1. 17 Mar, 2014 1 commit
    • Marc Alff's avatar
      Bug#18319790 QUERY TO INFORMATION_SCHEMA CRASHES SERVER · c8b8d009
      Marc Alff authored
      Before this fix, specially crafted queries
      using the INFORMATION_SCHEMA could crash the server.
      
      The root cause was a buffer overflow,
      see the (private) bug comments for details.
      
      With this fix, the buffer overflow condition is properly handled,
      and the queries involved do return the expected result.
      c8b8d009
  2. 05 Mar, 2014 1 commit
    • Tor Didriksen's avatar
      Backport of: · 2d5be2fc
      Tor Didriksen authored
        Bug#17894997 CMAKE WARNING WRT INTERFACE_LINK_LIBRARIES
        Bug#17905155 CMAKE WARNING WHEN GENERATING MAKEFILE
        Bug#71089 CMake warning when generating Makefile
      
      Use old policy for LINK_INTERFACE_LIBRARIES.
      
      2d5be2fc
  3. 04 Mar, 2014 3 commits
  4. 03 Mar, 2014 1 commit
  5. 28 Feb, 2014 1 commit
  6. 25 Feb, 2014 2 commits
  7. 17 Feb, 2014 2 commits
  8. 12 Feb, 2014 2 commits
    • Vamsikrishna Bhagi's avatar
      Bug #18186103 BUFFER OVERFLOW IN CLIENT · 6923c1d9
      Vamsikrishna Bhagi authored
      Problem: While printing the Server version, mysql client
               doesn't check for the buffer overflow in a
               String variable.
      
      Solution: Used a different print function which checks the
                allocated length before writing into the string.
      6923c1d9
    • Neeraj Bisht's avatar
      Bug#17075846 - UNQUOTED FILE NAMES FOR VARIABLE VALUES ARE · e13b28af
      Neeraj Bisht authored
      	       ACCEPTED BUT PARSED INCORRECTLY
      
      When we are setting the value in a system variable, 
      We can set it like 
      
      set sys_var="Iden1.Iden2";		//1
      set sys_var='Iden1.Iden2';		//2
      set sys_var=Iden1.Iden2;		//3
      set sys_var=.ident1.ident2; 		//4
      set sys_var=`Iden1.Iden2`;		//5
      
      
      While parsing, for case 1(when ANSI_QUOTES is enable) and 2,
      we will take as string literal(we will make item of type Item_string).
      for case 3 & 4, taken as Item_field, where Iden1 is a table name and
      iden2 is a field name.
      for case 5, again Item_field type, where iden1.iden2 is taken as
      field name.
      
      
      Now in case 1, when we are assigning some value to system variable
      (which can take string or enumerate type data), we are setting only 
      field part.
      This means only iden2 value will be set for system variable. This 
      result in wrong result.
      
      Solution:
      
      (for string type) We need to Document that we are not allowed to set 
      system variable which takes string as identifier, otherwise result 
      in unexpected behaviour.
      
      (for enumerate type)
      if we pass iden1.iden2, we will give an error ER_WRONG_TYPE_FOR_VAR
      (Incorrect argument type to variable).
      
      mysql-test/suite/sys_vars/t/general_log_file_basic.test:
        Earlier we used to give ER_WRONG_VALUE_FOR_VAR error, but in the patch of
        (Bug32748-Inconsistent handling of assignments to general_log_file/slow_query_log_file)
        they quoted this line.But i am not able to find any relation of this with the changes of
        patch. So i think We should give error in this case.
      mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test:
        Earlier we used to give ER_WRONG_VALUE_FOR_VAR error, but in the patch of
        (Bug32748-Inconsistent handling of assignments to general_log_file/slow_query_log_file)
        they quoted this line.But i am not able to find any relation of this with the changes of
        patch. So i think We should give error in this case.
      e13b28af
  9. 11 Feb, 2014 3 commits
  10. 10 Feb, 2014 1 commit
    • Thirunarayanan B's avatar
      Bug #14049391 INNODB MISCALCULATES AUTO-INCREMENT AFTER DECREASING · 7acdf29c
      Thirunarayanan B authored
                              AUTO_INCREMENT_INCREMENT
      Problem:
      =======
      When auto_increment_increment system variable decreases,
      immediate next value of auto increment column is not affected.
      
      Solution:
      ========
      	Get the previous inserted value of auto increment column by
      subtracting the previous auto_increment_increment from next
      auto increment value. After that calculate the current autoinc value
      using newly changed auto_increment_increment variable.
      
      	Approved by Sunny [rb#4394]
      7acdf29c
  11. 06 Feb, 2014 2 commits
    • Murthy Narkedimilli's avatar
    • Anirudh Mangipudi's avatar
      Bug#14211271 ISSUES WITH SSL ON DEBIAN WHEEZY I386 AND KFREEBSD-I386 · 10c190f0
      Anirudh Mangipudi authored
      Problem:
      It was reported that on Debian and KFreeBSD platforms, i386 architecture 
      machines certain SSL tests are failing. main.ssl_connect  rpl.rpl_heartbeat_ssl
      rpl.rpl_ssl1 rpl.rpl_ssl main.ssl_cipher, main.func_encrypt were the tests that
       were reportedly failing (crashing). The reason for the crashes are said to be
      due to the assembly code of yaSSL.
      
      Solution:
      There was initially a workaround suggested i.e., to enable 
      -DTAOCRYPT_DISABLE_X86ASM flag which would prevent the crash, but at an expense
       of 4X reduction of speed. Since this was unacceptable, the fix was the 
      functions using assembly, now input variables from the function call using 
      extended inline assembly on GCC instead of relying on direct assembly code.
      10c190f0
  12. 04 Feb, 2014 2 commits
  13. 03 Feb, 2014 1 commit
  14. 31 Jan, 2014 2 commits
    • unknown's avatar
      Merge from mysql-5.5.36-release · a4209ce2
      unknown authored
      a4209ce2
    • Praveenkumar Hulakund's avatar
      Bug#14117012 - CHILD PROCESS MYSQL UTILITIES PICKING UP LOCAL · 1d9ae547
      Praveenkumar Hulakund authored
                     CONFIG FILES CAUSES TEST
      
      Utility as "mysql_upgrade" forks "mysql"/"mysqlcheck". Attaching
      "mysql_upgrade" shows following calls after forking "mysql" or
      "mysql_check" when configuration file information is passed as
      first argument to "mysql_upgrade".
      
      strace -f ./mysql_upgrade --defaults-file=../pdb/my.cnf --socket=../pdb/mysql.sock -f
      
      [pid  6254] stat("/etc/my.cnf", 0x7fff8e772680) = -1 ENOENT (No such file or directory)
      [pid  6254] stat("/etc/mysql/my.cnf", 0x7fff8e772680) = -1 ENOENT (No such file or directory)
      [pid  6254] stat("/usr/local/mysql/etc/my.cnf", 0x7fff8e772680) = -1 ENOENT (No such file or directory)
      [pid  6254] stat("/home/user_name/.my.cnf", {st_mode=S_IFREG|0664, st_size=19, ...}) = 0
      [pid  6254] open("/home/user_name/.my.cnf", O_RDONLY) = 3
      
      
      But when tool forks "mysqlcheck"/"mysql", "--no-defaults" is passed
      as first argument. Before forking, in function "find_tool" of
      "mysql_upgrade", check is made to verify whether tool can be
      executable or not by calling "mysqlcheck --help" and "mysql --help".
      But argument "--no-defaults", "--defaults-file" or
      "defaults-extra-file" is not passed to "mysql" and "mysqlcheck".
      So my.cnf is searched in default paths.
      
      Fix:
      ------
      Modified code to pass "--no-defaults" as first argument to "mysql"
      and "mysqlcheck" while checking tool can be executed or not.
      1d9ae547
  15. 30 Jan, 2014 2 commits
    • Ritheesh Vedire's avatar
      Bug#16814264: FILTER OUT THE PERFORMANCE_SCHEMA RELAY LOG EVENTS FROM RELAY LOG · bebb3427
      Ritheesh Vedire authored
        Performance schema tables are local to a server and they should not
        be allowed to be executed by the slave from the relay log.
        From 5.6.10, P_S events are not written into the binary log.
        But prior to that, from mysql 5.5 onwards, P_S events are written 
        to the binary log by master.
        The following are problematic scenarios:
            
        1. Master 5.5 -> Slave 5.5
           ========================
          A) RBR: Slave crashes
          B) SBR: P_S statements are replicated.
            
        2.Master 5.5 -> Slave 5.6
          ========================
          A) RBR: SQL thd generates error
          B) SBR : P_S statements are replicated
            
        3. 5.5 binlog executed on a server 5.5 using mysqlbinlog|mysql
           =================================================================
           A) RBR: Server crash  (because of BINLOG'... statement)
           B) SBR: P_S statements are executed
            
        4. 5.5 binlog executed on server 5.6 using mysqlbinlog|mysql
           ================================================================
           A) RBR: SQL error (because of BINLOG'... statement)
           B) SBR: P_S statements are executed.
            
            
          The generalized behaviour should be:
          a) Slave SQL thread should certainly ignore P_S events read from
             the relay log.
          b) mysqlbinlog|mysql should replay the binlog succesfully.
            
      bebb3427
    • Annamalai Gurusami's avatar
      Bug #14668683 ASSERT REC_GET_DELETED_FLAG(REC, PAGE_IS_COMP(PAGE)) · d13408f8
      Annamalai Gurusami authored
      Problem:
      
      The function row_upd_changes_ord_field_binary() is used to decide whether to
      use row_upd_clust_rec_by_insert() or row_upd_clust_rec().  The function
      row_upd_changes_ord_field_binary() does not make use of charset information.
      Based on binary comparison it decides that r1 and r2 differ in their ordering
      fields.
      
      In the function row_upd_clust_rec_by_insert(), an update is done by delete +
      insert.  These operations internally make use of cmp_dtuple_rec_with_match()
      to compare records r1 and r2.  This comparison takes place with the use of
      charset information.
      
      This means that it is possible for the deleted record to be reused in the
      subsequent insert.  In the given scenario, the characters 'a' and 'A' are
      considered equal in the my_charset_latin1.  When this happens, the ownership
      information of externally stored blobs are not correctly handled.
      
      Solution:
      
      When an update is done by delete followed by insert, disown the relevant
      externally stored fields during the delete marking itself (within the same
      mtr).  If the insert succeeds, then nothing with respect to blob ownership
      needs to be done.  If the insert fails, then the disown done earlier will be
      removed when the operation is rolled back.
      
      rb#4479 approved by Marko.
      
      d13408f8
  16. 24 Jan, 2014 1 commit
    • unknown's avatar
      BUG 18117322 - DEFINE INNODB_THREAD_SLEEP_DELAY MAX VALUE · 93609b57
      unknown authored
      The maximum value for innodb_thread_sleep_delay is 4294967295 (32-bit) or
      18446744073709551615 (64-bit) microseconds. This is way too big, since
      the max value of innodb_thread_sleep_delay is limited by
      innodb_adaptive_max_sleep_delay if that value is set to non-zero value
      (its default is 150,000).
      
      Solution
      The maximum value of innodb_thread_sleep_delay should be the same as
      the maximum value of innodb_adaptive_max_sleep_delay, which is 1000000.
      
      Approved by Jimmy, rb#4429
      93609b57
  17. 23 Jan, 2014 1 commit
    • Tor Didriksen's avatar
      Backport of Bug#16809055 MYSQL 5.6 AND 5.7 STILL USE LIBMYSQLCLIENT.SO.18 · e613d2ed
      Tor Didriksen authored
      Backported only the softlink part of the patch,
      *not* the bumping of library version.
      
      With this patch, the libmysql/ directory contains:
      libmysqlclient.a
      libmysqlclient_r.a -> libmysqlclient.a
      libmysqlclient_r.so -> libmysqlclient.so*
      libmysqlclient_r.so.18 -> libmysqlclient.so.18*
      libmysqlclient_r.so.18.0.0 -> libmysqlclient.so.18.0.0*
      libmysqlclient.so -> libmysqlclient.so.18*
      libmysqlclient.so.18 -> libmysqlclient.so.18.0.0*
      libmysqlclient.so.18.0.0*
      e613d2ed
  18. 16 Jan, 2014 2 commits
  19. 13 Jan, 2014 1 commit
    • Thayumanavar's avatar
      BUG#18054998 - BACKPORT FIX FOR BUG#11765785 to 5.5 · 819eb3e0
      Thayumanavar authored
      This is a backport of the patch of bug#11765785. Commit message
      by Prabakaran Thirumalai from bug#11765785 is reproduced below:
      Description:
      ------------
      Global Query ID (global_query_id ) is not incremented for PING and 
      statistics command. These two query types are filtered before 
      incrementing the global query id. This causes race condition and 
      results in duplicate query id for different queries originating from 
      different connections.
            
      Analysis:
      ---------
      sqlparse.cc::dispath_command() is the only place in code which sets 
      thd->query_ id to global_query_id and then increments it based on the 
      query type. In all other places it is incremented first and then 
      assigned to thd->query_id.
            
      This is done such that global_query_id is not incremented for PING 
      and statistics commands in dispatch_command() function.
            
      Fix:
      ----
      As per suggestion from Serg, "There is no reason to skip query_id for 
      the PING and STATISTICS command.", removing the check which filters 
      PING and statistics commands.
            
      Instead of using get_query_id() and next_query_id() which can still 
      cause race condition if context switch happens soon after executing 
      get_query_id(), changing the code to use next_query_id() instead of 
      get_query_id() as it is done in other parts of code which deals with 
      global_query_id.
            
      Removed get_query_id() function and forced next_query_id() caller 
      to use the return value by specifying warn_unused_result attribute.
      819eb3e0
  20. 11 Jan, 2014 1 commit
    • Venkata Sidagam's avatar
      Bug #17760379 COLLATIONS WITH CONTRACTIONS BUFFER-OVERFLOW THEMSELVES IN THE FOOT · ff6b117c
      Venkata Sidagam authored
      Description: A typo in create_tailoring() causes the "contraction_flags" to be written
      into cs->contractions in the wrong place. This causes two problems:
      (1) Anyone relying on `contraction_flags` to decide "could this character be
      part of a contraction" is 100% broken.
      (2) Anyone relying on `contractions` to determine the weight of a contraction
      is mostly broken
      
      Analysis: When we are preparing the contraction in create_tailoring(), we are corrupting the 
      cs->contractions memory location which is supposed to store the weights(8k) + contraction information(256 bytes). We started storing the contraction information after the 4k location. This is because of logic flaw in the code.
      
      Fix: When we create the contractions, we need to calculate the contraction with (char*) (cs->contractions + 0x40*0x40) from ((char*) cs->contractions) + 0x40*0x40. This makes the "cs->contractions" to move to 8k bytes and stores the contraction information from there. Similarly when we are calculating it for like range queries we need to calculate it from the 8k bytes onwards, this can be done by changing the logic to (const char*) (cs->contractions + 0x40*0x40). And for ucs2 charsets we need to modify the my_cs_can_be_contraction_head() and my_cs_can_be_contraction_tail() to point to 8k+ locations.
      ff6b117c
  21. 10 Jan, 2014 1 commit
    • Sujatha Sivakumar's avatar
      Bug#17081415:>=4GB ROW EVENT CRASHES SERVER WITH WILD MEMCPY · 8765bec5
      Sujatha Sivakumar authored
      OF ROW DATA
      
      Problem:
      ========
      Inserting a row larger than 4G when server uses RBR leads
      to crash.
      
      Analysis:
      ========
      Row-based binary logging logs changes in individual table
      rows. During the execution of DML statements in RBR the
      actual row data will be stored within "m_rows_buf" buffer
      and this buffer contents will be written to binary log.
      "m_rows_buf" is prepared within the following function
      "Rows_log_event::do_add_row_data".
      
      When a huge row is specified as in this bug scenario where
      row size is 4294971520 > UINT_MAX (4294967295) then the
      "m_rows_buf" is reallocated to accommodate the row data and
      then the row is copied to the buffer. During this realloc
      call, the length is getting type casted to "uint" which
      results in overflow. Because of the overflow the reallocated
      memory happens to be incorrect than what was requested
      and it results in a crash during copy of rowdata to buffer.
      
      Hence rows of size > 4GB cannot be written to binary log.
      By default the event_length can be stored within 4 bytes
      which in turn restricts an event's size to grow. Hence large
      rows cannot be replicated using row based replication.
      
      Fix:
      ===
      An error is generated if the row size exceeds 4GB value.
      
      sql/log_event.cc:
        An error is generated if the row size exceeds 4GB value.
        Debug simulations are added to test the fix.
      8765bec5
  22. 09 Jan, 2014 4 commits
    • Luis Soares's avatar
      BUG#17066269 · fcf33b60
      Luis Soares authored
      - Automerged from bug branch into latest mysql-5.5.
      - Fixed trailing whitespaces.
      - Updated the copyright notice year to 2014.
      fcf33b60
    • Murthy Narkedimilli's avatar
    • mithun's avatar
      Bug #17307201 : FAILING ASSERTION: PREBUILT->TRX->CONC_STATE == 1 · 672f18c1
      mithun authored
                      FROM SUBSELECT
      ISSUE         : In function find_all_keys.
                      If selected row do not satisfy condition
                      then we call unlock_row to release the locked
                      row. Suppose if we have subquery in condition
                      and we have an innodb error during its execution.
                      Then we should not call the unlock_row. If the error
                      is because of deadlock, innodb will rollback the
                      transaction. And calling unlock_row without
                      transaction is an invalid case hence an assertion
                      failure.
      SOLUTION      : We call unlock_row only if only there is no
                      error occurred previously.
                      The solution is back ported from 5.6
                      defect number 14226481
      
      
      sql/filesort.cc:
        Now we call unlock_row only if there is no
        previous error.
      672f18c1
    • unknown's avatar
      No commit message · f176092c
      unknown authored
      No commit message
      f176092c
  23. 08 Jan, 2014 3 commits
    • Aditya A's avatar
      Bug#16287752 INNODB_DATA_FILE_PATH MINIMUM SIZE · dc1365d6
      Aditya A authored
                      IN DOCUMENTATION
      Problem 
      -------
      The documentation says that we support 'K' prefix 
      while specifiying size for innodb datafile in the
      server variable for innodb_data_file_path ,but the
      function srv_parse_megabytes() only handles only 
      'M' (megabytes) and 'G' (gigabytes) .
      
      Fix
      ---
      Modify srv_parse_megabytes() to handle Kilobytes. 
      
      Add in documentation that while specifying size 
      in KB it should be mentioned in multiples of 1024
      other wise they will be rounded off to nearest
      MB (megabyte) boundry .(eg if size mentioned
      as 2313KB will be considered as 2 MB ).
      
      [ Approved by Marko #rb 2387 ]
      dc1365d6
    • Anirudh Mangipudi's avatar
      Bug#16715064 MYSQL COMMUNITY UTILITIES CANNOT CONNECT TO MYSQL ENTERPRISE · 634bb833
      Anirudh Mangipudi authored
      WITH SSL ENABLED
      Problem:
      It was reported that MySQL community utilities cannot connect to a MySQL
      Enterprise 5.6.x server with SSL configured. We can reproduce the issue
      when we try to connect an MySQL Enterprise Server with a MySQL Client with
      --ssl-ca parameter enabled.
      We get an ERROR 2026 (HY000): SSL connection error: unknown error number.
      
      Solution:
      The root cause of the problem was determined to be the difference in handling
      of the certificates by OpenSSL(Enterprise) and yaSSL(Community). OpenSSL expects
      a blank certificate to be sent when a parameter (ssl-ca, or ssl-cert or ssl-key)
      has not been specified.On the other hand yaSSL doesn't send any certificate and 
      since OpenSSL does not expect this behaviour it returns an Unknown SSL error.
      The issue was resolved by yaSSL adding capability to send blank certificate when
      any of the parameter is missing.
      634bb833
    • Murthy Narkedimilli's avatar