1. 16 Nov, 2017 1 commit
    • Sreeharsha Ramanavarapu's avatar
      Bug #26881946: INCORRECT BEHAVIOR WITH "VALUES" · f06443ce
      Sreeharsha Ramanavarapu authored
      Issue:
      ------
      VALUES doesn't have a type() function and is considered a
      Item_field.
      
      Solution for 5.7:
      -----------------
      Add a new type() function for Item_values_insert.
      
      On 8.0 and trunk it was fixed by Mithun's Bug#19601973.
      
      Solution for 5.6:
      -----------------
      Additionally Bug#17458914 is backported.
      
      This will address the problem of using VALUES() in
      INSERT ... ON DUPLICATE KEY UPDATE. Create a field object
      only if it is in the UPDATE clause, else return a NULL
      item.
      
      This will also address the problems mentioned in
      Bug#14789787 and Bug#16756402.
      
      Solution for 5.5:
      -----------------
      As mentioned above Bug#17458914 is backported.
      
      Additionally Bug#14786324 is also backported.
      
      When VALUES() is detected outside its meaningful place,
      it should be treated as NULL and is thus replaced with a
      Field_null object, with the same name as the original
      field.
      
      Fields with type NULL are generally not handled well inside
      the server (e.g Innodb will not accept them and it is
      impossible to create them in regular tables). So create a
      new const NULL item instead.
      f06443ce
  2. 13 Nov, 2017 1 commit
  3. 09 Nov, 2017 2 commits
  4. 03 Nov, 2017 1 commit
  5. 26 Oct, 2017 1 commit
    • Arun Kuruvila's avatar
      Bug #26880757: MYISAM_USE_MMAP=1 ON WINDOWS FREQUENTLY DOES · bd1fe261
      Arun Kuruvila authored
                     NOT UPDATE FILE ON DISK
      
      Description:- When the server variable, "myisam_use_mmap" is
      enabled, MyISAM tables on windows are not updating the file
      on disk even when the server variable "flush" is set to 1.
      This is inturn making the table corrupted when encountering
      a power failure.
      
      Analysis:- When the server variable "myisam_use_mmap" is set,
      files of MyISAM tables will be memory mapped using the OS
      APIs mmap()/munmap()/msync() on Unix and CreateFileMapping()
      /UnmapViewOfFile()/FlushViewOfFile() on Windows. msync() and
      FlushViewOfFile() is responsible for flushing the changes
      made to the in-core copy of a file that was mapped into
      memory using mmap()/CreateFileMapping() back to the
      file system.  FLUSH is determined by the OS unless
      explicitly called using msync()/FlushViewOfFile().
      
      When the server variables "myisam_use_mmap" and "flush" are
      enabled, MyISAM is only flushing the files from file system
      cache to disc using "mysql_file_sync()" and not the memory
      mapped file from memory to FS cache using "my_msync()".
      ["my_msync()" inturn calls  msync() on Unix and
      FlushViewOfFile() on Windows.
      
      Fix:- As part of the fix, if server variable
      "myisam_use_mmap" is enabled along with  "flush",
      "my_msync()" is invoked to flush the data in memory to file
      system cache and followed by "mysql_file_sync()" which will
      flush the data from file system cache to disk.
      bd1fe261
  6. 23 Oct, 2017 1 commit
    • Karthik Kamath's avatar
      BUG#26529369: CREATE INDEX WITH LONG COMMENT CAUSE · a542209b
      Karthik Kamath authored
                    UNEXPECTED ERROR
      
      ANALYSIS:
      =========
      Creating many indexes with large amount of index
      information causes a server exit.
      
      FIX:
      ====
      A appropriate error is reported when the cumulative index
      information length exceeds the 2 byte range (i.e 65535).
      a542209b
  7. 19 Oct, 2017 1 commit
    • Sreeharsha Ramanavarapu's avatar
      Bug #26867652: INCORRECT BEHAVIOR WITH PREPARE STATEMENT · 84c32cdb
      Sreeharsha Ramanavarapu authored
                     AND PARAM IN ORDER BY
      
      Issue:
      ------
      This issue can occur when the ORDER BY list refers to a
      column that contains a parameter in the select list.
      
      Solution:
      ---------
      In JOIN::update_depend_map and get_sort_by_table, the
      ORDER BY list's used_tables isn't checked for parameters.
      This can result in incorrect behavior.
      
      This is a partial backport of Roy's
      84c32cdb
  8. 16 Oct, 2017 1 commit
  9. 09 Oct, 2017 1 commit
    • Tor Didriksen's avatar
      Backport patch for Bug#16877045 5.6-CLUSTER-7.3 WIN32 SQL_YACC.CC BUILD PROBLEM · aa6e69db
      Tor Didriksen authored
      Building with ninja shows the problem:
      cmake .. -G Ninja
      ninja
      ninja: error: dependency cycle: sql/GenServerSource -> sql/CMakeFiles/GenServerSource -> sql/sql_builtin.cc -> cmake_order_depends_target_sq
       sql/GenServerSource
      
      Bug#16877045 5.6-CLUSTER-7.3 WIN32 SQL_YACC.CC BUILD PROBLEM
       - Somewhat circular dependency caused by the configured files sql_builtin.cc  being included as
          part of the files to generate in sql/
       - Move sql_builtin.cc out of GEN_SOURCES variable.
       - Create new variable CONF_SOURCES to be used for configured files.
      aa6e69db
  10. 13 Sep, 2017 3 commits
    • mysql-builder@oracle.com's avatar
      No commit message · 1da916c3
      mysql-builder@oracle.com authored
      No commit message
      1da916c3
    • Anushree Prakash B's avatar
      Bug#26372491 - RCE THROUGH THE MISHANDLE OF BACKSLASH · 5ac61b2a
      Anushree Prakash B authored
      DESCRIPTION:
      ===========
      The bug is related to incorrect parsing of SQL queries
      when typed in on the CLI. The incorrect parsing can
      result in unexpected results.
      
      ANALYSIS:
      ========
      The scenarios mainly happens for identifier names
      with a typical combination of backslashes and backticks.
      The incorrect parsing can either result in executing
      additional queries or can result in query truncation.
      This can impact mysqldump as well.
      
      FIX:
      ===
      The fix makes sure that such identifier names are
      correctly parsed and a proper query is sent to the
      server for execution.
      
      (cherry picked from commit 31a372aa1c2b93dc75267d1f05a7f7fca6080dc0)
      5ac61b2a
    • mysql-builder@oracle.com's avatar
      No commit message · cf3fe5a2
      mysql-builder@oracle.com authored
      No commit message
      cf3fe5a2
  11. 08 Sep, 2017 2 commits
    • Tor Didriksen's avatar
      Bug#23072792 MYSQL_GROUP_SUFFIX DOES NOT WORK · d52edb75
      Tor Didriksen authored
      Reintroduce environment variable MYSQL_GROUP_SUFFIX to be used as
      --default-group-suffix value if not already set.
      
      The environment variable was accidentally renamed to DEFAULT_GROUP_SUFFIX_ENV
      in MySQL server 5.5.
      d52edb75
    • Anushree Prakash B's avatar
      Bug#26372491 - RCE THROUGH THE MISHANDLE OF BACKSLASH · 43632f4c
      Anushree Prakash B authored
      DESCRIPTION:
      ===========
      The bug is related to incorrect parsing of SQL queries
      when typed in on the CLI. The incorrect parsing can
      result in unexpected results.
      
      ANALYSIS:
      ========
      The scenarios mainly happens for identifier names
      with a typical combination of backslashes and backticks.
      The incorrect parsing can either result in executing
      additional queries or can result in query truncation.
      This can impact mysqldump as well.
      
      FIX:
      ===
      The fix makes sure that such identifier names are
      correctly parsed and a proper query is sent to the
      server for execution.
      43632f4c
  12. 07 Sep, 2017 1 commit
  13. 06 Sep, 2017 2 commits
  14. 31 Aug, 2017 1 commit
  15. 29 Aug, 2017 1 commit
  16. 24 Aug, 2017 2 commits
    • Ajo Robert's avatar
      Bug#26361149 MYSQL SERVER CRASHES AT: COL IN(IFNULL(CONST, · f7316aa0
      Ajo Robert authored
                             COL), NAME_CONST('NAME', NULL))
      
      Backport of Bug#19143243 fix.
      
      NAME_CONST item can return NULL_ITEM type in case of incorrect arguments.
      NULL_ITEM has special processing in Item_func_in function.
      In Item_func_in::fix_length_and_dec an array of possible comparators is
      created. Since NAME_CONST function has NULL_ITEM type, corresponding
      array element is empty. Then NAME_CONST is wrapped to ITEM_CACHE.
      ITEM_CACHE can not return proper type(NULL_ITEM) in Item_func_in::val_int(),
      so the NULL_ITEM is attempted compared with an empty comparator.
      The fix is to disable the caching of Item_name_const item.
      f7316aa0
    • Arun Kuruvila's avatar
      Bug#26482173: TLS CIPHER NEGOTIATION INCORRECTLY MATCHES ON · f2f6025a
      Arun Kuruvila authored
                    LAST BYTE ONLY (YASSL)
      
      
      Description:- TLS cipher negociation happens incorrectly
      leading to the use of a different
      
      Analysis:- YaSSL based MySQL server will compare only the
      last byte of each cipher sent in the Client Hello message.
      This can cause TLS connections to fail, due to the server
      picking a cipher which the client doesn't actually support.
      
      Fix:- A fix for detecting cipher suites with non leading
      zeros is included as YaSSL only supports cipher suites with
      leading zeros.
      f2f6025a
  17. 23 Aug, 2017 3 commits
    • Nisha Gopalakrishnan's avatar
      Bug#26390632: CREATE TABLE CAN CAUSE MYSQL TO EXIT. · be901b60
      Nisha Gopalakrishnan authored
      Analysis
      ========
      CREATE TABLE of InnoDB table with a partition name
      which exceeds the path limit can cause the server
      to exit.
      
      During the preparation of the partition name,
      there was no check to identify whether the complete
      path name for partition exceeds the max supported
      path length, causing the server to exit during
      subsequent processing.
      
      Fix
      ===
      During the preparation of partition name, check and report
      an error if the partition path name exceeds the maximum path
      name limit.
      
      This is a 5.5 patch.
      be901b60
    • Tor Didriksen's avatar
      Bug#19875294 ASSERTION `SRC' FAILED IN MY_STRNXFRM_UNICODE (SIG 6 -STRINGS/CTYPE-UTF8.C:5151) · ebd96c31
      Tor Didriksen authored
      Backport from 5.7 to 5.5 Field_set::val_str()
      should return String("", 0, cs) rather than String(NULL, 0, cs)
      ebd96c31
    • Venkatesh Duggirala's avatar
      Bug#24763131 LOCAL-INFILE DEFAULT SHOULD BE DISABLED · d75f8a17
      Venkatesh Duggirala authored
      Problem & Analysis: Slave's Receiver thread, Applier thread and worker
          threads are created with LOCAL-INFILE option enabled. As the document
          says https://dev.mysql.com/doc/refman/5.7/en/load-data-local.html,
          there are some issues if a thread enables local infile.
          This flag should be enabled with care. But for the above mentioned
          internal threads, server is enabling it at the time of creation.
      
      Fix: Further analysis on the code shows that none of threads really
          need this flag to be enabled at any time as Slave never executes
          "LOAD DATA LOCAL INFILE" after reading it from Relay log.
          Applier thread removes "LOCAL" before start executing the query.
      d75f8a17
  18. 25 Jul, 2017 1 commit
    • Deepa Dixit's avatar
      Bug#26161247: MTR: --NOREORDER IS SEARCHING FOR TEST SCRIPT ONLY IN MAIN SUITE · 6a6d5bc9
      Deepa Dixit authored
      Issue:
      ------
      Running MTR with the --no-reorder option by specifying test cases on the
      command line, without prefixing the suite name results in an error saying the
      test case was not found in the main suite. This is because MTR looks for the
      test case only in the main suite, and no other suites.
      
      Fix:
      ----
      The fix involves searching for the test in every suite if only the test name
      is specified. This back-ports two bug fixes: Bug#24967869 and Bug#24365783
      Reviewed-by: default avatarPavan Naik <pavan.naik@oracle.com>
      RB: 16812
      6a6d5bc9
  19. 17 Jul, 2017 1 commit
  20. 07 Jul, 2017 1 commit
  21. 05 Jun, 2017 2 commits
  22. 02 Jun, 2017 3 commits
  23. 01 Jun, 2017 1 commit
  24. 29 May, 2017 1 commit
  25. 25 May, 2017 1 commit
    • Venkatesh Duggirala's avatar
      Bug#18950197 RPL_SEMI_SYNC_UNINSTALL_PLUGIN FAILS BECAUSE · bb9e547a
      Venkatesh Duggirala authored
      RPL_SEMI_SYNC_MASTER_CLIENTS=1
      
      Analysis: Uninstalling rpl_semi_sync_slave on slave
                will trigger removing the slave logic on Master which
                will reduce Rpl_semi_sync_master_clients by one number.
                But it happens asynchronously on Master. Having assert
                to check this value with zero will have problems on
                slow pb2 machines.
      
      Fix: Change assert into wait_for_status_var condition.
      bb9e547a
  26. 24 May, 2017 2 commits
    • Piotr Obrzut's avatar
      Bug #25658832 VALIDATION CHECK FOR MSVC REDIST NEEDED IN SERVER COMMUNITY MSI · fedfba21
      Piotr Obrzut authored
      Added matching redist prerequisite check to the server msi installer.
      fedfba21
    • Sreeharsha Ramanavarapu's avatar
      Bug #24595639: INCORRECT BEHAVIOR IN QUERY WITH UNION AND · c34f2e51
      Sreeharsha Ramanavarapu authored
                     GROUP BY
      
      Issue 1:
      --------
      This problem occurs in the following conditions:
      1) A UNION is present in the subquery of select list and
         handles multiple columns.
      2) Query has a GROUP BY.
      
      A temporary table is created to handle the UNION.
      Item_field objects are based on the expressions of the
      result of the UNION (ie. the fake_select_lex). While
      checking validity of the columns in the GROUP BY list, the
      columns of the temporary table are checked in
      Item_ident::local_column. But the Item_field objects
      created for the temporary table don't have information like
      the Name_resolution_context that they belong to or whether
      they are dependent on an outer query. Since these members
      are null, incorrect behavior is caused.
      
      This can happen when such Item objects are cached to apply
      the IN-to-EXISTS transform for Item_row.
      
      Solution to Issue 1:
      --------------------
      Context information of the first select in the UNION will
      be assigned to the new Item_field objects.
      
      
      Issue 2:
      --------
      This problem occurs in the following conditions:
      1) A UNION is present in the subquery of select list.
      2) A column in the UNION's first SELECT refers to a table
         in the outer-query making it a dependent union.
      3) GROUP BY column refers to the outer-referencing column.
      
      While resolving the select list with an outer-reference, an
      Item_outer_ref object is created to handle the
      outer-query's GROUP BY list. The Item_outer_ref object
      replaces the Item_field object in the item tree.
      Item_outer_ref::fix_fields will be called only while fixing
      the inner references of the outer query.
      
      Before resolving the outer-query, an Item_type_holder
      object needs to be created to handle the UNION. But as
      explained above, the Item_outer_ref object has not been
      fixed yet. Having a fixed Item object is a pre-condition
      for creating an Item_type_holder.
      
      Solution to Issue 2:
      --------------------
      Use the reference (real_item()) of an Item_outer_ref object
      instead of the object itself while creating an
      Item_type_holder.
      c34f2e51
  27. 23 May, 2017 2 commits