1. 24 May, 2017 1 commit
    • Sreeharsha Ramanavarapu's avatar
      Bug #24595639: INCORRECT BEHAVIOR IN QUERY WITH UNION AND · c34f2e51
      Sreeharsha Ramanavarapu authored
                     GROUP BY
      
      Issue 1:
      --------
      This problem occurs in the following conditions:
      1) A UNION is present in the subquery of select list and
         handles multiple columns.
      2) Query has a GROUP BY.
      
      A temporary table is created to handle the UNION.
      Item_field objects are based on the expressions of the
      result of the UNION (ie. the fake_select_lex). While
      checking validity of the columns in the GROUP BY list, the
      columns of the temporary table are checked in
      Item_ident::local_column. But the Item_field objects
      created for the temporary table don't have information like
      the Name_resolution_context that they belong to or whether
      they are dependent on an outer query. Since these members
      are null, incorrect behavior is caused.
      
      This can happen when such Item objects are cached to apply
      the IN-to-EXISTS transform for Item_row.
      
      Solution to Issue 1:
      --------------------
      Context information of the first select in the UNION will
      be assigned to the new Item_field objects.
      
      
      Issue 2:
      --------
      This problem occurs in the following conditions:
      1) A UNION is present in the subquery of select list.
      2) A column in the UNION's first SELECT refers to a table
         in the outer-query making it a dependent union.
      3) GROUP BY column refers to the outer-referencing column.
      
      While resolving the select list with an outer-reference, an
      Item_outer_ref object is created to handle the
      outer-query's GROUP BY list. The Item_outer_ref object
      replaces the Item_field object in the item tree.
      Item_outer_ref::fix_fields will be called only while fixing
      the inner references of the outer query.
      
      Before resolving the outer-query, an Item_type_holder
      object needs to be created to handle the UNION. But as
      explained above, the Item_outer_ref object has not been
      fixed yet. Having a fixed Item object is a pre-condition
      for creating an Item_type_holder.
      
      Solution to Issue 2:
      --------------------
      Use the reference (real_item()) of an Item_outer_ref object
      instead of the object itself while creating an
      Item_type_holder.
      c34f2e51
  2. 23 May, 2017 3 commits
  3. 22 May, 2017 1 commit
    • Ivo Roylev's avatar
      Bug# 25998635: Client does not escape the USE statement · 20addb05
      Ivo Roylev authored
      When there are quotes in the USE statement, the mysql client does
      not correctly escape them.
      
      The USE statement is processed line by line from the client's parser,
      and cannot handle multi-line commands as the server.
      
      The fix is to escape the USE parameters whenever quotes are used.
      20addb05
  4. 16 May, 2017 2 commits
    • Shishir Jaiswal's avatar
      Bug#16212207 - LOAD XML INFILE PERFORMANCE WITH INDENTED · 3b562dcf
      Shishir Jaiswal authored
                     XML
      
      DESCRIPTION
      ===========
      LOAD XML INFILE performance becomes painfully slow if the
      tags' value has any space(s) in between them. They're
      usually kept intentionally for indentation purpose.
      
      ANALYSIS
      ========
      The extra spaces are calling clear_level() many a times
      which is having overhead of clearing taglist etc. This can
      be avoided altogether by skipping all such spaces.
      
      FIX
      ===
      Trim all the starting whitespaces from the value before
      passing it to read_value()
      3b562dcf
    • Tor Didriksen's avatar
      Bug #25436469: BUILDS ARE NOT REPRODUCIBLE · f4ce18b0
      Tor Didriksen authored
      Backport to 5.5
      
      Current MySQL builds, even on Pushbuild, are not reproducible; they return
      different results depending on which directory they are built from (and
      Pushbuild uses several different directories). This is because absolute paths
      leak into debug information, and even worse, __FILE__. The latter moves code
      around enough that we've actually seen sysbench changes on the order of 4% in
      some tests.
      
      CMake seemingly insists on using absolute paths, but we can insert our own
      layer between CMake and GCC to relativize all paths. Also give the right flags
      to get debug information reproducible and turn off build stamping. This makes
      the mysqld build 100% bit-for-bit reproducible between runs on my machine,
      even when run from different directories.
      f4ce18b0
  5. 13 May, 2017 1 commit
  6. 12 May, 2017 1 commit
    • Nisha Gopalakrishnan's avatar
      BUG#25451091:CREATE TABLE DATA DIRECTORY / INDEX DIRECTORY · b615c3df
      Nisha Gopalakrishnan authored
                   SYMLINK CHECK RACE CONDITIONS
      
      ANALYSIS:
      =========
      A potential defect exists in the handling of CREATE
      TABLE .. DATA DIRECTORY/ INDEX DIRECTORY which gives way to
      the user to gain access to another user table or a system
      table.
      
      FIX:
      ====
      The lstat and fstat output of the target files are now
      stored which help in determining the identity of the target
      files thus preventing the unauthorized access to other
      files.
      b615c3df
  7. 04 May, 2017 1 commit
  8. 03 May, 2017 1 commit
    • Anushree Prakash B's avatar
      Bug#25340722 - PRINT BINARY DATA AS HEX IN THE MYSQL · 756b00d8
      Anushree Prakash B authored
                     CLIENT (CONTRIBUTION)
      
      DESCRIPTION:
      ============
      Binary data should be printed as hex in the mysql client
      when the option binary-as-hex is enabled.
      
      ANALYSIS:
      =========
      The fix deals only with mysql command line client.
      It does not change, at all, the data sent to the
      applications. Printing binary data as hex also
      allows to use the output in the where clause
      of the query.
      
      FIX:
      ====
      A new option 'binary-as-hex' is introduced to print the
      binary contents as hex in the mysql client. The option
      is disabled by default. When the option is enabled, we
      convert the binary data to hex before printing the
      contents irrespective of whether it is in tabular,
      xml or html format.
      756b00d8
  9. 02 May, 2017 1 commit
  10. 27 Apr, 2017 4 commits
  11. 25 Apr, 2017 1 commit
  12. 17 Apr, 2017 1 commit
    • Shishir Jaiswal's avatar
      Bug#25043674 - MYSQLACCESS SCRIPT LOADS AND EXECUTES CODE · 788fb5bf
      Shishir Jaiswal authored
                     FROM THE CURRENT DIRECTORY
      
      DESCRIPTION
      ===========
      When 'mysqlaccess' tool is run, it reads (and executes) the
      content of its configuration file 'mysqlaccess.conf' from
      the current directory. This is not a recommended behaviour
      as someone with ill intentions can insert malicious
      instructions into this file which could be executed
      whenever this tool is run.
      
      ANALYSIS
      ========
      The configuration file is presently looked for, in the
      following folders (in given order):
      1. Current directory
      2. SYSCONFDIR       //This gets expanded
      3. /etc/
      
      Owing to the reasons mentioned above, we should not permit
      the file to be in the current directory. Since the other
      two folders are assumed to be accessible only to authorized
      people, the config file is safe to be read from there.
      
      FIX
      ===
      Modified the script so that it looks for the config file
      now in the following two folders (in the given order):
      1. SYSCONFDIR
      2. /etc/
      
      If it's absent from above locations but present in current
      directory, an error is thrown asking the user to move the
      file to one of the above locations and retry.
      
      NOTE
      ====
      The location paths and their precedence are not documented
      for this tool. It needs to be noted as part of the
      associated documentation.
      788fb5bf
  13. 10 Apr, 2017 2 commits
  14. 07 Apr, 2017 1 commit
    • Nisha Gopalakrishnan's avatar
      BUG#25250768: WRITING ON A READ_ONLY=ON SERVER WITHOUT SUPER · 3c6c0ebc
      Nisha Gopalakrishnan authored
                    PRIVILEGE.
      
      Backport from mysql-5.7 to mysql-5.5 and mysql-5.6.
      
      BUG#13969578: TEMPORARY TABLE IN A DATABASE ON A READ-ONLY
                        INSTANCE CAN BE OVERWRITTEN
      
      Analysis:
      ========
      
      Creation or modification of a persistent table by a non-super user
      is NOT ALLOWED in read_only mode. Only TEMPORARY tables are allowed
      to be created or modified in read_only mode. But the creation of
      a persistent table was being allowed when a temporary table of
      the same name existed.
      
      The routine which denies updating a non-temporary table in a
      read_only mode does not handle the case of creation of a regular
      table when a temporary table of the same exists.
      
      Fix:
      ===
      Handled the condition where an attempt is made to create a persistent
      table having the same name as that of the temporary table. Hence
      the creation of a persistent table by a non-super user when a
      temporary table of the same exists is denied under read_only mode.
      3c6c0ebc
  15. 28 Mar, 2017 1 commit
  16. 23 Mar, 2017 1 commit
  17. 18 Mar, 2017 1 commit
    • Bharathy Satish's avatar
      Bug #25717383: MYSQLDUMP MAY EXECUTE ANY ARBITRARY QUERY · 6fa5e081
      Bharathy Satish authored
      While writing comments if database object names has a new
      line character, then next line is considered a command, rather
      than a comment.
      This patch fixes the way comments are constructed in mysqldump.
      
      (cherry picked from commit 1099f9d17b1c697c2760f86556f5bae7d202b444)
      6fa5e081
  18. 17 Mar, 2017 1 commit
  19. 15 Mar, 2017 1 commit
    • Kailasnath Nagarkar's avatar
      Bug #25447551: HANDLE_FATAL_SIGNAL (SIG=11) IN · d8328690
      Kailasnath Nagarkar authored
                     FT_BOOLEAN_CHECK_SYNTAX_STRING
      
      ISSUE: my_isalnum macro used for checking if character is
             alphanumeric dereferences uninitialized pointer
             in default character set structure resulting in
             server exiting abnormally.
      
      FIX: Used standard isalnum function instead of macro my_isalnum.
      d8328690
  20. 14 Mar, 2017 1 commit
  21. 13 Mar, 2017 1 commit
  22. 10 Mar, 2017 2 commits
  23. 09 Mar, 2017 3 commits
    • Ramil Kalimullin's avatar
      BUG#25575605: SETTING --SSL-MODE=REQUIRED SENDS CREDENTIALS BEFORE VERIFYING SSL CONNECTION · 2531c8dc
      Ramil Kalimullin authored
      MYSQL_OPT_SSL_MODE option introduced.
      It is set in case of --ssl-mode=REQUIRED and permits only SSL connection.
      2531c8dc
    • Terje Rosten's avatar
      BUG#25364806 MYSQLD_SAFE FAILING TO START IF DATADIR GIVEN IS NOT ABSOLUTE PATH · ec2a6b60
      Terje Rosten authored
      mysqld_safe is working on real files, however passing these file paths
      as is to mysqld as options gives different meaning when paths are
      relative.
      
      mysqld_safe uses current working directory as basedir for relative paths,
      while mysqld uses $datadir as basedir.
      ec2a6b60
    • Karthik Kamath's avatar
      BUG#24807826: UINT3KORR SHOULD STOP READING FOUR INSTEAD OF · af84921d
      Karthik Kamath authored
                    THREE BYTES ON X86
      
      Analysis:
      =========
      The macro uint3korr reads 4 bytes of data instead of 3 on
      on x86 machines.
      
      Multiple definitions were created for this macro for
      optimization in WIN32. The idea was to optimize reading of
      3 byte ints by reading an ordinary int and masking away the
      unused byte. However this is an undefined behavior. It will
      be an issue unless users are aware of allocating an extra
      byte for using this macro.
      
      Fix:
      ====
      Removing the definition which reads 4 bytes of data. The
      only definition of this macro would now read just 3 bytes
      of data thus prohibiting the usage of an extra byte.
      
      Note:
      =====
      This is a backport of Patches #5 and #6 for Bug#17922198.
      af84921d
  24. 28 Feb, 2017 1 commit
    • Sujatha Sivakumar's avatar
      Bug#24901077: RESET SLAVE ALL DOES NOT ALWAYS RESET SLAVE · e619295e
      Sujatha Sivakumar authored
      Description:
      ============
      If you have a relay log index file that has ended up with
      some relay log files that do not exists, then RESET SLAVE
      ALL is not enough to get back to a clean state.
      
      Analysis:
      =========
      In the bug scenario slave server is in stopped state and
      some of the relay logs got deleted but the relay log index
      file is not updated.
      
      During slave server restart replication initialization fails
      as some of the required relay logs are missing. User
      executes RESET SLAVE/RESET SLAVE ALL command to start a
      clean slave. As per the documentation RESET SLAVE command
      clears the master info and relay log info repositories,
      deletes all the relay log files, and starts a new relay log
      file. But in a scenario where the slave server's
      Relay_log_info object is not initialized slave will not
      purge the existing relay logs. Hence the index file still
      remains in a bad state. Users will not be able to start
      the slave unless these files are cleared.
      
      Fix:
      ===
      RESET SLAVE/RESET SLAVE ALL commands should do the cleanup
      even in a scenario where Relay_log_info object
      initialization failed.
      
      Backported a flag named 'error_on_rli_init_info' which is
      required to identify slave's Relay_log_info object
      initialization failure. This flag exists in MySQL-5.6
      onwards as part of BUG#14021292 fix.
      
      During RESET SLAVE/RESET SLAVE ALL execution this flag
      indicates the Relay_log_info initialization failure.
      In such a case open the relay log index/relay log files
      and do the required clean up.
      e619295e
  25. 27 Feb, 2017 2 commits
  26. 24 Feb, 2017 1 commit
    • Arun Kuruvila's avatar
      Bug#25608828: I_MAIN.VARIABLES-BUG21503595 FAILS · 18b3aa11
      Arun Kuruvila authored
                    SPORADICALLY ON PB2-5.5 FOR LINUX-VALGRIND
      
      Description: Sporadic failure of variables-bug21503595 test
      on pb2-5.5 for linux-valgrind platform.
      
      Fix: This is a issue related to libc and not related to
      MySQL code. During dlclose few blocks of memory left
      unfreed. This is a known issue in libc and needs to be
      suppressed.
      
      Fix: Added a valgrind suppression.
      18b3aa11
  27. 23 Feb, 2017 2 commits
    • Dyre Tjeldvoll's avatar
      Bug#25514146: DB_NAME IS IGNORED WHEN CREATING TABLE WITH DATA DIRECTORY · 7849a27c
      Dyre Tjeldvoll authored
      Problem: CREATE TABLE using a fully qualified name with INDEX DIR/DATA DIR
      option reports an error when the current database is not SET.
      
      check_access() was incorrectly called with NULL as the database
      argument in a situation where the database name was not needed for
      the particular privilege being checked. This will cause the current
      database to be used, or an error to be reported if there is no current
      database.
      
      Fix: Call check_access() with any_db as the database argument in this situation.
      7849a27c
    • Ajo Robert's avatar
      Bug#23195404 EXCESSIVE MEMORY CAN BE USED BY THE QUOTE() · b21a0212
      Ajo Robert authored
      			  STRING FUNCTION
      
      Fix:
      =======
      Added code in QUOTE string function to honor max_allowed_packet.
      b21a0212
  28. 16 Feb, 2017 1 commit