a new class member tmp_value to use as return value.

  @ mysql-test/r/ctype_many.result
  @ mysql-test/t/ctype_many.test
  Adding tests

  @ sql/item_strfunc.cc
  Changing code into traditional style:
  use "str" as a buffer for the argument and tmp_value for the result value.

  @ sql/item_strfunc.h
  Adding tmp_value
2011-01-17 15:11:33 +03:00
Alexander Barkov
a2850a2f53 Bug#59149 valgrind warnings with "like .. escape .." function
Problem: when processing a query like:
  SELECT '' LIKE '1' ESCAPE COUNT(1);
escape_item->val_str() was never executed and the "escape" class member
stayed initialized, which led to valgrind uninitialized memory error.
      
Note, a query with some tables in "FROM" clause
returns ER_WRONG_ARGUMENTS in the same situation:

   SELECT '' LIKE '1' ESCAPE COUNT(1) FROM t1;
   ERROR 1210 (HY000): Incorrect arguments to ESCAPE

Fix: disallowing using aggregate functions in ESCAPE clause,
even if there are no tables used. There is no much use of that anyway.
2011-01-17 12:30:22 +03:00
Nirbhay Choubey
208b677637 Bug#58221 : mysqladmin --sleep=x --count=x keeps looping
When mysqldadmin is run with sleep and count options,
it goes into an infinite loop and keeps executing the
specified command.

This happened because the statement, responsible for
decrementing the count value, was missing.

Fixed by adding a statement which will decrement the
count value for each iteration.


client/mysqladmin.cc:
  Bug#58221 : mysqladmin --sleep=x --count=x keeps looping
  
  Added a condition to check and decrement the count
  value stored in nr_iterations per iteration.
mysql-test/r/mysqladmin.result:
  Added a testcase for Bug#58221.
mysql-test/t/mysqladmin.test:
  Added a testcase for Bug#58221.
2011-01-16 02:04:08 +05:30
unknown
3a6b404849 Null merge from 5.0
It is a backported patch.
2011-01-15 13:51:41 +08:00
unknown
12c6d1f355 BUG#49124 Security issue with /*!-versioned */ SQL statements on Slave
Backport to 5.0.

/*![:version:] Query Code */, where [:version:] is a sequence of 5 
digits representing the mysql server version(e.g /*!50200 ... */),
is a special comment that the query in it can be executed on those 
servers whose versions are larger than the version appearing in the 
comment. It leads to a security issue when slave's version is larger 
than master's. A malicious user can improve his privileges on slaves. 
Because slave SQL thread is running with SUPER privileges, so it can
execute queries that he/she does not have privileges on master.
      
This bug is fixed with the logic below: 
- To replace '!' with ' ' in the magic comments which are not applied on
  master. So they become common comments and will not be applied on slave.
      
- Example:
  'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /*!99999 ,(3)*/
   will be binlogged as
  'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /* 99999 ,(3)*/
2011-01-15 13:48:16 +08:00
Alexey Botchkov
335fcd91b3 Bug#52208 gis fails on some platforms (Solaris, HP-UX, Linux)
IA64 and some other arcitectures use different float rounding mode and
        i find no decent way to make it consistent.
        So the test changed to be insensitive to this.

per-file messages:
  mysql-test/t/gis.test
Bug#52208      gis fails on some platforms (Solaris, HP-UX, Linux)
        --replace_result added
2011-01-15 00:56:09 +04:00
Nirbhay Choubey
ab2d29ec6b Bug#13618 : mysqldump --xml omits comment on table field
When mysqldump tries to dump information in xml format,
the result does not contain field level comments.

In order to retrieve various informations for a field/column,
mysqldump currently uses 'show fields from <tab>' statement.
The attributes returned by the statement lacks the information
regarding field comments.

Fixed by changing the query to one that probes I_S to retrieve
required field informations, including the field comment.


client/mysqldump.c:
  Bug#13618 : mysqldump --xml omits comment on table field.
  
  Replaced the 'show fields' command by a statement that
  queries I_S, in order to retrieve information on all the
  attributes that 'show fields' returns along-with an additional
  column_comment information.
mysql-test/r/client_xml.result:
  Result modifications for bug#13618.
mysql-test/r/mysqldump.result:
  Result modifications for bug#13618.
mysql-test/t/mysqldump.test:
  Added a testcase for bug#13618.
2011-01-14 19:50:34 +05:30
Sven Sandberg
faafae781a BUG#59063: rpl_migration_crash_safe fails on Windows
Backported the fix to 5.1.
Problem: the auxiliary test files rpl_start_server.inc and rpl_stop_server.inc
write a file that is later read by mtr. The bug was that the file was written
with platform-dependent newline terminators, i.e., \r\n on windows, whereas mtr
only understands \n.
Fix: write the file so that it uses \n on all platforms.


mysql-test/include/rpl_start_server.inc:
  Force test to use \n instead of platform-dependent newline terminator.
mysql-test/include/rpl_stop_server.inc:
  Force test to use \n instead of platform-dependent newline terminator.
2011-01-14 11:33:12 +01:00
Luis Soares
06e21d5cd9 Automerge from bug branch into latest mysql-5.1. 2011-01-13 11:41:00 +00:00
Nirbhay Choubey
db36f63984 Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring
null from mysql_store_result.

mysqlslap segfaults at a point when it tries to fetch rows from
the result set.

Under some circumstances, mysql_store_result can return 'NULL',
even after query execution (mysql_query) succeeds, and eventually
a segfault might occur if same unchecked return value is passed
to mysql_fetch_row.

Fixed by adding a check on mysql_store_result's return value.


client/mysqlslap.c:
  Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring
              null from mysql_store_result.
  
  Added a check on mysql_store_result's return value. A 'NULL' return
  value here shows an erroneous situation as mysql_field_count has already
  reported a non-zero value.
2011-01-13 15:56:42 +05:30
Georgi Kodinov
dcf9828221 bumped up the version to 5.1.56 2011-01-13 10:59:11 +02:00
Georgi Kodinov
f949ac55f7 bumped up the version to 5.0.93 2011-01-13 10:57:19 +02:00
Martin Hansson
716b64cdb0 Bug#58165: "my_empty_string" gets modified and causes LOAD DATA to fail and
other crashes

Some string manipulating SQL functions use a shared string object intended to
contain an immutable empty string. This object was used by the SQL function
SUBSTRING_INDEX() to return an empty string when one argument was of the wrong
datatype. If the string object was then modified by the sql function INSERT(),
undefined behavior ensued.

Fixed by instead modifying the string object representing the function's
result value whenever string manipulating SQL functions return an empty
string.

Relevant code has also been documented.
2011-01-13 08:57:15 +01:00
Bjorn Munch
a581444c05 merge from 5.1-mtr 2011-01-12 23:29:53 +01:00
Luis Soares
5e9cb07b66 BUG#59177: mysqlbinlog_row_big fails on Windows with out of memory
The test case fails with out of memory while updating a table
with several multi-megabytes sized rows. This can probably be too
exhausting for PB2 env.
      
The quick fix here is to reduce the size of the biggest
row (256MB) so that it becomes a little smaller (64MB).
2011-01-12 19:32:45 +00:00
Bjorn Munch
251869175e merge from 5.1 2011-01-12 15:20:40 +01:00
Dmitry Lenev
599457ae2c Fix for bug #58499 "DEFINER-security view selecting from
INVOKER-security view access check wrong".

When privilege checks were done for tables used from an 
INVOKER-security view which in its turn was used from 
a DEFINER-security view connection's active security
context was incorrectly used instead of security context
with privileges of the second view's creator.

This meant that users which had enough rights to access
the DEFINER-security view and as result were supposed to 
be able successfully access it were unable to do so in 
cases when they didn't have privileges on underlying tables 
of the INVOKER-security view.

This problem was caused by the fact that for INVOKER-security
views TABLE_LIST::security_ctx member for underlying tables
were set to 0 even in cases when particular view was used from 
another DEFINER-security view. This meant that when checks of
privileges on these underlying tables was done in
setup_tables_and_check_access() active connection security 
context was used instead of context corresponding to the 
creator of caller view.

This fix addresses the problem by ensuring that underlying
tables of an INVOKER-security view inherit security context
from the view and thus correct security context is used for
privilege checks on underlying tables in cases when such view 
is used from another view with DEFINER-security.

mysql-test/r/view_grant.result:
  Added coverage for various combinations of DEFINER and
  INVOKER-security views, including test for bug #58499
  "DEFINER-security view selecting from INVOKER-security
  view access check wrong".
mysql-test/t/view_grant.test:
  Added coverage for various combinations of DEFINER and
  INVOKER-security views, including test for bug #58499
  "DEFINER-security view selecting from INVOKER-security
  view access check wrong".
sql/sql_view.cc:
  When opening a non-suid view ensure that its underlying 
  tables will get the same security context as use for
  checking privileges on the view, i.e. security context
  of view invoker. This context can be different from the
  security context which is currently active for connection 
  in cases when this non-suid view is used from a view with
  suid security. Inheriting security context in such situation
  allows correctly apply privileges of creator of suid view
  in checks for tables of non-suid view (since in this 
  situation creator/definer of suid view serves as invoker
  for non-suid view).
2011-01-12 16:08:30 +03:00
Alexey Botchkov
33c78e328f Bug #57321 crashes and valgrind errors from spatial types
Item_func_spatial_collection::fix_length_and_dec didn't call parent's method, so
        the maybe_null was set to '0' after it. But in this case the result was
        just NULL, that caused wrong behaviour.

per-file comments:
  mysql-test/r/gis.result
Bug #57321 crashes and valgrind errors from spatial types 
        test result updated.

  mysql-test/t/gis.test
Bug #57321 crashes and valgrind errors from spatial types 
        test case added.
  sql/item_geofunc.h
Bug #57321 crashes and valgrind errors from spatial types 
        Item_func_geometry::fix_length_and_dec() called in
        Item_func_spatial_collection::fix_length_and_dec().
2011-01-12 17:02:41 +04:00
Martin Hansson
3c5662c195 Bug#58207: invalid memory reads when using default column value and
tmptable needed

The function DEFAULT() works by modifying the the data buffer pointers (often
referred to as 'record' or 'table record') of its argument. This modification
is done during name resolution (fix_fields().) Unfortunately, the same
modification is done when creating a temporary table, because default values
need to propagate to the new table.

Fixed by skipping the pointer modification for fields that are arguments to
the DEFAULT function.
2011-01-12 09:55:31 +01:00
Dmitry Shulga
0fd846bad0 Fixed Bug#58887 - server not throwing "Packet too large" error
if max_allowed_packet >= 16M.

This bug was introduced by patch for bug#42503.

This patch restores behaviour that there was before patch
for bug#42503 was applied.

sql/net_serv.cc:
  Restored original right condition.
2011-01-11 21:18:25 +06:00
Bjorn Munch
e2b73747df Bug #59002 Please make mtr print correct file and line number when tests fail
Followup: had forgotten to update mysqltest.test due to changed output - duh!
2011-01-11 15:00:21 +01:00
Davi Arnaut
c4c94ea0ac Bug#42054: SELECT CURDATE() is returning bad value
The problem from a user point of view was that on Solaris the
time related functions (e.g. NOW(), SYSDATE(), etc) would always
return a fixed time.

This bug was happening due to a logic in the time retrieving
wrapper function which would only call the time() function every
half second. This interval between calls would be calculated
using the gethrtime() and the logic relied on the fact that time
returned by it is monotonic.

Unfortunately, due to bugs in the gethrtime() implementation,
there are some cases where the time returned by it can drift
(See Solaris bug id 6600939), potentially causing the interval
calculation logic to fail.

The solution is to retrieve the correct time whenever a drift in
the time returned by gethrtime() is detected. That is, do not
use the cached time whenever the values (previous and current)
returned by gethrtime() are not monotonically increasing.

mysys/my_getsystime.c:
  Do not used the cached time if gethrtime is not monotonic.
2011-01-11 11:44:38 -02:00
Jan Wedvik
0a7cfad080 Fix for bug#58553, "Queries with pushed conditions causes 'explain extended'
to crash mysqld". 
      
handler::pushed_cond was not always properly reset when table objects where
recycled via the table cache.
      
handler::pushed_cond is now set to NULL in handler::ha_reset(). This should 
prevent pushed conditions from (incorrectly) re-apperaring in later queries.
2011-01-11 12:09:54 +01:00
Bjorn Munch
5376a76dea Bug #58900 query_get_value crashes when result begins with dollar sign
Generalized fix for recursive backtick
Optional arg to eval_expr telling it not to interpret
2011-01-11 10:54:42 +01:00
Bjorn Munch
f3bc9f699c Bug #58896 MTR should recognise combinations as experimental without needing wildcards
Added a pattern match to cover combinations
Added to readme file
2011-01-11 10:53:22 +01:00
Bjorn Munch
8645caf79d Bug #59002 Please make mtr print correct file and line number when tests fail
This patchs adds printing of a file stack (with line numbers)
It does not fix the problem of a failure in the non-first iteration of a loop
2011-01-11 10:51:31 +01:00
Mattias Jonsson
2f47416678 merge 2011-01-10 12:56:27 +01:00
Mattias Jonsson
770c3f3a7a merge 2011-01-10 12:53:24 +01:00
Bjorn Munch
18073b1dec merge from 5.1 main 2011-01-10 10:52:08 +01:00
Vasil Dimov
28df6d6e00 Merge mysql-5.1-innodb -> mysql-5.1 2011-01-08 16:59:23 +02:00
Vasil Dimov
2815ffeeb9 Increment InnoDB Plugin version from 1.0.14 to 1.0.15.
InnoDB Plugin 1.0.14 has been released with MySQL 5.1.54.
2011-01-08 16:51:19 +02:00
Davi Arnaut
844d6ed4b2 Bug#51023: Mysql server crashes on SIGHUP and destroys InnoDB files
WIN32 compilation fixes: define ETIMEDOUT only if not available and
fix typos and add a missing parameter.
2011-01-07 17:28:06 -02:00
Davi Arnaut
998065c3a6 Bug#51023: Mysql server crashes on SIGHUP and destroys InnoDB files
From a user perspective, the problem is that a FLUSH LOGS or SIGHUP
signal could end up associating the stdout and stderr to random
files. In the case of this bug report, the streams would end up
associated to InnoDB ibd files.

The freopen(3) function is not thread-safe on FreeBSD. What this
means is that if another thread calls open(2) during freopen()
is executing that another thread's fd returned by open(2) may get
re-associated with the file being passed to freopen(3). See FreeBSD
PR number 79887 for reference:

  http://www.freebsd.org/cgi/query-pr.cgi?pr=79887

This problem is worked around by substituting a internal hook within
the FILE structure. This avoids the loss of atomicity by not having
the original fd closed before its duplicated.

Patch based on the original work by Vasil Dimov.

include/my_sys.h:
  Export my_freopen.
mysys/my_fopen.c:
  Add a my_freopen abstraction to workaround bugs in specific OSes.
  Add a prototype for getosreldate() as older FreeBSD versions did
  not define one.
sql/log.cc:
  Move freopen abstraction code over to mysys.
  The streams are now only reopened for writing.
2011-01-07 16:33:36 -02:00
Vasil Dimov
8a49f0b138 Followup to vasil.dimov@oracle.com-20110107091222-q23qpb5skev0j9gc
Do not use nested AC_CHECK_FUNC() because they result in:

./configure: line 52688: syntax error: unexpected end of file

(which happens only on some platforms and does not happen on others,
I have no idea what is the reason for this)
2011-01-07 16:52:44 +02:00
Vasil Dimov
3d27658dae Merge mysql-5.1 -> mysql-5.1-innodb 2011-01-07 13:46:21 +02:00
Vasil Dimov
7365ef123c Fix Bug#59327 Fix autoconf usage for innodb_plugin
AC_CHECK_FUNCS(f1 f2 f3, ACTION_IF_PRESENT)
ACTION_IF_PRESENT is executed if any of f1, f2 or f3 is present.
Fix this misusage, we want the action to be executed if all of the
functions are present.
2011-01-07 11:12:22 +02:00
Jimmy Yang
5ef429fd3c Fix Bug #55397 cannot select from innodb_trx when trx_query contains blobs
that aren't strings

rb://560 approved by Sunny Bains
2011-01-06 19:36:20 -08:00
Saikumar V
d2b0c83646 Adding more mtr commands to runs engine suites. 2011-01-06 16:09:45 +05:30
Vasil Dimov
fd7de284d4 (InnoDB Plugin) Fix Bug#59303 Correct URL in crash message
old URL: http://dev.mysql.com/doc/refman/5.1/en/forcing-recovery.html
new URL: http://dev.mysql.com/doc/refman/5.1/en/forcing-innodb-recovery.html

Notice that there is a redirect from the old URL to the new URL, so visiting
the old URL does not give "page not found" error.
2011-01-06 09:12:53 +02:00
Vasil Dimov
15273e4310 (Builtin InnoDB) Fix Bug#59303 Correct URL in crash message
old URL: http://dev.mysql.com/doc/refman/5.1/en/forcing-recovery.html
new URL: http://dev.mysql.com/doc/refman/5.1/en/forcing-innodb-recovery.html

Notice that there is a redirect from the old URL to the new URL, so visiting
the old URL does not give "page not found" error.
2011-01-06 09:05:45 +02:00
Georgi Kodinov
cfc1e33758 Bug #59178: disable the test case 2011-01-05 14:58:05 +02:00
Nirbhay Choubey
c6ffb4b798 Modifications in mysql-5.1 engines test suite. 2011-01-05 12:16:07 +05:30
Jimmy Yang
fe8fbaaddb Fix Bug #59197 double quote in field comment prevents foreign key
constraint creation

rb://557 Approved by Sunny Bains
2011-01-04 22:44:12 -08:00
Jimmy Yang
c143ff4848 Fix Bug #59157 valgrind conditional jump warning from dict_load_foreign.
This is 5.1 built-in specific as the dict_table_t strcture is allocated
with mem_heap_zalloc since 5.1 plugin.

Approved by Sunny Bains
2011-01-04 22:31:46 -08:00
unknown
cafdf6e6d2 43818 - Patch for mysql-5.1-innodb
Avoid handler::info() call for three Information Schema tables;
TABLE_CONSTRAINTS, KEY_COLUMN_USAGE, & REFERENTIAL_CONTRAINTS
2011-01-04 12:34:39 -06:00