The problem is that the fix Bug#29784 was mistakenly
reverted when updating YaSSL to a newer version.
The solution is to re-apply the fix and this time
actually add a meaningful test case so that possible
regressions are caught.
Fix warnings flagged by the new warning option -Wunused-but-set-variable
that was added to GCC 4.6 and that is enabled by -Wunused and -Wall. The
option causes a warning whenever a local variable is assigned to but is
later unused. It also warns about meaningless pointer dereferences.
Apart strict-aliasing warnings, fix the remaining warnings
generated by GCC 4.4.4 -Wall and -Wextra flags.
One major source of warnings was the in-house function my_bcmp
which (unconventionally) took pointers to unsigned characters
as the byte sequences to be compared. Since my_bcmp and bcmp
are deprecated functions whose only difference with memcmp is
the return value, every use of the function is replaced with
memcmp as the special return value wasn't actually being used
by any caller.
There were also various other warnings, mostly due to type
mismatches, missing return values, missing prototypes, dead
code (unreachable) and ignored return values.
strict aliasing violations.
Essentially, the problem is that large parts of the server were
developed in simpler times (last decades, pre C99 standard) when
strict aliasing and compilers supporting such optimizations were
rare to non-existent. Thus, when compiling the server with a modern
compiler that uses strict aliasing rules to perform optimizations,
there are several places in the code that might trigger undefined
behavior.
As evinced by some recent bugs, GCC does a somewhat good of job
misoptimizing such code, but on the other hand also gives warnings
about suspicious code. One problem is that the warnings aren't
always accurate, yet we can't afford to just shut them off as we
might miss real cases. False-positive cases are aggravated mostly
by casts that are likely to trigger undefined behavior.
The solution is to start a cleanup process focused on fixing and
reducing the amount of strict-aliasing related warnings produced
by GCC and others compilers. A good deal of noise reduction can
be achieved by just removing useless casts that are product of
historical cruft and are likely to trigger undefined behavior if
dereferenced.
The problem was that the bundled yaSSL library was being built
without thread safety support regardless of the thread safeness
of the compoments linked with it.
The solution is to enable yaSSL thread safety support if any
component (server or client) is to be built with thread support.
Also, generate new certificates for yaSSL's test suite.
Problem: copying issuer's (or subject's) name tags into an internal
buffer from incoming stream we didn't check the buffer overflow.
That may lead to memory overrun, crash etc.
Fix: ensure we don't overrun the buffer.
Note: there's no simple test case (exploit needed).
Fixed 2 errors in comp_err executable :
1. Wrong (off by 1) length passed to my_checksum()
2. strmov() was used on overlapping strings. This is
not legal according to the docs in stpcpy(). Used
the overlap safe memmove() instead.
it returns misleading 'table is full'
Innodb returns a misleading error message "table is full"
when the number of active concurrent transactions is greater
than 1024.
Fixed by adding errorcode "ER_TOO_MANY_CONCURRENT_TRXS" to the
error codes. Innodb should return HA_TOO_MANY_CONCURRENT_TRXS
to mysql which is then mapped to ER_TOO_MANY_CONCURRENT_TRXS
Note: testcase is not written as this was reproducible only by
changing innodb code.
Add all HA error numbers and descriptions to perror.
Add reminder to header.
This is already fixed in smarter ways in future codebases, and this
codebase is unlikely to change, since new development is forbidden
here.
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
resolve_stack_dump is not able to decode a stack trace produced
by glibc's backtrace() functions. The problem is that the stack
trace addresses are printed between brackets and the utility is
not able to ignore the brackets.
The solution is to modify resolve_stack_dump so it can recognize
stack trace addresses surrounded by brackets. e.g. [0xdeadbeef].
with non-RSA-requesting client if server uses RSA key
matchSuite() may not find a match.
It will return error in this case.
Added a error checking code that will prevent using uninitialized
memory in the code based on the assumption
that matchSuite() has found a match.
using crashes server
When the server is configured to use a RSA key, and when the client sends
a cipher-suite list that contains a non-RSA key as acceptable, the server
would try to process that key even though it was impossible.
Now, yaSSL sets its own acceptable-cipher list according to what kind of
key the server is started with, and will never explore and try to pair
impossible combinations.
This involves a partial import of the current YaSSL tree, not the whole
thing, so as to try to avoid introducing new bugs.
(Updated to avoid many whitespace changes and make diff smaller.)
Mostly, this affected files (programs, scripts, and manual pages)
which got built during a RPM build but were not listed in the
appropriate "%files" section of the "spec" file.
This is fixed now, they are added.
To make this consistent, this patch also makes the build of "innochecksum"
(and its inclusion in a tar.gz or other package) depend on whether InnoDB
is configured in the build.
Also, some tools to create Windows packages are irrelevant in any binary
Unix package (not the sources !), and so they are deleted before packaging.
- Cherry pick 6.0 changes for Visual Studio 2008 support
- Add scripts win\build-vs9.bat and win\build-vs9_x64.bat
Also, remove CMake generated visual studio project files.
value" error even though the value was correct): a C function in my_getopt.c
was taking bool* in parameter and was called from C++ sql_plugin.cc,
but on some Mac OS X sizeof(bool) is 1 in C and 4 in C++, giving funny
mismatches. Fixed, all other occurences of bool in C are removed, future
ones are blocked by a "C-bool-catcher" in my_global.h (use my_bool).
