1. 09 Feb, 2009 2 commits
    • Davi Arnaut's avatar
      Bug#42634: % character in query can cause mysqld signal 11 segfault · bab4ff1a
      Davi Arnaut authored
      The problem is that a unfiltered user query was being passed as
      the format string parameter of sql_print_warning which later
      performs printf-like formatting, leading to crashes if the user
      query contains formatting instructions (ie: %s). Also, it was
      using THD::query as the source of the user query, but this
      variable is not meaningful in some situations -- in a delayed
      insert, it points to the table name.
      
      The solution is to pass the user query as a parameter for the
      format string and use the function parameter query_arg as the
      source of the user query.
      
      mysql-test/suite/binlog/r/binlog_unsafe.result:
        Add test case result for Bug#42634
      mysql-test/suite/binlog/t/binlog_unsafe.test:
        Add test case for Bug#42634
      sql/sql_class.cc:
        Don't pass the user query as a format string.
      bab4ff1a
    • Vladislav Vaintroub's avatar
      Bug#42427 : MTR v2 fails with "can't write to /tmp/mysql-test-ports.sem" on Windows · 461cad77
      Vladislav Vaintroub authored
      - /tmp directory is not guaranteed to exist on Windows. 
      Use the value of environment variable TEMP here
      461cad77
  2. 07 Feb, 2009 5 commits
  3. 06 Feb, 2009 15 commits
  4. 05 Feb, 2009 14 commits
    • unknown's avatar
      Merge from mysql-5.1.31-release · 5a4e3eaa
      unknown authored
      5a4e3eaa
    • Gleb Shchepa's avatar
      798f19e4
    • Matthias Leich's avatar
      Fix for Bug#42602 main.status: random failures · 09387431
      Matthias Leich authored
      + minor improvements
      09387431
    • Gleb Shchepa's avatar
      after-push test update (bug #39265) · a7435ddf
      Gleb Shchepa authored
      a7435ddf
    • Alexey Kopytov's avatar
      4cd0e2fa
    • Alexey Kopytov's avatar
      Merge to team tree. · 759b626d
      Alexey Kopytov authored
      759b626d
    • Alexey Kopytov's avatar
      Merge from team tree. · 20cdcaa3
      Alexey Kopytov authored
      20cdcaa3
    • Gleb Shchepa's avatar
      Bug #39265: fix for the bug 33699 should be reverted · b9d02d46
      Gleb Shchepa authored
      Documented behaviour was broken by the patch for bug 33699
      that actually is not a bug.
      
      This fix reverts patch for bug 33699 and reverts the
      UPDATE of NOT NULL field with NULL query to old
      behavior.
      
      
      mysql-test/extra/rpl_tests/rpl_extraMaster_Col.test:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/include/ps_modify.inc:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/auto_increment.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/csv_not_null.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/null.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/ps_2myisam.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/ps_3innodb.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/ps_4heap.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/ps_5merge.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/r/warnings.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/suite/ndb/r/ps_7ndb.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/suite/rpl/r/rpl_extraColmaster_innodb.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/suite/rpl/r/rpl_extraColmaster_myisam.result:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/suite/rpl/t/rpl_err_ignoredtable.test:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/t/auto_increment.test:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/t/csv_not_null.test:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/t/null.test:
        Bug #39265: fix for the bug 33699 should be reverted
      mysql-test/t/warnings.test:
        Bug #39265: fix for the bug 33699 should be reverted
      sql/sql_update.cc:
        Bug #39265: fix for the bug 33699 should be reverted
      b9d02d46
    • Gleb Shchepa's avatar
      ea15ebbb
    • Gleb Shchepa's avatar
      Bug #42037: Queries containing a subquery with DISTINCT and · 061bf717
      Gleb Shchepa authored
                  ORDER BY could cause a server crash
      
      Dependent subqueries like
      
        SELECT COUNT(*) FROM t1, t2 WHERE t2.b
         IN (SELECT DISTINCT t2.b FROM t2 WHERE t2.b = t1.a)
      
      caused a memory leak proportional to the
      number of outer rows.
      
      
      The make_simple_join() function has been modified to
      JOIN class method to store join_tab_reexec and
      table_reexec values in the parent join only
      (make_simple_join of tmp_join may access these values
      via 'this' pointer of the parent JOIN).
      
      NOTE: this patch doesn't include standard test case (this is
      "out of memory" bug). See bug #42037 page for test cases.
      
      
      sql/sql_select.cc:
        Bug #42037: Queries containing a subquery with DISTINCT and
                    ORDER BY could cause a server crash
        
        The make_simple_join() function has been modified to
        JOIN class method to store join_tab_reexec and
        table_reexec values in the parent join only.
      sql/sql_select.h:
        Bug #42037: Queries containing a subquery with DISTINCT and
                    ORDER BY could cause a server crash
        
        1. The make_simple_join() function has been modified to
           JOIN class method.
        
        2. Type of JOIN::table_reexec field has been changed from
           TABLE** to TABLE *table_reexec[1]: this field always was
           NULL or a pointer to one-element array of pointers, so
           a pointer to a pointer has been replaced with one pointer
           and unnecessary memory allocation has been eliminated.
      061bf717
    • Ramil Kalimullin's avatar
      Fix for bug#42014: Crash, name_const with collate · 31d908d7
      Ramil Kalimullin authored
      Problem: some queries using NAME_CONST(.. COLLATE ...)
      lead to server crash due to failed type cast.
      
      Fix: return the underlying item's type in case of
      NAME_CONST(.. COLLATE ...) to avoid wrong casting.
      
      
      mysql-test/r/func_misc.result:
        Fix for bug#42014: Crash, name_const with coll
          - test result.
      mysql-test/t/func_misc.test:
        Fix for bug#42014: Crash, name_const with coll
          - test case.
      sql/item.cc:
        Fix for bug#42014: Crash, name_const with coll
          - in case of NAME_CONST('name', 'value' COLLATE collation)
        Item_name_const::type() returns type of 'value' argument 
        to awoid wrong type casting of the Item_name_const items.
      31d908d7
    • Alexey Botchkov's avatar
      merging · aa964b79
      Alexey Botchkov authored
      aa964b79
    • Ramil Kalimullin's avatar
      Auto-merge · 9ee53cbc
      Ramil Kalimullin authored
      9ee53cbc
    • Alexey Botchkov's avatar
      Bug#37995 Error message truncation in test "innodb" in embedded mode. · 9036f1aa
      Alexey Botchkov authored
         code backported from 6.0
      
      
      per-file messages:
        include/my_global.h
          Remove SC_MAXWIDTH. This is unused and irrelevant nowadays.
        include/my_sys.h
          Remove errbuf declaration and unused definitions.
        mysys/my_error.c
          Remove errbuf definition and move and adjust ERRMSGSIZE.
        mysys/my_init.c
          Declare buffer on the stack and use my_snprintf.
        mysys/safemalloc.c
          Use size explicitly. It's more than enough for the message at hand.
        sql/sql_error.cc
          Use size explicitly. It's more than enough for the message at hand.
        sql/sql_parse.cc
          Declare buffer on the stack. Use my_snprintf as it will result in
          less stack space being used than by a system provided sprintf --
          this allows us to put the buffer on the stack without causing much
          trouble. Also, the use of errbuff here was not thread-safe as the
          function can be entered concurrently from multiple threads.
        sql/sql_table.cc
          Use MYSQL_ERRMSG_SIZE. Extra space is not needed as my_snprintf will
          nul terminate strings.
        storage/myisam/ha_myisam.cc
      Use MYSQL_ERRMSG_SIZE.
        sql/share/errmsg.txt
          Error message truncation in test "innodb" in embedded mode
          filename in the error message can safely take up to 210 symbols.
      9036f1aa
  5. 04 Feb, 2009 4 commits