1. 06 Jul, 2009 6 commits
  2. 03 Jul, 2009 13 commits
  3. 02 Jul, 2009 4 commits
    • Georgi Kodinov's avatar
      Bug #45807: crash accessing partitioned table and sql_mode · 5572f8e7
      Georgi Kodinov authored
      contains ONLY_FULL_GROUP_BY
      
      The partitioning code needs to issue a Item::fix_fields()
      on the partitioning expression in order to prepare 
      it for being evaluated.
      It does this by creating a special table and a table list 
      for the scope of the partitioning expression.
      But when checking ONLY_FULL_GROUP_BY the 
      Item_field::fix_fields() was relying that there always be
      cached_table set and was trying to use it to get the 
      select_lex of the SELECT the field's table is in.
      But the cached_table was not set by the partitioning code
      that creates the artificial TABLE_LIST used to resolve the
      partitioning expression and this resulted in a crash.
       
      Fixed by rectifying the following errors :
      1. Item_field::fix_fields() : the code that check for 
      ONLY_FULL_GROUP_BY relies on having tables with 
      cacheable_table set. This is mostly true, the only 
      two exceptions being the partitioning context table
      and the trigger context table.
      Fixed by taking the current parsing context if no pointer
      to the TABLE_LIST instance is present in the cached_table.
      
      2. fix_fields_part_func() : 
      
      2a. The code that adds the table being created to the 
      scope for the partitioning expression is mostly a copy 
      of the add_table_to_list and friends with one exception :
      it was not marking the table as cacheable (something that
      normal add_table_to_list is doing). This caused the 
      problem in the check for ONLY_FULL_GROUP_BY in 
      Item_field::fix_fields() to appear.
      Fixed by setting the correct members to make the table
      cacheable.
      The ideal structural fix for this is to use a unified 
      interface for adding a table to a table list 
      (add_table_to_list?) : noted in a TODO comment
      
      2b. The Item::fix_fields() was called with a NULL destination
      pointer. This causes uninitalized memory reads in the 
      overloaded ::fix_fields() function (namely 
      Item_field::fix_fields()) as it expects a non-zero pointer 
      there. Fixed by passing the source pointer similarly to how 
      it's done in JOIN::prepare().
      5572f8e7
    • Matthias Leich's avatar
      Merge 5.0 -> 5.1 of fix for bug 45902 · 7029f8bb
      Matthias Leich authored
      7029f8bb
    • Matthias Leich's avatar
      Fix for Bug#45902 rpl_sp fails sporadically in check testcases · 90c97d7c
      Matthias Leich authored
      Details:
      - Add "sync_slave_with_master" at test end
      - Restore the initial value of log_bin_trust_function_creators
      90c97d7c
    • V Narayanan's avatar
      Bug#45793 macce charset causes error with IBMDB2I · c2141faf
      V Narayanan authored
      Creating an IBMDB2I table with the macce character set
      is successful, but any attempt to insert data into the
      table was failing.
      
      This was happening because the character set name "macce"
      is not a valid iconv descriptor for IBM i PASE. This patch
      adds an override to convertTextDesc to use the equivalent
      valid iconv descriptor "IBM-1282" instead.
      c2141faf
  4. 01 Jul, 2009 4 commits
    • Staale Smedseng's avatar
      Merge from 5.0 · 87695199
      Staale Smedseng authored
      87695199
    • Staale Smedseng's avatar
      Bug #45790 Potential DoS vector: Writing of user input to log · 490f4432
      Staale Smedseng authored
      without proper formatting
            
      The problem is that a suitably crafted database identifier
      supplied to COM_CREATE_DB or COM_DROP_DB can cause a SIGSEGV,
      and thereby a denial of service. The database name is printed
      to the log without using a format string, so potential
      attackers can control the behavior of my_b_vprintf() by
      supplying their own format string. A CREATE or DROP privilege
      would be required.
            
      This patch supplies a format string to the printing of the
      database name. A test case is added to mysql_client_test.
      490f4432
    • Satya B's avatar
      merge to 5.1-bugteam · c63b2242
      Satya B authored
      c63b2242
    • Satya B's avatar
      Fix build failure after applying Innodb snapshot 5.1-ss5282 · 2e3982b4
      Satya B authored
      After applying Innodb snapshot 5.1-ss5282, build was broken
      because of missing header file. 
      
      Adding the header file to Makefile.am after informing the 
      innodb developers.
      2e3982b4
  5. 30 Jun, 2009 2 commits
  6. 29 Jun, 2009 10 commits
  7. 27 Jun, 2009 1 commit
    • Luis Soares's avatar
      BUG#42851: Spurious "Statement is not safe to log in statement · 92536e42
      Luis Soares authored
                 format." warnings
            
      Despite the fact that a statement would be filtered out from binlog, a
      warning would still be thrown if it was issued with the LIMIT.
            
      This patch addresses this issue by checking the filtering rules before
      printing out the warning.
      92536e42