1. 14 Aug, 2006 1 commit
  2. 28 Jul, 2006 4 commits
  3. 26 Jul, 2006 1 commit
    • kroki/tomash@moonlight.intranet's avatar
      BUG#21206: memory corruption when too many cursors are opened at once · 4e845ccc
      kroki/tomash@moonlight.intranet authored
      Too many cursors (more than 1024) could lead to memory corruption.
      This affects both, stored routines and C API cursors, and the
      threshold is per-server, not per-connection.  Similarly, the
      corruption could happen when the server was under heavy load
      (executing more than 1024 simultaneous complex queries), and this is
      the reason why this bug is fixed in 4.1, which doesn't support
      cursors.
      
      The corruption was caused by a bug in the temporary tables code, when
      an attempt to create a table could lead to a write beyond allocated
      space.  Note, that only internal tables were affected (the tables
      created internally by the server to resolve the query), not tables
      created with CREATE TEMPORARY TABLE.  Another pre-condition for the
      bug is TRUE value of --temp-pool startup option, which, however, is a
      default.
      
      The cause of a bug was that random memory was overwritten in
      bitmap_set_next() due to out-of-bound memory access.
      4e845ccc
  4. 24 Jul, 2006 5 commits
  5. 23 Jul, 2006 1 commit
  6. 20 Jul, 2006 1 commit
  7. 19 Jul, 2006 2 commits
  8. 18 Jul, 2006 3 commits
  9. 17 Jul, 2006 2 commits
  10. 15 Jul, 2006 1 commit
  11. 14 Jul, 2006 5 commits
  12. 13 Jul, 2006 6 commits
  13. 12 Jul, 2006 4 commits
  14. 11 Jul, 2006 4 commits
    • evgen@moonbone.local's avatar
      Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-4.1-opt · 5d4881b8
      evgen@moonbone.local authored
      into  moonbone.local:/work/18503-bug-4.1-mysql
      5d4881b8
    • evgen@moonbone.local's avatar
      Fixed bug#18503: Queries with a quantified subquery returning empty set · 8ffda481
      evgen@moonbone.local authored
      may return a wrong result.
      
      An Item_sum_hybrid object has the was_values flag which indicates whether any
      values were added to the sum function. By default it is set to true and reset
      to false on any no_rows_in_result() call. This method is called only in
      return_zero_rows() function. An ALL/ANY subquery can be optimized by MIN/MAX
      optimization. The was_values flag is used to indicate whether the subquery
      has returned at least one row. This bug occurs because return_zero_rows() is
      called only when we know that the select will return zero rows before
      starting any scans but often such information is not known.
      In the reported case the return_zero_rows() function is not called and
      the was_values flag is not reset to false and yet the subquery return no rows
      Item_func_not_all and Item_func_nop_all functions return a wrong
      comparison result.
      
      The end_send_group() function now calls no_rows_in_result() for each item
      in the fields_list if there is no rows were found for the (sub)query.
      8ffda481
    • cmiller@zippy.(none)'s avatar
      Merge bk-internal.mysql.com:/home/bk/mysql-4.1 · f12bc24a
      cmiller@zippy.(none) authored
      into  zippy.(none):/home/cmiller/work/mysql/m41-maint--07AB5
      f12bc24a
    • cmiller@zippy.(none)'s avatar
      Bug#20729: Bad date_format() call makes mysql server crash · 22485908
      cmiller@zippy.(none) authored
          
      The problem is that the author used the wrong function to send a warning to the 
      user about truncation of data.  push_warning() takes a constant string and 
      push_warning_printf() takes a format and variable arguments to fill it.
      
      Since the string we were complaining about contains percent characters, the 
      printf() code interprets the "%Y" et c. that the user sends.  That's wrong, and
      often causes a crash, especially if the date mentions seconds, "%s".
      
      A alternate fix would be to use  push_warning_printf(..., "%s", warn_buff) .
      22485908