1. 13 Jan, 2011 10 commits
    • Ole John Aske's avatar
      Fix for #58422: Incorrect result when OUTER JOIN'ing with an empty table. · f8697642
      Ole John Aske authored
      Fixed incorrect checks in join_read_const_table() for when to 
      accept a non-existing, or empty const-row as a part of the const'ified 
      set of tables.
            
      Intention of this test is to only accept NULL-rows if this table is outer joined
      into the resultset. (In case of an inner-join we can conclude at this point that 
      resultset will be empty, end we want to return 'error' to signal this.)
            
      Initially 'maybe_null' is set to the same value as 'outer_join' in 
      setup_table_map(), mysql_priv.h ~line 2424. Later simplify_joins() will
      attemp to replace outer joins by inner join whenever possible. This
      will cause 'outer_join' to be updated. However, 'maybe_null' is *not* updated
      to reflect this rewrite as this field is used to currectly set the 'nullability'
      property for the columns in the resultset.
            
      We should therefore change join_read_const_table() to check the 'outer_join'
      property instead of 'maybe_null', as this correctly reflect the nullability of
      the *execution plan* (not *resultset*).
      f8697642
    • Nirbhay Choubey's avatar
      Merging from mysql-5.1. · 24eba429
      Nirbhay Choubey authored
      24eba429
    • Nirbhay Choubey's avatar
      Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring · db36f639
      Nirbhay Choubey authored
                  null from mysql_store_result.
      
      mysqlslap segfaults at a point when it tries to fetch rows from
      the result set.
      
      Under some circumstances, mysql_store_result can return 'NULL',
      even after query execution (mysql_query) succeeds, and eventually
      a segfault might occur if same unchecked return value is passed
      to mysql_fetch_row.
      
      Fixed by adding a check on mysql_store_result's return value.
      
      
      client/mysqlslap.c:
        Bug#59109 : mysqlslap crashes on mysql_fetch_row after ignoring
                    null from mysql_store_result.
        
        Added a check on mysql_store_result's return value. A 'NULL' return
        value here shows an erroneous situation as mysql_field_count has already
        reported a non-zero value.
      db36f639
    • Ole John Aske's avatar
      Fix for bug#58134: 'Incorrectly condition pushdown inside subquery to NDB engine' · ad4c839f
      Ole John Aske authored
      An incorrect 'table_map' containing both the table itself, 
      and possible any outer-refs if this was the last table in 
      the subquery, was presented to make_cond_for_table().
            
      As a pushed condition is only able to refer column from the table
      the condition is pushed to, nothing else than columns from the
      table itself (tab->table->map) may be refered in the pushed condition
      constructed by 'push_cond= make_cond_for_table()'. 
            
      Also fix a minor 'copy and paste' bug in a comment 
      inside make_cond_for_table().
      
      No testcase is possible on mainbranch as the NDB engine is not available (yet)
      on mysql >= 5.5
      ad4c839f
    • Georgi Kodinov's avatar
      null merge of the version bumps. · 71be3381
      Georgi Kodinov authored
      71be3381
    • Georgi Kodinov's avatar
      bumped up the version to 5.1.56 · dcf98282
      Georgi Kodinov authored
      dcf98282
    • Georgi Kodinov's avatar
      bumped up the version to 5.0.93 · f949ac55
      Georgi Kodinov authored
      f949ac55
    • Ole John Aske's avatar
      Fix for Bug#57034 incorrect OUTER JOIN result when joined on unique key · a6c41291
      Ole John Aske authored
      Item_equal::val_int() checked for NULL-values by checking Item::null_value
      *before* the respective ::store_value() and ::cmp(Item*) metods where called.
      
      As Item::null_value is set by these metods, the value of 'null_value' 
      is not valid until *after* ::store_value() or ::cmp() has
      been called for the Item object.
            
      Fix is to swap order of ::store_value()/::cmp() and checking of Item::null_value.
      This pattern is widely used other places inside item_cmpfunc.cc .
      
      a6c41291
    • Martin Hansson's avatar
      Merge of fix for Bug#58165. · ef6b98ee
      Martin Hansson authored
      ef6b98ee
    • Martin Hansson's avatar
      Bug#58165: "my_empty_string" gets modified and causes LOAD DATA to fail and · 716b64cd
      Martin Hansson authored
      other crashes
      
      Some string manipulating SQL functions use a shared string object intended to
      contain an immutable empty string. This object was used by the SQL function
      SUBSTRING_INDEX() to return an empty string when one argument was of the wrong
      datatype. If the string object was then modified by the sql function INSERT(),
      undefined behavior ensued.
      
      Fixed by instead modifying the string object representing the function's
      result value whenever string manipulating SQL functions return an empty
      string.
      
      Relevant code has also been documented.
      716b64cd
  2. 12 Jan, 2011 17 commits
    • Bjorn Munch's avatar
      null upmerge · df3b2340
      Bjorn Munch authored
      df3b2340
    • Bjorn Munch's avatar
      merge from 5.5-mtr · add4d5c0
      Bjorn Munch authored
      add4d5c0
    • Bjorn Munch's avatar
      merge from 5.1-mtr · a581444c
      Bjorn Munch authored
      a581444c
    • Evgeny Potemkin's avatar
      Auto-merge. · b0be97db
      Evgeny Potemkin authored
      b0be97db
    • Bjorn Munch's avatar
      null upmerge · bc4ed7e3
      Bjorn Munch authored
      bc4ed7e3
    • Bjorn Munch's avatar
      merge from 5.5 main · c3047a7e
      Bjorn Munch authored
      c3047a7e
    • Bjorn Munch's avatar
      merge from 5.1 · 25186917
      Bjorn Munch authored
      25186917
    • Dmitry Lenev's avatar
      Merged fix for bug #58499 "DEFINER-security view selecting from · 7aa99960
      Dmitry Lenev authored
      INVOKER-security view access check wrong" into mysql-5.5 tree.
      7aa99960
    • Bjorn Munch's avatar
      Bug #58841 Generalise handling of plugins in MTR mysql-test-run.pl script · 54e7b4e9
      Bjorn Munch authored
      Follow-up fix: mtr died if trying to run semisync test w/o the plugin
      54e7b4e9
    • Alexey Botchkov's avatar
      merging. · 75c2a822
      Alexey Botchkov authored
      75c2a822
    • Dmitry Lenev's avatar
      Fix for bug #58499 "DEFINER-security view selecting from · 599457ae
      Dmitry Lenev authored
      INVOKER-security view access check wrong".
      
      When privilege checks were done for tables used from an 
      INVOKER-security view which in its turn was used from 
      a DEFINER-security view connection's active security
      context was incorrectly used instead of security context
      with privileges of the second view's creator.
      
      This meant that users which had enough rights to access
      the DEFINER-security view and as result were supposed to 
      be able successfully access it were unable to do so in 
      cases when they didn't have privileges on underlying tables 
      of the INVOKER-security view.
      
      This problem was caused by the fact that for INVOKER-security
      views TABLE_LIST::security_ctx member for underlying tables
      were set to 0 even in cases when particular view was used from 
      another DEFINER-security view. This meant that when checks of
      privileges on these underlying tables was done in
      setup_tables_and_check_access() active connection security 
      context was used instead of context corresponding to the 
      creator of caller view.
      
      This fix addresses the problem by ensuring that underlying
      tables of an INVOKER-security view inherit security context
      from the view and thus correct security context is used for
      privilege checks on underlying tables in cases when such view 
      is used from another view with DEFINER-security.
      
      mysql-test/r/view_grant.result:
        Added coverage for various combinations of DEFINER and
        INVOKER-security views, including test for bug #58499
        "DEFINER-security view selecting from INVOKER-security
        view access check wrong".
      mysql-test/t/view_grant.test:
        Added coverage for various combinations of DEFINER and
        INVOKER-security views, including test for bug #58499
        "DEFINER-security view selecting from INVOKER-security
        view access check wrong".
      sql/sql_view.cc:
        When opening a non-suid view ensure that its underlying 
        tables will get the same security context as use for
        checking privileges on the view, i.e. security context
        of view invoker. This context can be different from the
        security context which is currently active for connection 
        in cases when this non-suid view is used from a view with
        suid security. Inheriting security context in such situation
        allows correctly apply privileges of creator of suid view
        in checks for tables of non-suid view (since in this 
        situation creator/definer of suid view serves as invoker
        for non-suid view).
      599457ae
    • Alexey Botchkov's avatar
      Bug #57321 crashes and valgrind errors from spatial types · 33c78e32
      Alexey Botchkov authored
              Item_func_spatial_collection::fix_length_and_dec didn't call parent's method, so
              the maybe_null was set to '0' after it. But in this case the result was
              just NULL, that caused wrong behaviour.
      
      per-file comments:
        mysql-test/r/gis.result
      Bug #57321 crashes and valgrind errors from spatial types 
              test result updated.
      
        mysql-test/t/gis.test
      Bug #57321 crashes and valgrind errors from spatial types 
              test case added.
        sql/item_geofunc.h
      Bug #57321 crashes and valgrind errors from spatial types 
              Item_func_geometry::fix_length_and_dec() called in
              Item_func_spatial_collection::fix_length_and_dec().
      33c78e32
    • Evgeny Potemkin's avatar
      Bug#59330: Incorrect result when comparing an aggregate function with · 0a80d5bd
      Evgeny Potemkin authored
      TIMESTAMP.
      
      Item_cache::get_cache wasn't treating TIMESTAMP as a DATETIME value thus
      returning string cache for items with TIMESTAMP type. This led to incorrect
      TIMESTAMP -> INT conversion and to a wrong query result.
      
      Fixed by using Item::is_datetime function to check for DATETIME type group.
      
      
      mysql-test/r/type_timestamp.result:
        Added a test case for the bug#59330.
      mysql-test/t/type_timestamp.test:
        Added a test case for the bug#59330.
      sql/item.cc:
        Bug#59330: Incorrect result when comparing an aggregate function with
        TIMESTAMP.
        Item_cache::get_cache now uses is_datetime member function to detect DATETIME
        type group.
      0a80d5bd
    • Ole John Aske's avatar
      Fix for bug#58818: Incorrect result for IN/ANY subquery · bbf40ba3
      Ole John Aske authored
      If the ::single_value_transformer() find an existing HAVING condition it used
      to do the transformation:
                  
        1) HAVING cond -> (HAVING Cond) AND (cond_guard (Item_ref_null_helper(...))
            
      As the AND condition in 1) is Mc'Carty evaluated, the
      right side of the AND cond should be executed only if the 
      original 'HAVING evaluated' to true.
            
      However, as we failed to set 'top_level' for the tranformed HAVING condition,
      'abort_on_null' was FALSE after transformation. An
      UNKNOWN having condition will then not terminate evaluation of the
      transformed having condition, and we incorrectly continued
      into the Item_ref_null_helper() part.
      bbf40ba3
    • Martin Hansson's avatar
      Merge of fix for Bug#58207. · 2fbee31f
      Martin Hansson authored
      2fbee31f
    • Bjorn Munch's avatar
      Bug #59182 output of mysql-test-run.pl - mismatch between col names and actual col contents · 7b64f3a8
      Bjorn Munch authored
      New patch, avoid global $opt_parallel
      I still prefer not to print workerid when not doing parallel
      7b64f3a8
    • Martin Hansson's avatar
      Bug#58207: invalid memory reads when using default column value and · 3c5662c1
      Martin Hansson authored
      tmptable needed
      
      The function DEFAULT() works by modifying the the data buffer pointers (often
      referred to as 'record' or 'table record') of its argument. This modification
      is done during name resolution (fix_fields().) Unfortunately, the same
      modification is done when creating a temporary table, because default values
      need to propagate to the new table.
      
      Fixed by skipping the pointer modification for fields that are arguments to
      the DEFAULT function.
      3c5662c1
  3. 11 Jan, 2011 13 commits