1. 05 May, 2010 4 commits
    • Georgi Kodinov's avatar
      tree name change · 43bb40e0
      Georgi Kodinov authored
      43bb40e0
    • Georgi Kodinov's avatar
      merge · aba66c67
      Georgi Kodinov authored
      aba66c67
    • Georgi Kodinov's avatar
      tree name change · c5b14cda
      Georgi Kodinov authored
      c5b14cda
    • Georgi Kodinov's avatar
      On behalf of Kristofer : · addd0a3e
      Georgi Kodinov authored
      Bug#53417 my_getwd() makes assumptions on the buffer sizes which not always hold true
            
      The mysys library contains many functions for rewriting file paths. Most of these
      functions makes implicit assumptions on the buffer sizes they write to. If a path is put
      in my_realpath() it will propagate to my_getwd() which assumes that the buffer holding
      the path name is greater than 2. This is not true in cases.
            
      In the special case where a VARBIN_ITEM is passed as argument to the LOAD_FILE function
      this can lead to a crash.
            
      This patch fixes the issue by introduce more safe guards agaist buffer overruns.
      addd0a3e
  2. 04 May, 2010 5 commits
  3. 03 May, 2010 4 commits
    • Kristofer Pettersson's avatar
      Automerge · 95e712b0
      Kristofer Pettersson authored
      95e712b0
    • Kristofer Pettersson's avatar
      Bug#50373 --secure-file-priv="" · 5dd5d705
      Kristofer Pettersson authored
      Iterative patch improvement. Previously committed patch
      caused wrong result on Windows. The previous patch also
      broke secure_file_priv for symlinks since not all file
      paths which must be compared against this variable are
      normalized using the same norm.
      
      The server variable opt_secure_file_priv wasn't
      normalized properly and caused the operations
      LOAD DATA INFILE .. INTO TABLE ..
      and
      SELECT load_file(..)
      to do different interpretations of the 
      --secure-file-priv option.
           
      The patch moves code to the server initialization
      routines so that the path always is normalized
      once and only once.
            
      It was also intended that setting the option
      to an empty string should be equal to 
      lifting all previously set restrictions. This
      is also fixed by this patch.
      
      
      mysql-test/r/loaddata.result:
        * Removed test code which will currently break the much used --mem feature of mtr.
      mysql-test/t/loaddata.test:
        * Removed test code which will currently break the much used --mem feature of mtr.
      sql/item_strfunc.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      sql/mysql_priv.h:
        * Added signature for is_secure_file_path()
      sql/mysqld.cc:
        * New function for checking if a path compatible with the secure path restriction.
        * Added initialization of the opt_secure_file_priv variable.
      sql/sql_class.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      sql/sql_load.cc:
        * Replaced string comparing code on opt_secure_file_priv with an interface which guarantees that both file paths are normalized using the same norm on all platforms.
      5dd5d705
    • Georgi Kodinov's avatar
      Bug #53371: COM_FIELD_LIST can be abused to bypass table level grants. · f63608ea
      Georgi Kodinov authored
      The server was not checking the supplied to COM_FIELD_LIST table name
      for validity and compliance to acceptable table names standards.
      Fixed by checking the table name for compliance similar to how it's 
      normally checked by the parser and returning an error message if 
      it's not compliant.
      f63608ea
    • unknown's avatar
      Raise version number after cloning 5.0.91 · 1f3305f6
      unknown authored
      1f3305f6
  4. 01 May, 2010 2 commits
  5. 30 Apr, 2010 3 commits
    • Alexey Kopytov's avatar
      Automerge. · 26570994
      Alexey Kopytov authored
      26570994
    • Alexey Kopytov's avatar
      Bug #48419: another explain crash.. · 97374a11
      Alexey Kopytov authored
      WHERE predicates containing references to empty tables in a
      subquery were handled incorrectly by the optimizer when
      executing EXPLAIN. As a result, the optimizer could try to
      evaluate such predicates rather than just stop with
      "Impossible WHERE noticed after reading const tables" as 
      it would do in a non-subquery case. This led to valgrind 
      errors and crashes.
      
      Fixed the code checking the above condition so that subqueries
      are not excluded and hence are handled in the same way as top
      level SELECTs.
      
      mysql-test/r/explain.result:
        Added a test case for bug #48419.
      mysql-test/r/ps.result:
        Updated test results to take the new (and more correct)
        "Extra" comments in execution plans.
      mysql-test/t/explain.test:
        Added a test case for bug #48419.
      sql/sql_select.cc:
        There is no point in excluding subqueries from checking
        for identically false WHERE conditions.
      97374a11
    • Vasil Dimov's avatar
      Disable innodb.innodb, main.ps_3innodb and main.partition_innodb_plugin · 3bffc40a
      Vasil Dimov authored
      mysql-tests because those emit (spurious?) valgrind warnings.
      3bffc40a
  6. 29 Apr, 2010 7 commits
  7. 28 Apr, 2010 5 commits
    • Vasil Dimov's avatar
      Bug#53046 dict_update_statistics_low can still be run concurrently · 6fa8e485
      Vasil Dimov authored
      on same table
      
      Followup to vasil.dimov@oracle.com-20100428102033-dt3caf531rs3lidr :
      
      Add more asserions, which I forgot.
      6fa8e485
    • Vasil Dimov's avatar
      Revert the fix of Bug#38996 Race condition in ANALYZE TABLE · b7ef4f17
      Vasil Dimov authored
      This is branches/zip@r6032 in SVN and _is part_ of
      revid:svn-v4:16c675df-0fcb-4bc9-8058-dcc011a37293:branches/zip:6113
      in BZR.
      
      This is being reverted because now the code is serialized directly on
      index->stat_n_diff_key_vals[] as the fix for
      Bug#53046 dict_update_statistics_low can still be run concurrently on same table
      goes.
      b7ef4f17
    • Vasil Dimov's avatar
      Followup to vasil.dimov@oracle.com-20100428084627-wtrmc66wqvjsdgj7: · 330f93bc
      Vasil Dimov authored
      Address Marko's suggestions wrt the fix of
      Bug#53046 dict_update_statistics_low can still be run concurrently
      on same table
      330f93bc
    • Vasil Dimov's avatar
      Fix Bug#53046 dict_update_statistics_low can still be run concurrently · 2b57b076
      Vasil Dimov authored
      on same table
      
      Protect dict_index_t::stat_n_diff_key_vals[] with an array of
      mutexes.
      
      Testing: tested all code paths under UNIV_SYNC_DEBUG
      for the one in dict_print() one has to enable the InnoDB table monitor:
      CREATE TABLE innodb_table_monitor (a int) ENGINE=INNODB;
      2b57b076
    • Marko Makela's avatar
      Merge r6103 from InnoDB Plugin to the built-in InnoDB to fix Bug #53202: · 91702fd3
      Marko Makela authored
        ------------------------------------------------------------------------
        r6103 | marko | 2009-10-26 15:46:18 +0200 (Mon, 26 Oct 2009) | 4 lines
        Changed paths:
           M /branches/zip/row/row0ins.c
      
        branches/zip: row_ins_alloc_sys_fields(): Zero out the system columns
        DB_TRX_ID, DB_ROLL_PTR and DB_ROW_ID, in order to avoid harmless
        Valgrind warnings about uninitialized data.  (The warnings were
        harmless, because the fields would be initialized at a later stage.)
        ------------------------------------------------------------------------
      91702fd3
  8. 27 Apr, 2010 6 commits
  9. 26 Apr, 2010 4 commits
    • Alexey Kopytov's avatar
      Backport of the fix for bug #50335 to 5.0. · 6d43510a
      Alexey Kopytov authored
      The problem was in an incorrect debug assertion. The expression
      used in the failing assertion states that when finding
      references matching ORDER BY expressions, there can be only one
      reference to a single table. But that does not make any sense,
      all test cases for this bug are valid examples with multiple
      identical WHERE expressions referencing the same table which
      are also present in the ORDER BY list.
      
      Fixed by removing the failing assertion. We also have to take
      care of the 'found' counter so that we count multiple
      references only once. We rely on this fact later in
      eq_ref_table().
      
      mysql-test/r/join.result:
        Added a test case for bug #50335.
      mysql-test/t/join.test:
        Added a test case for bug #50335.
      sql/sql_select.cc:
        Removing the assertion in eq_ref_table() as it does not make
        any sense. We also have to take care of the 'found' counter so
        that we count multiple references only once. We rely on this
        fact later in eq_ref_table().
      6d43510a
    • Marko Mäkelä's avatar
      lock_rec_queue_validate(): Disable a bogus check that · 4d646bd1
      Marko Mäkelä authored
      a transaction that holds a lock on a clustered index record
      also holds a lock on the secondary index record.
      4d646bd1
    • Marko Mäkelä's avatar
      30d62984
    • Marko Mäkelä's avatar
      Add a test case for Bug #52745. · bd4a354c
      Marko Mäkelä authored
      bd4a354c