1. 14 Nov, 2007 2 commits
  2. 12 Nov, 2007 3 commits
  3. 09 Nov, 2007 1 commit
    • unknown's avatar
      BUG#29083 - test suite times out on OS X 64bit - also in older releases · 5eafd5b1
      unknown authored
      The "mysql client in mysqld"(which is used by
      replication and federated) should use alarms instead of setting
      socket timeout value if the rest of the server uses alarm. By
      always calling 'my_net_set_write_timeout'
      or 'net_set_read_timeout' when changing the timeout value(s), the
      selection whether to use alarms or timeouts will be handled by
      ifdef's in those two functions.
      
      This is minimal backport of patch for BUG#26664, which was pushed
      to 5.0 and up.
      
      Affects 4.1 only.
      
      
      include/mysql_com.h:
        Move the net_set_*_timeout function declarations to mysql_com.h
      sql-common/client.c:
         Use my_net_read_timeout or my_net_write_timeout when setting the timeouts
      sql/mysql_priv.h:
        Move the net_set_*_timeout function declarations to mysql_com.h
      5eafd5b1
  4. 07 Nov, 2007 1 commit
    • unknown's avatar
      BUG#31277 - myisamchk --unpack corrupts a table · c5df4b30
      unknown authored
      With certain data sets (when compressed record length gets bigger than
      uncompressed) myisamchk --unpack may corrupt data file.
      
      Fixed that record length was wrongly restored from compressed table.
      
      
      myisam/mi_check.c:
        With compressed tables compressed record length may be bigger than
        pack_reclength, thus we may allocate insufficient memory for record
        buffer.
        
        Let single function allocate record buffer, performing needed record
        length calculations.
        
        Still, it is not doable with parallel repair, as it allocates needed
        record buffers at once. For parellel repair added better record length
        calculation.
      myisam/mi_open.c:
        When calculating record buffer size, take into account that compressed
        record length may be bigger than uncompressed.
      myisam/mi_packrec.c:
        With certain data set share->max_pack_length (compressed record length)
        may be bigger than share->base.pack_reclength (packed record length).
        
        set_if_bigger(pack_reclength, max_pack_length) in this case causes
        myisamchk --unpack to write extra garbage, whereas pack_reclength
        remains the same in new index file. As a result we get unreadable
        table.
      myisam/myisamchk.c:
        With compressed tables compressed record length may be bigger than
        pack_reclength, thus we may allocate insufficient memory for record
        buffer.
        
        Let single function allocate record buffer, performing needed record
        length calculations.
      mysql-test/mysql-test-run.pl:
        Environment variables to execute myisamchk and myisampack.
      mysql-test/r/myisampack.result:
        New BitKeeper file ``mysql-test/r/myisampack.result''
      mysql-test/t/myisampack.test:
        New BitKeeper file ``mysql-test/t/myisampack.test''
      c5df4b30
  5. 06 Nov, 2007 1 commit
    • unknown's avatar
      BUG#32111 - Security Breach via DATA/INDEX DIRECORY and RENAME TABLE · ff4b438b
      unknown authored
      RENAME TABLE against a table with DATA/INDEX DIRECTORY overwrites
      the file to which the symlink points.
      
      This is security issue, because it is possible to create a table with
      some name in some non-system database and set DATA/INDEX DIRECTORY
      to mysql system database. Renaming this table to one of mysql system
      tables (e.g. user, host) would overwrite the system table.
      
      Return an error when the file to which the symlink points exist.
      
      
      mysql-test/r/symlink.result:
        A test case for BUG#32111.
      mysql-test/t/symlink.test:
        A test case for BUG#32111.
      mysys/my_symlink2.c:
        Return an error when the file to which the symlink points exist.
      ff4b438b
  6. 02 Nov, 2007 3 commits
  7. 30 Oct, 2007 2 commits
    • unknown's avatar
      Merge stella.local:/home2/mydev/mysql-4.1-amain · 967c06df
      unknown authored
      into  stella.local:/home2/mydev/mysql-4.1-axmrg
      
      
      967c06df
    • unknown's avatar
      BUG#11392 - fulltext search bug · b698b6fd
      unknown authored
      Fulltext boolean mode phrase search may crash server on platforms
      where size of pointer is not equal to size of unsigned integer
      (in other words some 64-bit platforms).
      
      The problem was integer overflow.
      
      Affects 4.1 only.
      
      
      myisam/ft_boolean_search.c:
        my_match_t::beg is unsigned int, that means type of expression
        (m[0].beg - 1) has unsigned type too. It may happen that instr()
        finds substring in the beggining of passed string, returning
        m[0].beg equal to 0. In this case value of expression (m[0].beg - 1)
        is equal to MAX_UINT.
        
        This is not a problem on platforms where sizeof(pointer) equals to
        sizeof(uint). That means ptr[(uint)-1] = ptr[(uint)MAX_UINT] = ptr - 1.
        
        On some 64-bit platforms where sizeof(pointer) is 8 and sizeof(uint)
        is 4, wrong address gets accessed. In other words ptr[(uint)-1] is
        equal to ptr + MAX_UINT.
      mysql-test/r/fulltext.result:
        A test case for BUG#11392.
      mysql-test/t/fulltext.test:
        A test case for BUG#11392.
      b698b6fd
  8. 29 Oct, 2007 1 commit
  9. 25 Oct, 2007 1 commit
    • unknown's avatar
      add new trigger to prevent certain naming clashes · 80241b44
      unknown authored
      
      BitKeeper/triggers/pre-commit.check-case.pl:
        catch duplicate file names, ignoring capitalisation, mostly to avoid changesets where a deleted file foobar and a deleted file FooBar break a tree on case insensitive file systems
      80241b44
  10. 24 Oct, 2007 2 commits
    • unknown's avatar
      Merge svojtovich@bk-internal.mysql.com:/home/bk/mysql-4.1-engines · 4fda18a3
      unknown authored
      into  mysql.com:/home/svoj/devel/mysql/BUG31159/mysql-4.1-engines
      
      
      4fda18a3
    • unknown's avatar
      BUG#31159 - fulltext search on ucs2 column crashes server · 660d6626
      unknown authored
      ucs2 doesn't provide required by fulltext ctype array. Crash
      happens because fulltext attempts to use unitialized ctype
      array.
      
      Fixed by converting ucs2 fields to compatible utf8 analogue.
      
      
      include/my_sys.h:
        Added a function to find compatible character set with ctype array
        available. Currently used by fulltext search to find compatible
        substitute for ucs2 collations.
      mysql-test/r/ctype_ucs.result:
        A test case for BUG#31159.
      mysql-test/t/ctype_ucs.test:
        A test case for BUG#31159.
      mysys/charset.c:
        Added a function to find compatible character set with ctype array
        available. Currently used by fulltext search to find compatible
        substitute for ucs2 collations.
      sql/item_func.cc:
        Convert ucs2 fields to utf8. Fulltext requires ctype array, but
        ucs2 doesn't provide it.
      660d6626
  11. 23 Oct, 2007 1 commit
  12. 19 Oct, 2007 1 commit
  13. 18 Oct, 2007 2 commits
    • unknown's avatar
      Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-4.1-opt · 78a13fa4
      unknown authored
      into  sin.intern.azundris.com:/misc/mysql/31588/41-31588
      
      
      78a13fa4
    • unknown's avatar
      Bug#31588: buffer overrun when setting variables · cd9d89a7
      unknown authored
      Buffer used when setting variables was not dimensioned to accomodate
      trailing '\0'. An overflow by one character was therefore possible.
      CS corrects limits to prevent such overflows.
      
      
      mysql-test/r/variables.result:
        Try to overflow buffer used for setting system variables.
        Unpatched server should throw a valgrind warning here.
        Actual value and error message irrelevant, only length counts.
      mysql-test/t/variables.test:
        Try to overflow buffer used for setting system variables.
      sql/set_var.cc:
        Adjust maximum number of characters we can store in 'buff' by one
        as strmake() will write a terminating '\0'.
      cd9d89a7
  14. 17 Oct, 2007 1 commit
  15. 16 Oct, 2007 1 commit
  16. 11 Oct, 2007 1 commit
    • unknown's avatar
      Fix for bug #31174: "Repair" command on MyISAM crashes with small · 1c7b80df
      unknown authored
      myisam_sort_buffer_size.
      
      An incorrect length of the sort buffer was used when calculating the
      maximum number of keys. When myisam_sort_buffer_size is small enough,
      this could result in the number of keys < number of
      BUFFPEK structures which in turn led to use of uninitialized BUFFPEKs.
      
      Fixed by correcting the buffer length calculation.
      
      
      myisam/sort.c:
        Use a correct buffer length when calculating the maximum number of keys.
        Assert that for each BUFFPEK structure there is at least one
        corresponding key. Otherwise we would fail earlier and not reach
        merge_buffers().
      mysql-test/r/repair.result:
        Added a test case for bug #31174.
      mysql-test/t/repair.test:
        Added a test case for bug #31174.
      1c7b80df
  17. 10 Oct, 2007 2 commits
  18. 05 Oct, 2007 3 commits
    • unknown's avatar
      Merge mysql.com:/home/hf/work/30955/my41-30955 · 77d786b5
      unknown authored
      into  mysql.com:/home/hf/work/30286/my41-30286
      
      
      77d786b5
    • unknown's avatar
      Merge bk@192.168.21.1:mysql-4.1-opt · c14e8c80
      unknown authored
      into  mysql.com:/home/hf/work/30286/my41-30286
      
      
      c14e8c80
    • unknown's avatar
      Bug #30286 spatial index cause corruption and server crash! · 6d54b577
      unknown authored
      As the result of DOUBLE claculations can be bigger
      than DBL_MAX constant we use in code, we shouldn't use this constatn
      as a biggest possible value.
      Particularly the rtree_pick_key function set 'min_area= DBL_MAX' relying
      that any rtree_area_increase result will be less so we return valid
      key. Though in rtree_area_increase function we calculate the area
      of the rectangle, so the result can be 'inf' if the rectangle is
      huge enough, which is bigger than DBL_MAX.
      
      Code of the rtree_pick_key modified so we always return a valid key.
      
      
      myisam/rt_index.c:
        Bug #30286 spatial index cause corruption and server crash!
        
        always set the best_key with the first key we get, so we always return
        somthing valid.
      myisam/rt_mbr.c:
        Bug #30286 spatial index cause corruption and server crash!
        
        function comment extended
      mysql-test/r/gis-rtree.result:
        Bug #30286 spatial index cause corruption and server crash!
        test result
      mysql-test/t/gis-rtree.test:
        Bug #30286 spatial index cause corruption and server crash!
        test case
      6d54b577
  19. 04 Oct, 2007 5 commits
    • unknown's avatar
      Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-4.1-maint · b055562b
      unknown authored
      into  sin.intern.azundris.com:/home/tnurnberg/30444/41-30444
      
      
      b055562b
    • unknown's avatar
      Backport of the 5.0 patch to 4.1 · 4d0ef0cc
      unknown authored
      Bug#28878: InnoDB tables with UTF8 character set and indexes cause  wrong result for DML
      When making key reference buffers over CHAR fields whitespace (0x20) must be used to fill in the remaining space in the field's buffer. This is what Field_string::store() does. Fixed Field_string::get_key_image() to do the same.
      
      
      mysql-test/r/innodb_mysql.result:
        Bug#28878: test case
      mysql-test/t/innodb_mysql.test:
        Bug#28878: test case
      sql/field.cc:
        Bug#28878: Fill with space instead of binary zeros.
      4d0ef0cc
    • unknown's avatar
      Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-4.1-maint · bb050c0e
      unknown authored
      into  sin.intern.azundris.com:/home/tnurnberg/30444/41-30444
      
      
      bb050c0e
    • unknown's avatar
      Bug #30444: 5.0 mysqldump silently allows wrong backup to be taken against a 4.0 database · 3f4eaf57
      unknown authored
      The combination of --single-transaction and --master-data requires
      START TRANSACTION WITH CONSISTENT SNAPSHOT which is available from
      mysqld 4.1 on. When trying this against an older server, print
      diagnostic, then, if --force is not given, abort.
      
      No test-case given since it would require a mysqld < 4.1.
      
      
      client/mysqldump.c:
        Bug #30444: 5.0 mysqldump silently allows wrong backup to be taken against a 4.0 database
        
        The combination of --single-transaction and --master-data requires
        START TRANSACTION WITH CONSISTENT SNAPSHOT which is available from
        mysqld 4.1 on. When trying this against an older server, print
        diagnostic, then, if --force is not given, abort.
      3f4eaf57
    • unknown's avatar
      Fix for bug #31069: crash in 'sounds like' · db2d3104
      unknown authored
      and for bug #31070: crash during conversion of charsets
      
      Problem: passing a 0 byte length string to some my_mb_wc_XXX() 
      functions leads to server crash due to improper argument check.
      
      Fix: properly check arguments passed to my_mb_wc_XXX() functions.
      
      
      mysql-test/include/ctype_common.inc:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test case.
      mysql-test/r/ctype_big5.result:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test result.
      mysql-test/r/ctype_euckr.result:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test result.
      mysql-test/r/ctype_gb2312.result:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test result.
      mysql-test/r/ctype_gbk.result:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test result.
      mysql-test/r/ctype_uca.result:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - test result.
      strings/ctype-big5.c:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - check the string length before testing its first byte.
      strings/ctype-cp932.c:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - check the string length before testing its first byte.
      strings/ctype-euc_kr.c:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - check the string length before testing its first byte.
      strings/ctype-gb2312.c:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - check the string length before testing its first byte.
      strings/ctype-sjis.c:
        Fix for bug #31069: crash in 'sounds like'
        and bug #31070: crash during conversion of charsets
          - check the string length before testing its first byte.
      db2d3104
  20. 03 Oct, 2007 1 commit
    • unknown's avatar
      Bug #30955 geomfromtext() crasher. · ae3d4bfc
      unknown authored
      end-of-line check missed in Gis_read_stream::get_next_word,
      what can lead to crashes (expecially with NULL strings).
      
      End-of-line check added
      
      
      sql/gstream.cc:
        Bug #30955 geomfromtext() crasher
      mysql-test/r/gis.result:
        Bug #30955 geomfromtext() crasher.
        
        test result
      mysql-test/t/gis.test:
        Bug #30955 geomfromtext() crasher.
        
        test case
      ae3d4bfc
  21. 28 Sep, 2007 1 commit
  22. 14 Sep, 2007 2 commits
  23. 13 Sep, 2007 1 commit
    • unknown's avatar
      BUG#30590 - delete from memory table with composite btree primary key · cf5762b4
      unknown authored
      DELETE query against memory table with btree index may remove
      not all matching rows. This happens only when DELETE uses
      index read method to find matching rows. E.g. for queries
      like DELETE FROM t1 WHERE a=1.
      
      Fixed by reverting fix for BUG9719 and applying proper solution.
      
      
      heap/hp_delete.c:
        Reverted fix for BUG9719 as it makes queries like
        DELETE FROM t1 WHERE a=1 to remove not all matching
        rows (assuming this is memory table and there is btree
        key over `a`).
        
        This happens because we calculate info->lastkey_len in
        heap_rkey(). When we enter heap_rnext(), info->lastkey_len
        is 0 (set by hp_rb_delete_key()). We need to preserve
        info->lastkey_len in this situation, otherwise
        tree_search_key() will always return smallest value in
        a tree.
      heap/hp_rfirst.c:
        If we're performing index_first on a table that was taken from
        table cache, info->lastkey_len is initialized to previous query.
        Thus we set info->lastkey_len to proper value for subsequent
        heap_rnext() calls.
        This is needed for DELETE queries only, otherwise this variable is
        not used.
        Note that the same workaround may be needed for heap_rlast(), but
        for now heap_rlast() is never used for DELETE queries.
      heap/hp_rnext.c:
        An optimization for DELETE queries that use index_first()/index_next().
        Use faster tree_search_edge() instead of tree_search_key().
      mysql-test/r/heap_btree.result:
        A test case for BUG#30590.
      mysql-test/t/heap_btree.test:
        A test case for BUG#30590.
      cf5762b4
  24. 10 Sep, 2007 1 commit