1. 03 Jul, 2009 8 commits
  2. 02 Jul, 2009 4 commits
    • Georgi Kodinov's avatar
      Bug #45807: crash accessing partitioned table and sql_mode · 5572f8e7
      Georgi Kodinov authored
      contains ONLY_FULL_GROUP_BY
      
      The partitioning code needs to issue a Item::fix_fields()
      on the partitioning expression in order to prepare 
      it for being evaluated.
      It does this by creating a special table and a table list 
      for the scope of the partitioning expression.
      But when checking ONLY_FULL_GROUP_BY the 
      Item_field::fix_fields() was relying that there always be
      cached_table set and was trying to use it to get the 
      select_lex of the SELECT the field's table is in.
      But the cached_table was not set by the partitioning code
      that creates the artificial TABLE_LIST used to resolve the
      partitioning expression and this resulted in a crash.
       
      Fixed by rectifying the following errors :
      1. Item_field::fix_fields() : the code that check for 
      ONLY_FULL_GROUP_BY relies on having tables with 
      cacheable_table set. This is mostly true, the only 
      two exceptions being the partitioning context table
      and the trigger context table.
      Fixed by taking the current parsing context if no pointer
      to the TABLE_LIST instance is present in the cached_table.
      
      2. fix_fields_part_func() : 
      
      2a. The code that adds the table being created to the 
      scope for the partitioning expression is mostly a copy 
      of the add_table_to_list and friends with one exception :
      it was not marking the table as cacheable (something that
      normal add_table_to_list is doing). This caused the 
      problem in the check for ONLY_FULL_GROUP_BY in 
      Item_field::fix_fields() to appear.
      Fixed by setting the correct members to make the table
      cacheable.
      The ideal structural fix for this is to use a unified 
      interface for adding a table to a table list 
      (add_table_to_list?) : noted in a TODO comment
      
      2b. The Item::fix_fields() was called with a NULL destination
      pointer. This causes uninitalized memory reads in the 
      overloaded ::fix_fields() function (namely 
      Item_field::fix_fields()) as it expects a non-zero pointer 
      there. Fixed by passing the source pointer similarly to how 
      it's done in JOIN::prepare().
      5572f8e7
    • Matthias Leich's avatar
      Merge 5.0 -> 5.1 of fix for bug 45902 · 7029f8bb
      Matthias Leich authored
      7029f8bb
    • Matthias Leich's avatar
      Fix for Bug#45902 rpl_sp fails sporadically in check testcases · 90c97d7c
      Matthias Leich authored
      Details:
      - Add "sync_slave_with_master" at test end
      - Restore the initial value of log_bin_trust_function_creators
      90c97d7c
    • V Narayanan's avatar
      Bug#45793 macce charset causes error with IBMDB2I · c2141faf
      V Narayanan authored
      Creating an IBMDB2I table with the macce character set
      is successful, but any attempt to insert data into the
      table was failing.
      
      This was happening because the character set name "macce"
      is not a valid iconv descriptor for IBM i PASE. This patch
      adds an override to convertTextDesc to use the equivalent
      valid iconv descriptor "IBM-1282" instead.
      c2141faf
  3. 01 Jul, 2009 4 commits
    • Staale Smedseng's avatar
      Merge from 5.0 · 87695199
      Staale Smedseng authored
      87695199
    • Staale Smedseng's avatar
      Bug #45790 Potential DoS vector: Writing of user input to log · 490f4432
      Staale Smedseng authored
      without proper formatting
            
      The problem is that a suitably crafted database identifier
      supplied to COM_CREATE_DB or COM_DROP_DB can cause a SIGSEGV,
      and thereby a denial of service. The database name is printed
      to the log without using a format string, so potential
      attackers can control the behavior of my_b_vprintf() by
      supplying their own format string. A CREATE or DROP privilege
      would be required.
            
      This patch supplies a format string to the printing of the
      database name. A test case is added to mysql_client_test.
      490f4432
    • Satya B's avatar
      merge to 5.1-bugteam · c63b2242
      Satya B authored
      c63b2242
    • Satya B's avatar
      Fix build failure after applying Innodb snapshot 5.1-ss5282 · 2e3982b4
      Satya B authored
      After applying Innodb snapshot 5.1-ss5282, build was broken
      because of missing header file. 
      
      Adding the header file to Makefile.am after informing the 
      innodb developers.
      2e3982b4
  4. 30 Jun, 2009 2 commits
  5. 29 Jun, 2009 10 commits
  6. 27 Jun, 2009 1 commit
    • Luis Soares's avatar
      BUG#42851: Spurious "Statement is not safe to log in statement · 92536e42
      Luis Soares authored
                 format." warnings
            
      Despite the fact that a statement would be filtered out from binlog, a
      warning would still be thrown if it was issued with the LIMIT.
            
      This patch addresses this issue by checking the filtering rules before
      printing out the warning.
      92536e42
  7. 26 Jun, 2009 5 commits
    • Evgeny Potemkin's avatar
      Merged bug#45266. · 05a2329f
      Evgeny Potemkin authored
      05a2329f
    • Evgeny Potemkin's avatar
      Bug#45266: Uninitialized variable lead to an empty result. · 0e64988a
      Evgeny Potemkin authored
      The TABLE::reginfo.impossible_range is used by the optimizer to indicate
      that the condition applied to the table is impossible. It wasn't initialized
      at table opening and this might lead to an empty result on complex queries:
      a query might set the impossible_range flag on a table and when the query finishes,
      all tables are returned back to the table cache. The next query that uses the table
      with the impossible_range flag set and an index over the table will see the flag
      and thus return an empty result.
      
      The open_table function now initializes the TABLE::reginfo.impossible_range
      variable.
      0e64988a
    • Alexey Kopytov's avatar
      Automerge. · b21f60fb
      Alexey Kopytov authored
      b21f60fb
    • Alexey Kopytov's avatar
      Automerge. · a03275e9
      Alexey Kopytov authored
      a03275e9
    • Staale Smedseng's avatar
      Merge from 5.1-bugteam · 507af626
      Staale Smedseng authored
      507af626
  8. 25 Jun, 2009 3 commits
    • Luis Soares's avatar
      26c4e642
    • Staale Smedseng's avatar
      Bug #34002 uninitialized Rows_examined for some admin queries · 498ac0f5
      Staale Smedseng authored
      such as quit and shutdown
      
      Logging to slow log can produce an undetermined value for
      Rows_examined in special cases. In debug mode this manifests
      itself as any of the various marker values used to mark
      uninitialized memory on various platforms.
      
      If logging happens on a THD object that hasn't performed any
      row reads (on this or any previous connections), the
      THD::examined_row_count may be uninitialized. This patch adds
      initialization for this attribute.
      
      No automated test cases are added, as for this to be
      meaningful, we need to ensure that we're using a THD
      fulfilling the above conditions. This is hard to do in the
      mysql-test-run framework. The patch has been verified
      manually, however, by restarting mysqld and running the test
      included with the bug report.
      498ac0f5
    • Davi Arnaut's avatar
      Bug#45548: XA transaction without access to InnoDB tables crashes the server · 4c1333e6
      Davi Arnaut authored
      The problem is that the one phase commit function failed to
      properly end a empty transaction. The solution is to ensure
      that the transaction cleanup procedure is invoked even for
      empty transactions.
      4c1333e6
  9. 26 Jun, 2009 3 commits