mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-17 20:42:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/sql
History
Sergey Glukhov fc57b4cfb5 Bug#43612 crash with explain extended, union, order by 
In UNION if we use last SELECT without braces and this
SELECT have ORDER BY clause, such clause belongs to
global UNION. It is parsed like last SELECT
part and used further as 'unit->global_parameters->order_list' value.
During DESCRIBE EXTENDED we call select_lex->print_order() for
last SELECT where order fields refer to tmp table 
which already freed. It leads to crash.
The fix is clean up global_parameters->order_list
instead of fake_select_lex->order_list.


mysql-test/r/union.result:
  test result
mysql-test/t/union.test:
  test case
sql/sql_union.cc:
  In UNION if we use last SELECT without braces and this
  SELECT have ORDER BY clause, such clause belongs to
  global UNION. It is parsed like last SELECT
  part and used further as 'unit->global_parameters->order_list' value.
  During DESCRIBE EXTENDED we call select_lex->print_order() for
  last SELECT where order fields refer to tmp table 
  which already freed. It leads to crash.
  The fix is clean up global_parameters->order_list
  instead of fake_select_lex->order_list.
2009-05-15 12:03:34 +05:00
..
examples Bug#39616: Missing quotes from .CSV crashes server 2008-11-18 11:31:03 +05:30
share Bug#28323: Server crashed in xid cache operations 2008-10-21 15:45:43 -02:00
.cvsignore
add_errmsg
client_settings.h
CMakeLists.txt Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
custom_conf.h
derror.cc
des_key_file.cc
discover.cc
field.cc Bug#43833 Simple INSERT crashes the server 2009-04-09 14:19:31 +05:00
field.h Bug#38469 invalid memory read and/or crash with utf8 text field, stored procedure, uservar 2008-09-20 10:51:03 +02:00
field_conv.cc
filesort.cc BUG#35478: sort_union() returns bad data when sort_buffer_size is hit 2008-07-15 18:13:21 +04:00
frm_crypt.cc
gen_lex_hash.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
gstream.cc Merge mysql.com:/home/hf/work/30286/my41-30286 2007-10-05 16:33:08 +05:00
gstream.h
ha_archive.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
ha_archive.h
ha_berkeley.cc fixes for warnings and compile errors for the fix of bug 26243 2008-03-29 16:12:23 +02:00
ha_berkeley.h
ha_blackhole.cc Bug #35178 INSERT_ID not written to binary log for inserts against BLACKHOLE backed tables 2008-03-19 18:44:50 +02:00
ha_blackhole.h Bug#30294 blackhole engine causes 100% with 2 alter table statements running 2007-11-16 14:46:36 +04:00
ha_federated.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
ha_federated.h Bug #32374 crash with filesort when selecting from federated table and view. 2007-11-30 17:08:00 +04:00
ha_heap.cc type conversions fixed to get rid of warnings 2007-10-23 16:32:05 +05:00
ha_heap.h
ha_innodb.cc auto-merge 2009-03-19 09:44:58 -04:00
ha_innodb.h Fix for BUG#43660- SHOW INDEXES/ANALYZE does NOT update cardinality 2009-04-24 16:33:50 +05:30
ha_myisam.cc Bug#33756 - query cache with concurrent_insert=0 appears broken 2008-03-13 16:39:27 +01:00
ha_myisam.h
ha_myisammrg.cc Merge amd64.(none):/src/mysql-5.0-bugteam 2008-03-28 16:01:05 -04:00
ha_myisammrg.h
ha_ndbcluster.cc fixed warnings and compile errors from the fix for bug 26243 2008-03-29 09:52:16 +02:00
ha_ndbcluster.h ha_ndbcluster.h: 2007-11-05 20:18:22 +01:00
ha_ndbcluster_cond.cc fixed warnings and compile errors from the fix for bug 26243 2008-03-29 09:52:16 +02:00
ha_ndbcluster_cond.h Bug#34749: Server crash when using NAME_CONST() with an aggregate function 2008-02-28 14:23:22 +01:00
handler.cc Fix for bug #26288: savepoint not deleted, comit on empty transaction 2009-03-27 10:24:32 +04:00
handler.h Fix for bug#40984: backport fix from 39585 into 5.0 2008-11-25 10:22:02 +04:00
hash_filo.cc
hash_filo.h
hostname.cc
init.cc Bug#26294: library name conflict between MySQL 4.x, 5.0 and Qt 3.3 2008-04-03 11:32:00 -04:00
item.cc backport from 6.0: 2009-04-28 05:19:13 +05:00
item.h Backport bug #37348 fix 5.1 --> 5.0. 2009-04-01 16:02:26 +05:00
item_buff.cc
item_cmpfunc.cc Bug#37601 Cast Is Not Done On Row Comparison 2009-02-19 17:20:44 +04:00
item_cmpfunc.h rollback of bug #40761 fix 2008-12-12 14:59:10 +04:00
item_create.cc Fix mismerge. 2008-04-10 15:55:37 -04:00
item_create.h
item_func.cc Fix for bug#42009: SELECT into variable gives different results to direct SELECT 2009-05-10 20:50:14 +05:00
item_func.h Fix for bug#42009: SELECT into variable gives different results to direct SELECT 2009-02-24 18:47:12 +04:00
item_geofunc.cc Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash 2009-04-28 14:47:26 +05:00
item_geofunc.h
item_row.cc
item_row.h
item_strfunc.cc Fix for bug#44774: load_file function produces valgrind warnings 2009-05-12 13:18:27 +05:00
item_strfunc.h Bug #35087: Inserting duplicate values at one time with DES_ENCRYPT leads 2009-04-17 18:52:57 +03:00
item_subselect.cc Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-5.0-bugteam 2008-03-28 14:31:52 +03:00
item_subselect.h Bug #31884: Assertion + crash in subquery in the SELECT clause. 2007-10-30 14:27:21 +02:00
item_sum.cc Bug #43354: Use key hint can crash server in explain extended query 2009-03-11 14:10:44 +02:00
item_sum.h backported the fix for bug #34773 to 5.0 2008-12-09 20:35:02 +02:00
item_timefunc.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
item_timefunc.h Bug#42525: TIMEDIFF function 2009-02-06 18:25:08 +01:00
item_uniq.cc
item_uniq.h
key.cc Fixed bug #32556: assert in "using index for group-by" : 2007-11-21 22:56:42 +04:00
lex.h
lex_symbol.h
lock.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
log.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
log_event.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
log_event.h BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
Makefile.am Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
matherr.c
message.h Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
message.mc Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
message.rc Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
mf_iocache.cc
MSG00001.bin Bug#40280: Message compiler(mc.exe) needed to compile MySQL on windows. 2008-10-23 15:28:53 +02:00
my_decimal.cc Bug#37553: MySql Error Compare TimeDiff & Time 2008-11-26 09:28:17 +01:00
my_decimal.h Bug#36023: Incorrect handling of zero length caused an assertion to fail. 2008-04-25 00:39:37 +04:00
my_lock.c
mysql_priv.h Auto merge 2009-04-08 16:17:26 +08:00
mysqld.cc Fix for BUG#43660- SHOW INDEXES/ANALYZE does NOT update cardinality 2009-04-24 16:33:50 +05:30
mysqld_suffix.h
net_serv.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
nt_servc.cc Bug #20430 mysqld.exe windows service stuck in "SERVICE_STOP_PENDING" 2008-11-14 02:01:41 +01:00
nt_servc.h Bug #20430 mysqld.exe windows service stuck in "SERVICE_STOP_PENDING" 2008-11-14 02:01:41 +01:00
opt_range.cc auto-merge 2009-03-19 09:44:58 -04:00
opt_range.h BUG#36639: subselect.test crashes on 64 bit pentium4 when compiled for valgrind, commit into 5.0 2008-08-25 21:02:54 +04:00
opt_sum.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
parse_file.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
parse_file.h Bug #40021: Renaming view fails, archived .frm for view is 2008-11-14 21:25:57 +04:00
password.c
procedure.cc
procedure.h Bug #26461: Intrinsic data type bool (1 byte) redefined to BOOL (4 bytes) 2008-03-21 17:23:17 +02:00
protocol.cc auto-merge 2009-03-19 09:44:58 -04:00
protocol.h
records.cc BUG#35478: sort_union() returns bad data when sort_buffer_size is hit 2008-07-15 18:13:21 +04:00
repl_failsafe.cc Make gcov happy. 2008-03-18 16:38:12 +04:00
repl_failsafe.h
set_var.cc Fix for BUG#43660- SHOW INDEXES/ANALYZE does NOT update cardinality 2009-04-24 16:33:50 +05:30
set_var.h Bug #37339: SHOW VARIABLES not working properly with multi-byte datadir 2008-11-28 16:25:16 +02:00
slave.cc merging from 5.0-bt rep to a local branch 2009-04-30 15:41:47 +03:00
slave.h Bug #38694 Race condition in replication thread shutdown 2009-04-28 14:46:07 +03:00
sp.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sp.h
sp_cache.cc
sp_cache.h
sp_head.cc merging 2009-04-28 14:48:54 +05:00
sp_head.h Bug#25058 ignored return codes in memory allocation functions 2008-11-21 17:38:42 +04:00
sp_pcontext.cc Bug#25058 ignored return codes in memory allocation functions 2008-11-21 17:38:42 +04:00
sp_pcontext.h Bug#25058 ignored return codes in memory allocation functions 2008-11-21 17:38:42 +04:00
sp_rcontext.cc Bug#33618 (Crash in sp_rcontext) 2008-01-23 13:26:41 -07:00
sp_rcontext.h Bug#33618 (Crash in sp_rcontext) 2008-01-23 13:26:41 -07:00
spatial.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
spatial.h
sql_acl.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_acl.h Bug #26461: Intrinsic data type bool (1 byte) redefined to BOOL (4 bytes) 2008-03-21 17:23:17 +02:00
sql_analyse.cc fixed warnings from the fix of 26243 2008-03-29 17:50:46 +02:00
sql_analyse.h Bug #26461: Intrinsic data type bool (1 byte) redefined to BOOL (4 bytes) 2008-03-21 17:23:17 +02:00
sql_array.h Fix for bug #31207: Test "join_nested" shows different strategy on IA64 2007-10-17 20:08:58 +04:00
sql_base.cc Auto merge 2009-04-08 16:17:26 +08:00
sql_bitmap.h
sql_cache.cc auto-merge 2009-03-19 09:44:58 -04:00
sql_cache.h Bug#30087 Set query_cache_size, if the value is too small, get a unclear warning 2008-07-16 16:29:22 -06:00
sql_class.cc Fix for bug#42009: SELECT into variable gives different results to direct SELECT 2009-05-10 20:50:14 +05:00
sql_class.h Auto-merge 2009-03-25 21:50:42 +04:00
sql_client.cc
sql_crypt.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_crypt.h
sql_cursor.cc Bug#37956 memory leak and / or crash with geometry and prepared statements! 2008-12-10 18:13:11 +04:00
sql_cursor.h
sql_db.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_delete.cc Bug #39918 memory (heap) engine crashing with b-tree index and DELETE 2009-05-06 13:37:10 +05:30
sql_derived.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_do.cc
sql_error.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_error.h
sql_handler.cc Bug#44151 using handler commands on information_schema tables crashes server 2009-04-17 12:41:15 +05:00
sql_help.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_insert.cc Auto merge 2009-04-08 16:17:26 +08:00
sql_lex.cc Bug#43230: SELECT ... FOR UPDATE can hang with FLUSH TABLES WITH READ LOCK indefinitely 2009-04-03 16:11:54 -03:00
sql_lex.h Bug#43230: SELECT ... FOR UPDATE can hang with FLUSH TABLES WITH READ LOCK indefinitely 2009-04-03 16:11:54 -03:00
sql_list.cc
sql_list.h Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
sql_load.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_locale.cc Bug#37575 UCASE fails on monthname 2008-12-23 18:08:04 +04:00
sql_manager.cc
sql_manager.h
sql_map.cc type conversions fixed to avoid warnings on Windows 2007-10-23 14:27:11 +05:00
sql_map.h
sql_olap.cc
sql_parse.cc BUG#13684: SP: DROP PROCEDURE|FUNCTION IF EXISTS not binlogged if 2009-04-09 11:40:22 +01:00
sql_prepare.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_rename.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_repl.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_repl.h BUG#31024: STOP SLAVE does not stop attempted connect()s 2008-03-11 14:42:54 +01:00
sql_select.cc Bug #37362: Crash in do_field_eq 2009-05-01 00:20:37 +05:00
sql_select.h Bug #42037: Queries containing a subquery with DISTINCT and 2009-02-05 13:30:39 +04:00
sql_show.cc auto-merge 2009-03-19 09:44:58 -04:00
sql_sort.h
sql_state.c
sql_string.cc auto-merge 2009-03-19 09:44:58 -04:00
sql_string.h Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
sql_table.cc Bug#33146 CHECKSUM TABLE is not interruptable by KILL 2009-04-23 19:52:39 +02:00
sql_test.cc
sql_trigger.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_trigger.h
sql_udf.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
sql_udf.h
sql_union.cc Bug#43612 crash with explain extended, union, order by 2009-05-15 12:03:34 +05:00
sql_update.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_view.cc BUG#37145 Killing a statement doing DDL may log binlog event with error code 1053 2009-03-27 13:19:50 +08:00
sql_view.h Bug#32890 Crash after repeated create and drop of tables and views 2008-02-21 14:58:29 -03:00
sql_yacc.yy merging 2009-04-28 14:48:54 +05:00
stacktrace.c Bug#35987 - post-review fix 2008-09-16 13:16:41 +02:00
stacktrace.h Bug#31745 - crash handler does not work on Windows 2008-02-19 12:37:39 +01:00
strfunc.cc
structs.h Bug#41131 "Questions" fails to increment - ignores statements instead stored procs(5.0 ver) 2008-12-29 16:06:53 +04:00
table.cc auto-merge 2009-03-19 09:44:58 -04:00
table.h Bug #40021: Renaming view fails, archived .frm for view is 2008-11-14 21:25:57 +04:00
thr_malloc.cc Bug#38296 (low memory crash with many conditions in a query) 2008-08-11 10:10:00 -06:00
time.cc
tzfile.h
tztime.cc Bug #42502 huge memory leak possible with timezone 2009-03-19 11:27:45 +01:00
tztime.h Bug #39920: MySQL cannot deal with Leap Second expression in string literal. 2008-12-01 16:18:35 +02:00
udf_example.c Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
udf_example.def Bug #29804 UDF parameters don't contain correct string length 2007-10-17 17:54:11 -04:00
uniques.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
unireg.cc Bug#29125 Windows Server X64: so many compiler warnings 2009-02-10 17:47:54 -05:00
unireg.h Bug#37428 Potential security issue with UDFs - linux shellcode execution. 2008-08-25 17:11:59 +05:00
watchdog_mysqld