to pick up some new security fixes that are in it.

Patch provided by Georgi Kodinov.

Update the year in the copyright notice, file "README".

$SUBJ$
1. Took a diff between the previous base version and the
mysql sources.
2. Added the new 2.1.4 base version.
3. Reviewed and re-applied the diff from step #1.

AND 5.5 YASSL FIXES.

Took the 5.5 yassl code and applied it to the 5.0 codebase, keeping the
compilation files.

Fix for #36428/#38364 backported into 5.0.

SMALL KEY CACHE

The server crashed on division by zero because the key cache was not
initialized and the block length was 0 which was used in a division.

The fix was to not allow CACHE INDEX if the key cache was not initiallized.
Thus never try LOAD INDEX INTO CACHE for an uninitialized key cache.

Also added some windows files/directories to .bzrignore.

Buffer over-run on all platforms, crash on windows, wrong result on other platforms,
when rounding numbers which start with 999999999 and have
precision = 9 or 18 or 27 or 36 ...


mysql-test/r/type_newdecimal.result:
  New test cases.
mysql-test/t/type_newdecimal.test:
  New test cases.
sql/my_decimal.h:
  Add sanity checking code, to catch buffer over/under-run.
strings/decimal.c:
  The original initialization of intg1 (add 1 if buf[0] == DIG_MAX)
  will set p1 to point outside the buffer, and the loop to copy the original value
      while (buf0 < p0)
        *(--p1) = *(--p0);
  will overwrite memory outside the my_decimal object.

Bug#11765687 (MySQL58677): No privilege on table / view, but can know #rows / underlying table's name

1 - If a user had SHOW VIEW and SELECT privileges on a view and
this view was referencing another view, EXPLAIN SELECT on the outer
view (that the user had privileges on) could reveal the structure
of the underlying "inner" view as well as the number of rows in
the underlying tables, even if the user had privileges on none of
these referenced objects.

This happened because we used DEFINER's UID ("SUID") not just for
the view given in EXPLAIN, but also when checking privileges on
the underlying views (where we should use the UID of the EXPLAIN's
INVOKER instead).

We no longer run the EXPLAIN SUID (with DEFINER's privileges).
This prevents a possible exploit and makes permissions more
orthogonal.

2 - EXPLAIN SELECT would reveal a view's structure even if the user
did not have SHOW VIEW privileges for that view, as long as they
had SELECT privilege on the underlying tables.

Instead of requiring both SHOW VIEW privilege on a view and SELECT
privilege on all underlying tables, we were checking for presence
of either of them.

We now explicitly require SHOW VIEW and SELECT privileges on
the view we run EXPLAIN SELECT on, as well as all its
underlying views. We also require SELECT on all relevant
tables. 


mysql-test/r/view_grant.result:
  add extensive tests to illustrate desired behavior and
  prevent regressions (as always).
mysql-test/t/view_grant.test:
  add extensive tests to illustrate desired behavior and
  prevent regressions (as always).
sql/sql_view.cc:
  We no longer run the EXPLAIN SUID (with DEFINER's privileges).
  To achieve this, we use a temporary, SUID-less TABLE_LIST for
  the views while checking privileges.

TOOLS

Backport a fix for Bug 57094 from 5.5.
The following revision was backported:

# revision-id: alexander.nozdrin@oracle.com-20101006150613-ls60rb2tq5dpyb5c
# parent: bar@mysql.com-20101006121559-am1e05ykeicwnx48
# committer: Alexander Nozdrin <alexander.nozdrin@oracle.com>
# branch nick: mysql-5.5-bugteam-bug57094
# timestamp: Wed 2010-10-06 19:06:13 +0400
# message:
#   Fix for Bug 57094 (Copyright notice incorrect?).
#   
#   The fix is to:
#     - introduce ORACLE_WELCOME_COPYRIGHT_NOTICE define to have a single place
#       to specify copyright notice;
#     - replace custom copyright notices with ORACLE_WELCOME_COPYRIGHT_NOTICE
#       in programs.

The buffer was simply too small.
In 5.5 and trunk, the size is 311 + 31,
in 5.1 and below, the size is 331


client/sql_string.cc:
  Increase buffer size in String::set(double, ...)
include/m_string.h:
  Increase FLOATING_POINT_BUFFER
mysql-test/r/type_float.result:
  New test cases.
mysql-test/t/type_float.test:
  New test cases.
sql/sql_string.cc:
  Increase buffer size in String::set(double, ...)
sql/unireg.h:
  Move definition of FLOATING_POINT_BUFFER

Follow-up patch that adds the newly added header file to
Makefile.am noinst_HEADERS.

CLIENT TOOLS
      
The fix is to backport part of revision:
        
  - alexander.nozdrin@oracle.com-20101006150613-ls60rb2tq5dpyb5c
      
from mysql-5.5. In detail, we add the oracle welcome notice
header file proposed in the original patch and include/use it
in client/mysqlbinlog.cc, replacing the existing and obsolete
notice.

Update copyright comment in innochecksum.

patch so that it can later be compared with patchs with expanded symlinks 

The new --secure-file-priv checks dereference any symlinks in the paths and compare the 
resolved paths.
Thus the 5.0 test suite must do as the 5.1 and up and avoid using symlinks.

The query was re-written *after* we had tagged it with NON_AGG_FIELD_USED.
Remove the flag before continuing.


mysql-test/r/explain.result:
  Update test case for Bug#48295.
mysql-test/r/subselect.result:
  New test case.
mysql-test/t/explain.test:
  Update test case for Bug#48295.
mysql-test/t/subselect.test:
  New test case.
sql/item.cc:
  Use accessor functions for non_agg_field_used/agg_func_used.
sql/item_subselect.cc:
  Remove non_agg_field_used when we rewrite query '1 < some (...)' => '1 < max(...)'
sql/item_sum.cc:
  Use accessor functions for non_agg_field_used/agg_func_used.
sql/mysql_priv.h:
  Remove unused #defines.
sql/sql_lex.cc:
  Initialize new member variables.
sql/sql_lex.h:
  Replace full_group_by_flag with two boolean flags,
  and itroduce accessors for manipulating them.
sql/sql_select.cc:
  Use accessor functions for non_agg_field_used/agg_func_used.

  USING '..' ON WINDOWS

Backport of the fix to 5.0 (to be null-merged to 5.1).
Moved the test into the main test suite. 
Made mysql-test-run.pl to not use symlinks for sdtdata as the symlinks
are now properly recognized by secure_file_priv.
Made sure the paths in load_file(), LOAD DATA and SELECT .. INTO OUTFILE 
that are checked against secure_file_priv in a correct way similarly to 5.1 
by the extended is_secure_file_path() backport before the comparison.
Added an extensive test with all the variants of upper/lower case, 
slash/backslash and case sensitivity.
Added few comments to the code.