1. 26 Aug, 2008 5 commits
  2. 25 Aug, 2008 4 commits
    • Davi Arnaut's avatar
      Merge Bug#36579 into mysql-5.1-bugteam · d30db4c9
      Davi Arnaut authored
      d30db4c9
    • Davi Arnaut's avatar
      Bug#36579 Dumping information about locks in use may lead to a server crash · 1ee4a3ac
      Davi Arnaut authored
      Dumping information about locks in use by sending a SIGHUP signal
      to the server or by invoking the "mysqladmin debug" command may
      lead to a server crash in debug builds or to undefined behavior in
      production builds.
      
      The problem was that a mutex that protects a lock object (THR_LOCK)
      might have been destroyed before the lock object was actually removed
      from the list of locks in use, causing a race condition with other
      threads iterating over the list. The solution is to destroy the mutex
      only after removing lock object from the list.
      
      mysys/thr_lock.c:
        Destroy the mutex that protects the lock object only after removing
        the lock object from the list of locks in use.
      1ee4a3ac
    • Sergey Glukhov's avatar
      null merge · cb8f52d2
      Sergey Glukhov authored
      cb8f52d2
    • Sergey Glukhov's avatar
      Bug#37428 Potential security issue with UDFs - linux shellcode execution. · c546559a
      Sergey Glukhov authored
      plugin_dir option backported from 5.1
      
      mysql-test/r/udf.result:
        result fix
      sql/mysql_priv.h:
        opt_plugin_dir and opt_plugin_dir_ptr declared.
      sql/mysqld.cc:
        'plugin_dir' option added
      sql/set_var.cc:
        'plugin_dir' option added.
      sql/sql_udf.cc:
        opt_plugin_dir added to the udf->dl path. Warn if it's not specified.
      sql/unireg.h:
        PLUGINDIR defined.
      c546559a
  3. 23 Aug, 2008 1 commit
  4. 22 Aug, 2008 1 commit
    • Alexey Botchkov's avatar
      Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY. · ec524d50
      Alexey Botchkov authored
                  
                  test_if_data_home_dir fixed to look into real path.
                  Checks added to mi_open for symlinks into data home directory.
      
      per-file messages:
              include/my_sys.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                my_is_symlink interface added
              include/myisam.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invalid_symlink interface added
              myisam/mi_check.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile calls modified
              myisam/mi_open.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                code added to mi_open to check for symlinks into data home directory.
                mi_open_datafile now accepts 'original' file path to check if it's
                an allowed symlink.
              myisam/mi_static.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invlaid_symlink defined
              myisam/myisamchk.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile call modified
              myisam/myisamdef.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                mi_open_datafile interface modified - 'real_path' parameter added
              mysql-test/r/symlink.test
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error codes corrected as some patch now rejected pointing inside datahome
              mysql-test/r/symlink.result
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error messages corrected in the result
              mysys/my_symlink.c
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                my_is_symlink() implementsd
                my_realpath() now returns the 'realpath' even if a file isn't a symlink
              sql/mysql_priv.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                test_if_data_home_dir interface
              sql/mysqld.cc
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
              sql/sql_parse.cc
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                error messages corrected
                test_if_data_home_dir code fixed
      ec524d50
  5. 21 Aug, 2008 4 commits
    • Sergey Glukhov's avatar
      added replacement of 'CARDINALITY' column values · 099a80d0
      Sergey Glukhov authored
      mysql-test/r/join.result:
        result fix
      099a80d0
    • Tatiana A. Nurnberg's avatar
      auto-merge · d726a499
      Tatiana A. Nurnberg authored
      d726a499
    • Tatiana A. Nurnberg's avatar
      Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size · 861f7e1c
      Tatiana A. Nurnberg authored
      add'l portability fixes
      
      mysys/safemalloc.c:
        Make the various print-functions happy:
        sf_malloc_(cur|max)_memory are size_t now, might as well use %u instead
        of %d. Ideally, we'd use %zu, but we can't rely on having that, so we'll
        use %lu instead. Likewise, we could cast to unsigned for our poor man's
        %p -- pointers are never negative, and neither is %x --, but since it
        was fixed to %p with seemingly no ill effects in 6.0 anyway, we'll back
        port that instead.
      861f7e1c
    • Tatiana A. Nurnberg's avatar
      Bug#35616: memory overrun on 64-bit linux on setting large values for keybuffer-size · 91a2c59a
      Tatiana A. Nurnberg authored
      portability fixes / cleanup
      
      include/my_sys.h:
        declaration should certainly match definition!
      mysys/safemalloc.c:
        Make the various print-functions happy:
        sf_malloc_(cur|max)_memory are size_t now, might as well use %u instead
        of %d. Ideally, we'd use %zu, but we can't rely on having that, so we'll
        use %lu instead. Likewise, we could cast to unsigned for our poor man's
        %p -- pointers are never negative, and neither is %x --, but since it
        was fixed to %p with seemingly no ill effects in 6.0 anyway, we'll back
        port that instead.
      91a2c59a
  6. 20 Aug, 2008 16 commits
    • Timothy Smith's avatar
    • Timothy Smith's avatar
      Cherry-pick some changes from innodb-5.1-ss2545 snapshot. Includes fixes for · 9eb2ebd4
      Timothy Smith authored
      Bug#37531, Bug#36941, Bug#36941, Bug#36942, Bug#38185.
      
      Also include test case from Bug 34300 which was left out from earlier snapshot
      (5.1-ss2387).
      
      Also include fix for Bug #29507, "TRUNCATE shows to many rows effected", since
      the fix for Bug 37531 depends on it.
      9eb2ebd4
    • Mattias Jonsson's avatar
      merge · 180c6e27
      Mattias Jonsson authored
      180c6e27
    • Mattias Jonsson's avatar
      Backport of patch for Bug#34604 (from 6.0) · 5d5d1a81
      Mattias Jonsson authored
      post push fix for bug#20129, test failed due to non existing
      source files.
      
      mysql-test/Makefile.am:
        Bug#20129: ALTER TABLE ... REPAIR PARTITION ... complains that
        partition is corrupt
        
        Test parts.partition_repair_myisam failed because the corrupted
        pre fabricated files was not included in the dist-file.
      mysql-test/suite/parts/r/partition_special_innodb.result:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        updated result file
      mysql-test/suite/parts/t/partition_special_innodb-master.opt:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        Added parameter to speed up the test.
        Set to 2 seconds to be working on slow machines.
      mysql-test/suite/parts/t/partition_special_innodb.test:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        Added test for verifying the bug (without the patch in
        ha_partition.cc, this crashes a debug compiled server)
      sql/ha_partition.cc:
        Bug#34604: hander::ha_rnd_end(): Assertion inited==RND failed
        
        In some cases error was not properly propagated through
        ha_partition::rnd_next.
        
        Will now return the error code from the partitions rnd_next and
        update m_part_spec.start_part and m_last_part properly.
        This makes the inited state to be correct.
      5d5d1a81
    • Jonathan Perkin's avatar
      merge · 1de7738c
      Jonathan Perkin authored
      1de7738c
    • Jonathan Perkin's avatar
      Fix path to myisamchk for mysql-5.1 · 585566c7
      Jonathan Perkin authored
      585566c7
    • Sergey Glukhov's avatar
      5.0-bugteam->5.1-bugteam merge · fad69f17
      Sergey Glukhov authored
      fad69f17
    • Jonathan Perkin's avatar
      bug#33300: use myisamchk to verify that mysql_install_db has · dff9ccce
      Jonathan Perkin authored
      created at least some files and that they are correct.
      dff9ccce
    • Sergey Glukhov's avatar
      Bug#38291 memory corruption and server crash with view/sp/function · de73b729
      Sergey Glukhov authored
      Send_field.org_col_name has broken value on secondary execution.
      It happens when result field is created from the field which belongs to view
      due to forgotten assignment of some Send_field attributes. 
      The fix:
      set Send_field.org_col_name,org_table_name with correct value during Send_field intialization.
      
      mysql-test/r/metadata.result:
        result fix
        The result file was changed because now forgotten attributes are properly set.
      mysql-test/r/sp.result:
        test result
      mysql-test/t/sp.test:
        test case
      sql/item.cc:
        Send_field.org_col_name has broken value on secondary execution.
        It happens when result field is created from the field which belongs to view
        due to forgotten assignment of some Send_field attributes. 
        The fix:
        set Send_field.org_col_name,org_table_name with correct value during Send_field intialization.
      tests/mysql_client_test.c:
        test case fix
        The test was changed because now forgotten attributes are properly set.
      de73b729
    • Sergey Glukhov's avatar
      b9bfa25f
    • Sergey Petrunia's avatar
    • Timothy Smith's avatar
      Cherry-pick one change from innodb-5.1-ss2485 snapshot. Fixes Bug#35602. · c8fad67d
      Timothy Smith authored
      Bug #35602 "Failed to read auto-increment value from storage engine" with
      Innodb
      
      The test for REPLACE was an error of ommission since it's classified as
      a simple INSERT. For REPLACE statements we don't acquire the special
      AUTOINC lock for AUTOINC_NEW_STYLE_LOCKING with this fix.
      c8fad67d
    • Sergey Petrunia's avatar
      Merge · d1e57a0f
      Sergey Petrunia authored
      d1e57a0f
    • Timothy Smith's avatar
      Cherry-pick some changes from innodb-5.1-ss2479 snapshot. Includes fixes for · 239ab2c4
      Timothy Smith authored
      Bug#36600 and Bug#36793:
      
      Bug #36600 SHOW STATUS takes a lot of CPU in buf_get_latched_pages_number
      
      Fix by removing the Innodb_buffer_pool_pages_latched variable from SHOW
      STATUS output in non-UNIV_DEBUG compilation.
      
      Bug #36793 rpl_innodb_bug28430 fails on Solaris
      
      This is a back port from branches/zip. This code has been tested on a
      big-endian machine too.
      239ab2c4
    • Sergey Petrunia's avatar
      95c3e4e1
    • Timothy Smith's avatar
      Cherry-pick one part of innodb-5.1-ss2438 snapshot. · e68520c7
      Timothy Smith authored
      Bug #36278 Data_free in SHOW TABLE STATUS for InnoDB is in kilobytes
      
      Change the fix for Bug 32440 to show bytes instead of kilobytes in
      INFORMATION_SCHEMA.TABLES.DATA_FREE.
      e68520c7
  7. 19 Aug, 2008 9 commits