- 23 Jun, 2010 3 commits
-
-
sunanda authored
> ------------------------------------------------------------ > revno: 3392.1.1 > revision-id: gshchepa@mysql.com-20100521184732-0jvpzinv0uwyvr2d > parent: sven.sandberg@sun.com-20100520153801-yyhujm1qqa4eyfn0 > committer: Gleb Shchepa <gshchepa@mysql.com> > branch nick: 53804-5.1 > timestamp: Fri 2010-05-21 22:47:32 +0400 > message: > Bug #53804: serious flaws in the alter database .. upgrade > data directory name command > > The check_db_name function has been modified to validate tails of > #mysql50#-prefixed database names for compliance with MySQL 5.0 > database name encoding rules (the check_table_name function call > has been reused).
-
sunanda authored
> ------------------------------------------------------------ > revno: 3386 > revision-id: sergey.glukhov@sun.com-20100518082821-yajhvbv1ghmlpu1n > parent: aelkin@mysql.com-20100516170332-x8priwrdjwolc065 > committer: Sergey Glukhov <Sergey.Glukhov@sun.com> > branch nick: mysql-5.1-bugteam > timestamp: Tue 2010-05-18 13:28:21 +0500 > message: > Bug#48729 SELECT ... FROM INFORMATION_SCHEMA.ROUTINES causes memory to grow > Analysis showed that in case of accessing I_S table > ROUTINES we perform unnecessary allocations > with get_field() function for every processed row that > in their turn causes significant memory growth. > the fix is to avoid use of get_field().
-
sunanda authored
> ------------------------------------------------------------ > revno: 3367 [merge] > revision-id: joro@sun.com-20100504140328-srxf3c088j2twnq6 > parent: kristofer.pettersson@sun.com-20100503172109-f9hracq5pqsaomb1 > parent: joro@sun.com-20100503151651-nakknn8amrapmdp7 > committer: Georgi Kodinov <joro@sun.com> > branch nick: B53371-5.1-bugteam > timestamp: Tue 2010-05-04 17:03:28 +0300 > message: > Bug #53371: COM_FIELD_LIST can be abused to bypass table level grants. > > This is the 5.1 merge and extension of the fix. > The server was happily accepting paths in table name in all places a table > name is accepted (e.g. a SELECT). This allowed all users that have some > privilege over some database to read all tables in all databases in all > mysql server instances that the server file system has access to. > Fixed by : > 1. making sure no path elements are allowed in quoted table name when > constructing the path (note that the path symbols are still valid in table names > when they're properly escaped by the server). > 2. checking the #mysql50# prefixed names the same way they're checked for > path elements in mysql-5.0. > ------------------------------------------------------------ > Use --include-merges or -n0 to see merged revisions.
-
- 22 Jun, 2010 11 commits
-
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.41.1 > revision-id: alexey.kopytov@sun.com-20100430111048-jdls6ofn4kkmpt09 > parent: sergey.glukhov@sun.com-20100329134249-03wyhzp5k92dzhcb > committer: Alexey Kopytov <Alexey.Kopytov@Sun.com> > branch nick: my51-bug48419 > timestamp: Fri 2010-04-30 15:10:48 +0400 > message: > Bug #48419: another explain crash.. > > WHERE predicates containing references to empty tables in a > subquery were handled incorrectly by the optimizer when > executing EXPLAIN. As a result, the optimizer could try to > evaluate such predicates rather than just stop with > "Impossible WHERE noticed after reading const tables" as > it would do in a non-subquery case. This led to valgrind > errors and crashes. > > Fixed the code checking the above condition so that subqueries > are not excluded and hence are handled in the same way as top > level SELECTs.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 1810.3987.14 > revision-id: davi.arnaut@sun.com-20100429132816-ictyul6d75itek22 > parent: ramil@mysql.com-20100429044232-f0pkyx8fnpszf142 > committer: Davi Arnaut <Davi.Arnaut@Sun.COM> > branch nick: 50974-5.0 > timestamp: Thu 2010-04-29 10:28:16 -0300 > message: > Bug#50974: Server keeps receiving big (> max_allowed_packet) packets indefinitely. > > The server could be tricked to read packets indefinitely if it > received a packet larger than the maximum size of one packet. > This problem is aggravated by the fact that it can be triggered > before authentication. > > The solution is to no skip big packets for non-authenticated > sessions. If a big packet is sent before a session is authen- > ticated, a error is returned and the connection is closed. > ------------------------------------------------------------ > revno: 3363 [merge] > revision-id: davi.arnaut@sun.com-20100429231819-i3anwzrdasjmezvt > parent: davi.arnaut@sun.com-20100401131522-895y8uzvv8ag44gs > parent: davi.arnaut@sun.com-20100429132816-ictyul6d75itek22 > committer: Davi Arnaut <Davi.Arnaut@Sun.COM> > branch nick: mysql-5.1-bugteam > timestamp: Thu 2010-04-29 20:18:19 -0300 > message: > Manual merge. > ------------------------------------------------------------ > Use --include-merges or -n0 to see merged revisions.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 1810.3987.13 > revision-id: ramil@mysql.com-20100429044232-f0pkyx8fnpszf142 > parent: alexey.kopytov@sun.com-20100426200600-op06qy98llzpzgl1 > committer: Ramil Kalimullin <ramil@mysql.com> > branch nick: b53237-5.0-bugteam > timestamp: Thu 2010-04-29 08:42:32 +0400 > message: > Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing > > Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only > SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not > checked for sanity. By sending long data for the table a buffer is overflown, which can > be used deliberately to include code that harms". > > Fix: check incoming data length. The patch did not apply cleanly: - Line numbers are completely off, roughly it is 2030 -> 1313 - What is called "pend" in the patch, is "arg_end" in the source.
-
MySQL Build Team authored
> revno: 3351.14.56 > committer: Marko Mdkeld <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Mon 2010-04-26 14:08:56 +0300 > message: > Add a test case for Bug #52745.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.47 > revision-id: marko.makela@oracle.com-20100421095033-0acvzxb8um8cms0a > parent: marko.makela@oracle.com-20100421094032-ir4glqk46qvg2ywn > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Wed 2010-04-21 12:50:33 +0300 > message: > dtuple_convert_big_rec(): Store locally any fields whose maximum length > is less than 256 bytes. (Bug #52745) > Add related comments and debug assertions to the "offsets" > functions in rem0rec.c. > Approved by Sunny Bains
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.47.2 > revision-id: marko.makela@oracle.com-20100511104910-nim8kgguawpis7zo > parent: marko.makela@oracle.com-20100511104500-c6kzd0bg5s42p8e9 > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: mysql-5.1-innodb2 > timestamp: Tue 2010-05-11 13:49:10 +0300 > message: > btr_page_split_and_insert(): Add an assertion > suggested by Sunny Bains when reviewing Bug #52964.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.47.1 > revision-id: marko.makela@oracle.com-20100511104500-c6kzd0bg5s42p8e9 > parent: vasil.dimov@oracle.com-20100510132852-cz457uqvj8iiy9mm > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: mysql-5.1-innodb2 > timestamp: Tue 2010-05-11 13:45:00 +0300 > message: > Remove a stray expression. Spotted by Sunny Bains.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.74 > revision-id: marko.makela@oracle.com-20100504093128-44v6glupe1dsh0ug > parent: marko.makela@oracle.com-20100503122859-k73bl51re93o0mt4 > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Tue 2010-05-04 12:31:28 +0300 > message: > btr_page_split_and_insert(): Correct the fix of Bug #52964. > When split_rec==NULL, choose the correct node pointer key (first_rec).
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.50 > revision-id: marko.makela@oracle.com-20100421185359-8qaxoa2yyrpzwdd7 > parent: marko.makela@oracle.com-20100421102723-0i80uezbyu0ekj5d > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Wed 2010-04-21 21:53:59 +0300 > message: > btr_page_split_and_insert(): Avoid an infinite loop. (Bug #52964) > > btr_page_tuple_smaller(): New function, refactored from > btr_page_split_and_insert(). > > btr_page_get_split_rec(): Renamed from btr_page_get_sure_split_rec(). > Note that a NULL return may mean that the tuple is to be inserted into > either the lower or upper page, to be determined by btr_page_tuple_smaller(). > > btr_page_split_and_insert(): When btr_page_get_split_rec() returns NULL, > invoke btr_page_tuple_smaller() to determine which half-page the tuple > belongs to. > > Reviewed by Sunny Bains
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3362 > revision-id: davi.arnaut@sun.com-20100401131522-895y8uzvv8ag44gs > parent: ramil@mysql.com-20100429045409-r7r5lcyiruis15v7 > committer: Davi Arnaut <Davi.Arnaut@Sun.COM> > branch nick: 50755-5.1 > timestamp: Thu 2010-04-01 10:15:22 -0300 > message: > Bug#50755: Crash if stored routine def contains version comments > > The problem was that a syntactically invalid trigger could cause > the server to crash when trying to list triggers. The crash would > happen due to a mishap in the backup/restore procedure that should > protect parser items which are not associated with the trigger. The > backup/restore is used to isolate the parse tree (and context) of > a statement from the load (and parsing) of a trigger. In this case, > a error during the parsing of a trigger could cause the improper > backup/restore sequence. > > The solution is to properly restore the original statement context > before the parser is exited due to syntax errors in the trigger body.
-
karen.langford@oracle.com authored
-
- 06 Apr, 2010 2 commits
-
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
- 05 Apr, 2010 1 commit
-
-
Sergey Glukhov authored
The problem is that we can not use make_cond_for_table(). This function relies on used_tables() condition which is not set properly for subqueries. As result subquery is not filtered out. The fix is to use remove_eq_conds() function instead of make_cond_for_table() func. 'remove_eq_conds()' algorithm relies on const_item() value and it allows to handle subqueries in right way.
-
- 02 Apr, 2010 1 commit
-
-
Gleb Shchepa authored
Procedure, while DECIMAL works Selecting of the CONCAT(...<SP variable>...) result into a user variable may return wrong data. Item_func_concat::val_str contains a number of memory allocation-saving tricks. One of them concatenates strings inplace inserting the value of one string at the beginning of the other string. However, this trick didn't care about strings those points to the same data buffer: this is possible when a CONCAT() parameter is a stored procedure variable - Item_sp_variable::val_str() uses the intermediate Item_sp_variable::str_value field, where it may store a reference to an external buffer. The Item_func_concat::val_str function has been modified to take into account val_str functions (such as Item_sp_variable::val_str) that return a pointer to an internal Item member variable that may reference to a buffer provided.
-
- 01 Apr, 2010 22 commits
-
-
Anurag Shekhar authored
on index 'my_decimal' class has two members which can be used to access the value. The member variable buf (inherited from parent class decimal_t) is set to member variable buffer so that both are pointing to same value. Item_copy_decimal::copy() uses memcpy to clone 'my_decimal'. The member buffer is declared as an array and memcpy results in copying the values of the array, but the inherited member buf, which should be pointing at the begining of the array 'buffer' starts pointing to the begining of buffer in original object (which is being cloned). Further updates on 'my_decimal' updates only the inherited member 'buf' but leaves buffer unchanged. Later when the new object (which now holds a inconsistent value) is cloned again using proper cloning function 'my_decimal2decimal' the buf pointer is fixed resulting in loss of the current value. Using my_decimal2decimal instead of memcpy in Item_copy_decimal::copy() fixed this problem.
-
Sergey Vojtovich authored
-
Sergey Vojtovich authored
-
Sergey Vojtovich authored
data and index files It was possible if DATA/INDEX DIRECTORY is pointing to symlinked MySQL data home directory. Do not allow to drop data/index files implicitly symlinked to data home directory. For such tables remove symlink only.
-
Sergey Vojtovich authored
Detailed revision comments: r6900 | mmakela | 2010-03-29 13:54:57 +0300 (Mon, 29 Mar 2010) | 5 lines branches/zip: Merge c6899 from branches/innodb+: Add debug assertions to track down Bug #52360. hash_table_t::magic_n: Add HASH_TABLE_MAGIC_N checks, which were fully absent. ut_hash_ulint(): Assert table_size > 0 before division.
-
Sergey Vojtovich authored
Detailed revision comments: r6897 | mmakela | 2010-03-29 11:36:19 +0300 (Mon, 29 Mar 2010) | 3 lines branches/zip: innodb_mutex_show_status(): Fix a condition that was accidentally negated in r6781, making SHOW ENGINE INNODB MUTEX STATUS display only locks with no OS waits.
-
Sergey Vojtovich authored
Detailed revision comments: r6891 | vdimov | 2010-03-26 16:19:01 +0200 (Fri, 26 Mar 2010) | 5 lines Non-functional change: update copyright year to 2010 of the files that have been modified after 2010-01-01 according to svn. for f in $(svn log -v -r{2010-01-01}:HEAD |grep "^ M " |cut -b 16- |sort -u) ; do sed -i "" -E 's/(Copyright \(c\) [0-9]{4},) [0-9]{4}, (.*Innobase Oy.+All Rights Reserved)/\1 2010, \2/' $f ; done
-
Sergey Vojtovich authored
Detailed revision comments: r6875 | vdimov | 2010-03-25 18:18:15 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Wrap line at 78 column in ChangeLog.
-
Sergey Vojtovich authored
Detailed revision comments: r6874 | vdimov | 2010-03-25 17:17:52 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Wrap ChangeLog at 78th column
-
Sergey Vojtovich authored
Detailed revision comments: r6873 | vdimov | 2010-03-25 17:06:56 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Use Bug#N instead of Bug #N to be consistent with the rest of the fil.
-
Sergey Vojtovich authored
Detailed revision comments: r6872 | vdimov | 2010-03-25 17:03:17 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Fix ChangeLog - write only the bug title in bugs.mysql.com-related entires.
-
Sergey Vojtovich authored
Detailed revision comments: r6871 | vdimov | 2010-03-25 16:39:44 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Whitespace fixup to be consistent with the rest of the file.
-
Sergey Vojtovich authored
Detailed revision comments: r6868 | mmakela | 2010-03-25 13:03:08 +0200 (Thu, 25 Mar 2010) | 1 line branches/zip: page_validate(): Check the buf[] bounds.
-
Sergey Vojtovich authored
Detailed revision comments: r6864 | mmakela | 2010-03-24 14:05:53 +0200 (Wed, 24 Mar 2010) | 1 line branches/zip: dtype_new_store_for_order_and_null_size(): Add ut_ad() on mtype.
-
Sergey Vojtovich authored
Detailed revision comments: r6861 | vdimov | 2010-03-23 19:31:02 +0200 (Tue, 23 Mar 2010) | 36 lines branches/zip: Merge joerg@mysql.com-20100322150231-vdq0afbqtmbs6phy from BZR, Including univ.i before mysql/plugin.h is needed to avoid this compiler error: o This is how gcc puts it: o > > ccache /usr/local/gcc-4.3.2/bin/gcc -static-libgcc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I../../include -I../../regex -I./include -I../../sql -I. -I../../zlib -g -O3 -march=i686 -DUNIV_LINUX -MT libinnobase_a-trx0i_s.o -MD -MP -MF .deps/libinnobase_a-trx0i_s.Tpo -c -o libinnobase_a-trx0i_s.o `test -f 'trx/trx0i_s.c' || echo './'`trx/trx0i_s.c o > > In file included from ./include/univ.i:114, o > > from trx/trx0i_s.c:36: o > > ../../include/my_pthread.h:628: error: expected ')' before '*' token o > > In file included from ../../include/my_pthread.h:732, o > > from ./include/univ.i:114, o > > from trx/trx0i_s.c:36: o > > ../../include/mysql/psi/mysql_thread.h:100: error: expected specifier-qualifier-list before 'pthread_rwlock_t' o > > ../../include/mysql/psi/mysql_thread.h:116: error: expected specifier-qualifier-list before 'pthread_rwlock_t' o > > ../../include/mysql/psi/mysql_thread.h: In function 'inline_mysql_rwlock_init': o > > ../../include/mysql/psi/mysql_thread.h:711: error: 'mysql_rwlock_t' has no member named 'm_psi' o > > ../../include/mysql/psi/mysql_thread.h:716: error: 'mysql_rwlock_t' has no member named 'm_rwlock' o > > .... ((continued)) o o Intel's icc gives slightly clearer messages: o > > icc -static-intel -static-libgcc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I../../include -I../../regex -I./include -I../../sql -I. -I../../zlib -O3 -g -unroll2 -ip -mp -restrict -no-ftz -no-prefetch -DUNIV_LINUX -MT libinnobase_a-trx0i_s.o -MD -MP -MF .deps/libinnobase_a-trx0i_s.Tpo -c -o libinnobase_a-trx0i_s.o `test -f 'trx/trx0i_s.c' || echo './'`trx/trx0i_s.c o > > ../../include/my_pthread.h(628): error: identifier "pthread_rwlock_t" is undefined o > > extern int rw_pr_init(rw_pr_lock_t *); o > > ^ o > > o > > ../../include/mysql/psi/mysql_thread.h(100): error: identifier "pthread_rwlock_t" is undefined o > > rw_lock_t m_rwlock; o > > ^ o > > o > > ../../include/mysql/psi/mysql_thread.h(116): error: identifier "pthread_rwlock_t" is undefined o > > rw_pr_lock_t m_prlock; o > > ^
-
Sergey Vojtovich authored
Detailed revision comments: r6860 | jyang | 2010-03-23 18:20:36 +0200 (Tue, 23 Mar 2010) | 5 lines branches/zip: This is patch from Inaam that uses red-black tree to speed up insertions into the flush_list and thus the recovery process. The patch has been tested by Nokia.
-
Sergey Vojtovich authored
Detailed revision comments: r6858 | mmakela | 2010-03-23 14:09:24 +0200 (Tue, 23 Mar 2010) | 1 line branches/zip: innodb_read_ahead_threshold: Add missing space to help string.
-
Sergey Vojtovich authored
Detailed revision comments: r6857 | mmakela | 2010-03-23 14:07:53 +0200 (Tue, 23 Mar 2010) | 1 line branches/zip: innodb_change_buffering: Correct the documentation.
-
Sergey Vojtovich authored
Detailed revision comments: r6853 | marko | 2010-03-22 13:35:29 +0200 (Mon, 22 Mar 2010) | 1 line branches/zip: mutex_own(), rw_lock_own(): Add attribute((warn_unused_result)).
-
Sergey Vojtovich authored
Detailed revision comments: r6840 | calvin | 2010-03-19 00:32:23 +0200 (Fri, 19 Mar 2010) | 6 lines branches/zip: Fix Bug #52102 InnoDB Plugin shows performance drop comparing to builtin InnoDB (Windows only). Disable Windows atomics by default. Approved by: Inaam
-
Sergey Vojtovich authored
Detailed revision comments: r6830 | marko | 2010-03-18 09:48:18 +0200 (Thu, 18 Mar 2010) | 3 lines branches/zip: buf_page_peek_if_too_old(): Use 32-bit arithmetics when comparing the age of access_time to buf_LRU_old_threshold_ms. This fixes a bug on 64-bit systems.
-
Sergey Vojtovich authored
Detailed revision comments: r6828 | calvin | 2010-03-17 17:16:38 +0200 (Wed, 17 Mar 2010) | 7 lines branches/zip: rename IB_HAVE_PAUSE_INSTRUCTION to HAVE_IB_PAUSE_INSTRUCTION in CMakeLists.txt. The rename was done as r5871, but CMakeLists.txt was forgotten. Also, add INNODB_RW_LOCKS_USE_ATOMICS to CMake.
-