1. 14 Dec, 2012 4 commits
  2. 13 Dec, 2012 7 commits
    • Ravinder Thakur's avatar
      Merging from 5.1 to 5.5 for bug#11761752 · e604bb8a
      Ravinder Thakur authored
      e604bb8a
    • Marko Mäkelä's avatar
      Follow-up fix to Bug#14628410: Remove the Windows InnoDB Plugin specific · c85f51f9
      Marko Mäkelä authored
      implementation of innobase_mysql_tmpfile() from MySQL 5.5 onwards.
      c85f51f9
    • Ravinder Thakur's avatar
      bug#11761752: DO NOT ALLOW USE OF ALTERNATE DATA STREAMS ON NTFS FILESYSTEM. · 2d16c5bd
      Ravinder Thakur authored
      File names with colon are being disallowed because of the Alternate Data 
      Stream (ADS) feature of NTFS that could be misused. ADS allows data to be 
      written to alternate streams of a normal file. The data in alternate 
      streams cannot be seen by normal tools on Windows (explorer, cmd.exe). As 
      a result someone can use this feature to hide large amount of data in 
      alternate streams and admins will have no easy way of figuring out the 
      files that are using that disk space. The fix also disallows ADS in the 
      scenarios where file name is passed as some dynamic variable.
      
      An important thing about the fix is that it DOES NOT disallow ADS file 
      names if they are not dynamic (i.e. if the file is created by using some 
      option that needs local access to the MySQL server, for example error log
      file). The reasoning is that if some MySQL option related to files 
      requires access to the local machine (it is not dynamic), then user can very 
      well create data in ADS by some other means. This fixes only those scenarios 
      which can allow users to create data in ADS over the wire.
      
      File names with colon are being disallowed only on Windows. UNIX 
      (Linux in particular) supports NTFS, but it will not be a common 
      scenario for someone to configure a NTFS file system to store MySQL 
      data on Linux.
      
      Changes in file bug11761752-master.opt are needed due to 
      bug number 15937938.
      2d16c5bd
    • Satya Bodapati's avatar
      bf42e842
    • Satya Bodapati's avatar
      Bug#14628410 - ASSERTION `! IS_SET()' FAILED IN DIAGNOSTICS_AREA::SET_OK_STATUS · b0213a2b
      Satya Bodapati authored
      The error code returned from Merge file/Temp file creation functions are
      ignored.
      
      Use the return codes of the row_merge_file_create() and innobase_mysql_tmpfile()
      to return the error to caller if file creation fails.
      
      Approved by Marko. rb#1618
      b0213a2b
    • Harin Vadodaria's avatar
      Bug#15965288: BUFFER OVERFLOW IN YASSL FUNCTION · ff73218b
      Harin Vadodaria authored
                    DOPROCESSREPLY()
      
      Description: Merge from 5.1 to 5.5
      ff73218b
    • Harin Vadodaria's avatar
      Bug#15965288: BUFFER OVERFLOW IN YASSL FUNCTION · cbc9373f
      Harin Vadodaria authored
                    DOPROCESSREPLY()
      
      Description: Function DoProcessReply() calls function
                   decrypt_message() in a while loop without
                   performing a check on available buffer
                   space. This can cause buffer overflow and
                   crash the server. This patch is fix provided
                   by Sawtooth to resolve the issue.
      cbc9373f
  3. 12 Dec, 2012 3 commits
  4. 11 Dec, 2012 7 commits
    • Dmitry Lenev's avatar
      Bug #15954872 "MAKE MDL SUBSYSTEM AND TABLE DEFINITION CACHE · 4235e46e
      Dmitry Lenev authored
      ROBUST AGAINST BUGS IN CALLERS".
      
      Both MDL subsystems and Table Definition Cache code assume
      that callers ensure that names of objects passed to them are
      not longer than NAME_LEN bytes. Unfortunately due to bugs in
      callers this assumption might be broken in some cases. As
      result we get nasty bugs causing buffer overruns when we
      construct MDL key or TDC key from object names.
      
      This patch makes MDL and TDC code more robust against such
      bugs by ensuring that we always checking size of result
      buffer when constructing MDL and TDC keys. This doesn't
      free its callers from ensuring that both db and table names
      are shorter than NAME_LEN bytes. But at least these steps
      prevents buffer overruns in case of bug in caller, replacing
      them with less harmful behavior.
      
      This is 5.5-only version of patch.
      
      Changed code of MDL_key::mdl_key_init() to take into account
      size of buffer for the key.
      
      Introduced new version of create_table_def_key() helper function
      which constructs TDC key without risk of result buffer overrun.
      Places in code that construct TDC keys were changed to use this
      function.
      
      Also changed rm_temporary_table() and open_new_frm() functions
      to avoid use of "unsafe" strmov() and strxmov() functions and
      use safer strnxmov() instead.
      4235e46e
    • Dmitry Lenev's avatar
      Bug #15954872 "MAKE MDL SUBSYSTEM AND TABLE DEFINITION CACHE · 2e10e7c3
      Dmitry Lenev authored
      ROBUST AGAINST BUGS IN CALLERS".
      
      Both MDL subsystems and Table Definition Cache code assume 
      that callers ensure that names of objects passed to them are 
      not longer than NAME_LEN bytes. Unfortunately due to bugs in 
      callers this assumption might be broken in some cases. As
      result we get nasty bugs causing buffer overruns when we
      construct MDL key or TDC key from object names.
      
      This patch makes TDC code more robust against such bugs by 
      ensuring that we always checking size of result buffer when
      constructing TDC keys. This doesn't free its callers from 
      ensuring that both db and table names are shorter than 
      NAME_LEN bytes. But at least this steps prevents buffer 
      overruns in case of bug in caller, replacing them with less 
      harmful behavior.
      
      This is 5.1-only version of patch.
      
      This patch introduces new version of create_table_def_key()
      helper function which constructs TDC key without risk of
      result buffer overrun. Places in code that construct TDC keys 
      were changed to use this function.
      
      Also changed rm_temporary_table() and open_new_frm() functions
      to avoid use of "unsafe" strmov() and strxmov() functions and 
      use safer strnxmov() instead.
      2e10e7c3
    • unknown's avatar
      upmerge 14737171 5.1 => 5.5 · 897f497f
      unknown authored
      897f497f
    • unknown's avatar
    • Joerg Bruehe's avatar
      Merge ULN RPM stuff to main branch. · 8c730810
      Joerg Bruehe authored
      8c730810
    • Annamalai Gurusami's avatar
      2f729557
    • Annamalai Gurusami's avatar
      Bug #14200010 NEWLY CREATED TABLE DOESN'T ALLOW FOR LOOSE INDEX SCANS · d426504b
      Annamalai Gurusami authored
      Problem:
      
      Before the ALTER TABLE statement, the array
      dict_index_t::stat_n_diff_key_vals had proper values calculated
      and updated.  But after the ALTER TABLE statement, all the values
      of this array is 0.  
      
      Because of this statistics returned by innodb_rec_per_key() is
      different before and after the ALTER TABLE statement. Running the
      ANALYZE TABLE command populates the statistics correctly.
      
      Solution:
      
      After ALTER TABLE statement, set the flag dict_table_t::stat_initialized
      correctly so that the table statistics will be recalculated properly when
      the table is next loaded.  But note that we still don't choose the loose
      index scans.  This fix only ensures that an ALTER TABLE does not change
      the optimizer plan.
      
      rb://1639 approved by Marko and Jimmy.
      d426504b
  5. 10 Dec, 2012 1 commit
    • Joerg Bruehe's avatar
      RPMs for ULN do not build in MySQL 5.6: Patches + libmysqld.so · 0a925f73
      Joerg Bruehe authored
      Bug #15972480
      
      This is the change for 5.5:
          a cleanup in the way "libmysqld.so" is created.
      (Patches were adapted for 5.5 previously.)
      
      Originally, the ".so" was created by taking all modules in
      "libmysqld.a", after removing some few which caused unresolved
      references.
      This is no good idea, rather "ld" should be used to follow all
      references from some few start modules.
      
      At the same time, the ".so" version needed to be corrected:
      The original "0.0.1" is both wrong and risky.
      Rather, the server version is used to identify the ".so" file,
      but for linkage the first two levels are sufficient (so upgrades
      are possible without re-building the embedded application).
      0a925f73
  6. 09 Dec, 2012 3 commits
    • Shivji Kumar Jha's avatar
      BUG#12359942 - REPLICATION TEST FROM ENGINE SUITE RPL_ROW_UNTIL TIMES OUT · 07a5b266
      Shivji Kumar Jha authored
                   
                   patch to fix post push falures in pb2
                   bzr merge 5.1->5.5
      
      BUG#15872504 - REMOVE MYSQL-TEST/INCLUDE/GET_BINLOG_DUMP_THREAD_ID.INC
                   bzr merge 5.1->5.6
      07a5b266
    • Shivji Kumar Jha's avatar
      BUG#12359942 - REPLICATION TEST FROM ENGINE SUITE PL_ROW_UNTIL TIMES OUT · 6b3dad83
      Shivji Kumar Jha authored
             
             patch to fix post push falures in pb2 
      
      BUG#15872504 - REMOVE MYSQL-TEST/INCLUDE/GET_BINLOG_DUMP_THREAD_ID.INC
                  
      === Problem ===
                  
      The file named "mysql-test/include/get_binlog_dump_thread_id.inc" is not 
      used anywhere. In any case, this file does wrong things in the wrong way:
      1) The file seems to assume there is only one dump thread, but there may 
         be many.
      2) you can get this information in a much easier way using the command:
         "select thread_id from threads where processlist_command="Binlog Dump";"
      
      === Fix ===
                
      removed file 'mysql-test/include/get_binlog_dump_thread_id.inc'
      6b3dad83
    • Shivji Kumar Jha's avatar
      BUG#12359942 - REPLICATION TEST FROM ENGINE SUITE · 51d43baa
      Shivji Kumar Jha authored
                     RPL_ROW_UNTIL TIMES OUT
       
       patch to fix post push falures in pb2 
      
      mysql-test/suite/rpl/r/rpl_row_until.result:
        changes to account for the changes made in
        corresponding test file.
      mysql-test/suite/rpl/t/disabled.def:
        disabled test in macosx
      mysql-test/suite/rpl/t/rpl_row_until.test:
        replaced static relayy log file by an mtr variable
        which saves the name of relay log file.
      51d43baa
  7. 07 Dec, 2012 2 commits
  8. 06 Dec, 2012 2 commits
    • Harin Vadodaria's avatar
      Bug#15912213: BUFFER OVERFLOW IN ACL_GET() · aec9ca5d
      Harin Vadodaria authored
                  
      Description: A very large database name causes buffer
                   overflow in functions acl_get() and
                   check_grant_db() in sql_acl.cc. It happens
                   due to an unguarded string copy operation.
                   This puts required sanity checks before
                   copying db string to destination buffer.
      aec9ca5d
    • Dmitry Shulga's avatar
      This patch fixes bug#14729757 - MY_HASH_SEARCH(&XID_CACHE, · 54769c28
      Dmitry Shulga authored
                                      XID_STATE->XID.KEY(),
                                      XID_STATE->XID.KEY_LENGTH())==0
        
      This bug is a regression of bug#11759534 - 51855: RACE CONDITION
                                                 IN XA START.
        
      The reason for regression is that the changes that fixes the original
      bug wasn't merged from mysql-5.1 into mysql-5.5 and mysql-trunk.
      Only null-merge was done for the patch changeset.
        
      To incorporate lost changes the manual merge have been done.
        
      Additionally the call of trans_rolback() was added into trans_xa_start()
      in case if xid_cache_insert is failed() after transaction has been started.
      If we don't call trans_rollback() we would never reset the flag
      SERVER_STATUS_IN_TRANS in THD::server_status and therefore all subsequent
      attempts to execute XA START in the connection where the error was occurred
      will be failed since thd->in_active_multi_stmt_transaction() will return
      the true every time when trans_xa_start is called.
        
      The latest changes were absent in patch for mysql-5.1
      54769c28
  9. 05 Dec, 2012 8 commits
    • Gleb Shchepa's avatar
      Bug #15948123: SERVER WORKS INCORRECT WITH LONG TABLE ALIASES · 46cfbf35
      Gleb Shchepa authored
      Post-push cleanup: removal of unneeded assertions.
      46cfbf35
    • Dmitry Lenev's avatar
      db2a045f
    • Dmitry Lenev's avatar
      Bug #15954896 "SP, MULTI-TABLE DELETE AND LONG ALIAS". · 095e8271
      Dmitry Lenev authored
      Using too long table aliases in stored routines might
      have caused server crashes.
      
      Code in sp_head::merge_table_list() which is responsible 
      for collecting information about tables used in stored
      routine was not aware of the fact that table alias might
      have arbitrary length. I.e. it assumed that table alias
      can't be longer than NAME_LEN bytes and allocated buffer
      for a key identifying table accordingly.
      
      This patch fixes the issue by ensuring that we use
      dynamically allocated buffer for table key when table
      alias is too long. By default stack based buffer is used
      in which NAME_LEN bytes are reserved for table alias.
      095e8271
    • unknown's avatar
      No commit message · 2c64d0a5
      unknown authored
      No commit message
      2c64d0a5
    • Bjorn Munch's avatar
      997748e8
    • Gleb Shchepa's avatar
      Bug #15948123: SERVER WORKS INCORRECT WITH LONG TABLE ALIASES · 70cb820e
      Gleb Shchepa authored
      Code in MDL subsystem assumes that identifiers of objects can't
      be longer than NAME_LEN characters. This assumption was broken
      when one tried to construct MDL_key based on table alias, which
      can have arbitrary length. Since MDL_key's (and MDL locks) are
      not really used for table aliases this patch changes code to
      not initialize MDL_key object for table list element representing
      aliases.
      70cb820e
    • Shivji Kumar Jha's avatar
      195e731e
    • Shivji Kumar Jha's avatar
      BUG#12359942 - REPLICATION TEST FROM ENGINE SUITE RPL_ROW_UNTIL TIMES OUT · 055cffb4
      Shivji Kumar Jha authored
            
      === Problem ===
            
      The test is dependent on binlog positions and checks
      to see if the command 'START SLAVE' functions correctly
      with the 'UNTIL' clause added to it. The 'UNTIL' clause
      is added to specify that the slave should start and run
      until the SQL thread reaches a given point in the master
      binary log or in the slave relay log.
            
      The test uses hard coded values for MASTER_LOG_POS and
      RELAY_LOG_POS, instead of extracting it using
      query_get_value() function. There is a test
      'rpl.rpl_row_until' which does the similar thing but uses 
      query_get_value() function to set the values of
      MASTER_LOG_POS/ RELAY_LOG_POS. To be precise,
      rpl.rpl_row_until is a modified version of
      engines/func.rpl_row_until.test.
            
      The use of hard coded values may lead the slave to stop at a position
      which may differ from the expected position in the binlog file,
      an example being the failure of engines/funcs.rpl_row_until in 
      mysql-5.1 given as: 
      "query 'select * from t2' failed. Table 'test.t2' doesn't exist".
      In this case, the slave actually ran a couple of extra commands
      as a result of which the slave first deleted the table and then
      ran a select query on table, leading to the above mentioned failure.
            
      === Fix ===
          
      1) Fixed the code for failure seen in rpl.rpl_row_until.
         This test was also failing although the symptoms of
         failure were different.
      2) Copied the contents from rpl.rpl_row_until into
         into engines/funcs.rpl.rpl_row_until.
      3) Updated engines/funcs.rpl_row_until.result accordingly.
      
      mysql-test/suite/engines/funcs/r/rpl_row_until.result:
        modified to accomodate the changes in corresponding
        test file.
      mysql-test/suite/engines/funcs/t/disabled.def:
        removed from the list of disabled tests.
      mysql-test/suite/engines/funcs/t/rpl_row_until.test:
        fixed rpl.rpl_row_until and copied its content to
        engines/funcs.rpl_row_until. The reason being both
        are same tests but rpl.rpl_row_until is an
        updated version.
      mysql-test/suite/rpl/t/disabled.def:
        removed from the list of disabled tests.
      sql/sql_repl.cc:
        Added a check to catch an improper combination
        of arguements passed to 'START SLAVE UNTIL'. Earlier,
        START SLAVE UNTIL MASTER_LOG_FILE='master-bin.000001',
        MASTER_LOG_POS=561, RELAY_LOG_POS=12;
        passed. It is now detected and an error is reported.
      055cffb4
  10. 04 Dec, 2012 3 commits
    • Pedro Gomes 's avatar
      Bug#13545447 RPL_ROTATE_LOGS FAILS DUE TO CONCURRENCY ISSUES IN REP. CODE · 86718b96
      Pedro Gomes authored
      RPL_ROTATE_LOGS has been failing sporadically in what seems a
      problem related to routines that update the coordinates. However,
      the test lacks proper assert statments and because of this the
      debug information upon failure simply points to the content
      mismatch between the test and the result file.
      
      Not as a solution, but as a improvement to the test to better
      debug this failure, new assert statments were added to the test.
      
      @rpl_rotate_logs.test
        Added new assert statments reducing the
        dependency on the result file.
      
      @rpl_rotate_logs.result
        Added new content to the result file to
        match the test changes
      86718b96
    • Manish Kumar's avatar
      BUG#13812374 - RPL.RPL_REPORT_PORT FAILS OCCASIONALLY ON PB2 · 14b18b27
      Manish Kumar authored
      Problem: The problem with the test is that the slave returns 
               from start_slave.inc call too early before the list
               is actually actualised. This caused the slave stale 
               data to be reported.
      
      Fix: Added a wait in the test till the slave's IO status is 
           changed to "Waiting for master to send event" which 
           which ensures the list is correctly updated.
      14b18b27
    • Yasufumi Kinoshita's avatar
      UNIV_DEBUG build of some environments needs · 859ff1ec
      Yasufumi Kinoshita authored
      #include "read0read.h"
      for srv0srv.c and trx0rec.c.
      This is only for mysql-5.5
      859ff1ec