1. 16 Nov, 2017 2 commits
  2. 11 Nov, 2017 1 commit
    • Igor Babaev's avatar
      Fixed bug MDEV-14368 Improper error for a grouping query that · b5cb4ae4
      Igor Babaev authored
      uses alias in HAVING when sql_mode = 'ONLY_FULL_GROUP_BY'
      
      This patch corrects the patch for bug#18739: non-standard
      HAVING extension was allowed in strict ANSI sql mode
      added in 2006 by commit 4b7c4cd2.
      As a result of incompleteness of the fix in the above commit
      if a query with GROUP BY contained an aggregate function with an
      alias and this alias was used in the HAVING clause of the query
      the server reported an error when sql_mode was set to
      'ONLY_FULL_GROUP_BY'.
      b5cb4ae4
  3. 10 Nov, 2017 1 commit
  4. 03 Nov, 2017 2 commits
  5. 26 Oct, 2017 1 commit
  6. 24 Oct, 2017 1 commit
    • Marko Mäkelä's avatar
      MDEV-14051 'Undo log record is too big.' error occurring in very narrow range of string lengths · 439a7c99
      Marko Mäkelä authored
      InnoDB was writing unnecessary information to the
      update undo log records. Most notably, if an indexed column is updated,
      the old value of the column would be logged twice: first as part of
      the update vector, and then another time because it is an indexed column.
      
      Because the InnoDB undo log record must fit in a single page,
      this would cause unnecessary failure of certain updates.
      
      Even after this fix, InnoDB still seems to be unnecessarily logging
      indexed column values for non-updated columns. It seems that non-updated
      secondary index columns only need to be logged when a PRIMARY KEY
      column is updated. To reduce risk, we are not fixing this remaining flaw
      in GA versions.
      
      trx_undo_page_report_modify(): Log updated indexed columns only once.
      439a7c99
  7. 18 Oct, 2017 1 commit
  8. 17 Oct, 2017 8 commits
    • Sergei Golubchik's avatar
      Bug#26361149 MYSQL SERVER CRASHES AT: COL IN(IFNULL(CONST, COL), NAME_CONST('NAME', NULL)) · b000e169
      Sergei Golubchik authored
      based on:
      
      commit f7316aa0
      Author: Ajo Robert <ajo.robert@oracle.com>
      Date:   Thu Aug 24 17:03:21 2017 +0530
      
          Bug#26361149  MYSQL SERVER CRASHES AT: COL IN(IFNULL(CONST,
                                 COL), NAME_CONST('NAME', NULL))
      
          Backport of Bug#19143243 fix.
      
          NAME_CONST item can return NULL_ITEM type in case of incorrect arguments.
          NULL_ITEM has special processing in Item_func_in function.
          In Item_func_in::fix_length_and_dec an array of possible comparators is
          created. Since NAME_CONST function has NULL_ITEM type, corresponding
          array element is empty. Then NAME_CONST is wrapped to ITEM_CACHE.
          ITEM_CACHE can not return proper type(NULL_ITEM) in Item_func_in::val_int(),
          so the NULL_ITEM is attempted compared with an empty comparator.
          The fix is to disable the caching of Item_name_const item.
      b000e169
    • Sergei Golubchik's avatar
      Merge branch 'mysql/5.5' into 5.5 · df5f25fa
      Sergei Golubchik authored
      df5f25fa
    • Sergei Golubchik's avatar
      MDEV-13937 Aria engine: Internal Error 160 after partition handling · b036b6b5
      Sergei Golubchik authored
      Partition wasn't setting HA_OPTION_PACK_RECORD on ALTER TABLE
      if the row format was PAGE.
      
      (so one bit in the null bitmap was reserved for a deleted bit -
      see make_empty_rec - and all actual null bits were one off)
      b036b6b5
    • Sergei Golubchik's avatar
      MDEV-14056 DROP TEMPORARY TABLE IF EXISTS causes error 1290 with read_only option · 19a702a8
      Sergei Golubchik authored
      if it's a DROP TABLE, we cannot detect whether a table is
      temporary by looking in thd->temporary_tables - because the
      table might simply not exist at all.
      19a702a8
    • Sergei Golubchik's avatar
      MDEV-13912 Can't refer the same column twice in one ALTER TABLE · 42171639
      Sergei Golubchik authored
      backport ce6c0e58
      
      MDEV-8960: Can't refer the same column twice in one ALTER TABLE
      
      Problem was that if column was created in alter table when
      it was refered again it was not tried to find from list
      of current columns.
      
      mysql_prepare_alter_table:
        There is two cases
          (1) If alter table adds a new column and then later alter
              changes the field definition, there was no check from
      	list of new columns, instead an incorrect error was given.
          (2) If alter table adds a new column and then later alter
              changes the default, there was no check from list of
      	new columns, instead an incorrect error was given.
      42171639
    • Sergei Golubchik's avatar
      MDEV-13440 mysql_install_db fails with hard-coded langdir · 93144b9e
      Sergei Golubchik authored
      always search in compile-time specified paths
      INSTALL_BINDIR, INSTALL_SBINDIR, INSTALL_MYSQLSHAREDIR. User
      can set them to arbitrary values, it's not enough to search only
      in their usual values of bin, sbin and libexec, share and share/mysql.
      93144b9e
    • Sergei Golubchik's avatar
      cleanup mysql_install_db · 52516706
      Sergei Golubchik authored
      1. detect resolveip location, don' assume it's in $basedir/bin
      2. don't guess $scriptdir to (incorrectly) construct the $0 path
      3. rename find_in_basedir -> find_in_dirs, don't prepend $basedir
         automatically. This allows to use identical path lists in
         find_in_dirs and in cannot_find_file.
      4. move search path lists to CMakeLists.txt to avoid specifying the
         same path list twice (in find_in_dirs and in cannot_find_file).
      52516706
    • Sergei Golubchik's avatar
      MDEV-13459 Warnings, when compiling with gcc-7.x · d76f5774
      Sergei Golubchik authored
      mostly caused by -Wimplicit-fallthrough
      d76f5774
  9. 13 Oct, 2017 6 commits
  10. 10 Oct, 2017 2 commits
  11. 06 Oct, 2017 1 commit
  12. 05 Oct, 2017 1 commit
  13. 02 Oct, 2017 1 commit
    • Marko Mäkelä's avatar
      MDEV-13980 InnoDB fails to discard record lock when discarding an index page · 028d253d
      Marko Mäkelä authored
      btr_cur_pessimistic_delete(): Discard a possible record lock also in
      the case when the record was the only one in the page. Failure to
      do this would corrupt the record lock data structures in a partial
      rollback (ROLLBACK TO SAVEPOINT or rolling back a row operation due
      to some error, such as a duplicate key in a unique secondary index).
      028d253d
  14. 19 Sep, 2017 1 commit
  15. 18 Sep, 2017 2 commits
  16. 13 Sep, 2017 2 commits
    • mysql-builder@oracle.com's avatar
      No commit message · 1da916c3
      mysql-builder@oracle.com authored
      No commit message
      1da916c3
    • Anushree Prakash B's avatar
      Bug#26372491 - RCE THROUGH THE MISHANDLE OF BACKSLASH · 5ac61b2a
      Anushree Prakash B authored
      DESCRIPTION:
      ===========
      The bug is related to incorrect parsing of SQL queries
      when typed in on the CLI. The incorrect parsing can
      result in unexpected results.
      
      ANALYSIS:
      ========
      The scenarios mainly happens for identifier names
      with a typical combination of backslashes and backticks.
      The incorrect parsing can either result in executing
      additional queries or can result in query truncation.
      This can impact mysqldump as well.
      
      FIX:
      ===
      The fix makes sure that such identifier names are
      correctly parsed and a proper query is sent to the
      server for execution.
      
      (cherry picked from commit 31a372aa1c2b93dc75267d1f05a7f7fca6080dc0)
      5ac61b2a
  17. 24 Aug, 2017 2 commits
    • Ajo Robert's avatar
      Bug#26361149 MYSQL SERVER CRASHES AT: COL IN(IFNULL(CONST, · f7316aa0
      Ajo Robert authored
                             COL), NAME_CONST('NAME', NULL))
      
      Backport of Bug#19143243 fix.
      
      NAME_CONST item can return NULL_ITEM type in case of incorrect arguments.
      NULL_ITEM has special processing in Item_func_in function.
      In Item_func_in::fix_length_and_dec an array of possible comparators is
      created. Since NAME_CONST function has NULL_ITEM type, corresponding
      array element is empty. Then NAME_CONST is wrapped to ITEM_CACHE.
      ITEM_CACHE can not return proper type(NULL_ITEM) in Item_func_in::val_int(),
      so the NULL_ITEM is attempted compared with an empty comparator.
      The fix is to disable the caching of Item_name_const item.
      f7316aa0
    • Arun Kuruvila's avatar
      Bug#26482173: TLS CIPHER NEGOTIATION INCORRECTLY MATCHES ON · f2f6025a
      Arun Kuruvila authored
                    LAST BYTE ONLY (YASSL)
      
      
      Description:- TLS cipher negociation happens incorrectly
      leading to the use of a different
      
      Analysis:- YaSSL based MySQL server will compare only the
      last byte of each cipher sent in the Client Hello message.
      This can cause TLS connections to fail, due to the server
      picking a cipher which the client doesn't actually support.
      
      Fix:- A fix for detecting cipher suites with non leading
      zeros is included as YaSSL only supports cipher suites with
      leading zeros.
      f2f6025a
  18. 23 Aug, 2017 3 commits
    • Nisha Gopalakrishnan's avatar
      Bug#26390632: CREATE TABLE CAN CAUSE MYSQL TO EXIT. · be901b60
      Nisha Gopalakrishnan authored
      Analysis
      ========
      CREATE TABLE of InnoDB table with a partition name
      which exceeds the path limit can cause the server
      to exit.
      
      During the preparation of the partition name,
      there was no check to identify whether the complete
      path name for partition exceeds the max supported
      path length, causing the server to exit during
      subsequent processing.
      
      Fix
      ===
      During the preparation of partition name, check and report
      an error if the partition path name exceeds the maximum path
      name limit.
      
      This is a 5.5 patch.
      be901b60
    • Tor Didriksen's avatar
      Bug#19875294 ASSERTION `SRC' FAILED IN MY_STRNXFRM_UNICODE (SIG 6 -STRINGS/CTYPE-UTF8.C:5151) · ebd96c31
      Tor Didriksen authored
      Backport from 5.7 to 5.5 Field_set::val_str()
      should return String("", 0, cs) rather than String(NULL, 0, cs)
      ebd96c31
    • Venkatesh Duggirala's avatar
      Bug#24763131 LOCAL-INFILE DEFAULT SHOULD BE DISABLED · d75f8a17
      Venkatesh Duggirala authored
      Problem & Analysis: Slave's Receiver thread, Applier thread and worker
          threads are created with LOCAL-INFILE option enabled. As the document
          says https://dev.mysql.com/doc/refman/5.7/en/load-data-local.html,
          there are some issues if a thread enables local infile.
          This flag should be enabled with care. But for the above mentioned
          internal threads, server is enabling it at the time of creation.
      
      Fix: Further analysis on the code shows that none of threads really
          need this flag to be enabled at any time as Slave never executes
          "LOAD DATA LOCAL INFILE" after reading it from Relay log.
          Applier thread removes "LOCAL" before start executing the query.
      d75f8a17
  19. 18 Aug, 2017 1 commit
  20. 16 Aug, 2017 1 commit