MDEV-382: Incorrect quoting

Various places in the server replication code was incorrectly quoting strings, which could lead to incorrect SQL on the slave/mysqlbinlog.
2025-07-30 16:24:05 +03:00 · 2012-08-24 10:06:16 +02:00
parent 34f2f8ea41
commit cdeabcfd43
39 changed files with 1164 additions and 444 deletions
--- a/mysql-test/suite/rpl/r/rpl_mdev382.result
+++ b/mysql-test/suite/rpl/r/rpl_mdev382.result
@ -0,0 +1,275 @@
+include/master-slave.inc
+[connection master]
+create table t1 (a int primary key) engine=innodb;
+create table t2 (a int primary key) engine=myisam;
+begin;
+insert into t1 values (1);
+SET sql_mode = 'ANSI_QUOTES';
+savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`;
+insert into t1 values (2);
+insert into t2 values (1);
+SET sql_mode = '';
+rollback to savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`;
+Warnings:
+Warning	1196	Some non-transactional changed tables couldn't be rolled back
+insert into t1 values (3);
+commit;
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	use `test`; create table t1 (a int primary key) engine=innodb
+master-bin.000001	#	Query	#	#	use `test`; create table t2 (a int primary key) engine=myisam
+master-bin.000001	#	Query	#	#	BEGIN
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values (1)
+master-bin.000001	#	Query	#	#	SAVEPOINT "a`; create database couldbebadthingshere; savepoint `dummy"
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values (2)
+master-bin.000001	#	Query	#	#	use `test`; insert into t2 values (1)
+master-bin.000001	#	Query	#	#	ROLLBACK TO `a``; create database couldbebadthingshere; savepoint ``dummy`
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values (3)
+master-bin.000001	#	Xid	#	#	COMMIT /* XID */
+BEGIN;
+insert into t1 values(10);
+set sql_mode = 'ANSI_QUOTES';
+set sql_quote_show_create = 1;
+savepoint a;
+insert into t1 values(11);
+savepoint "a""a";
+insert into t1 values(12);
+set sql_quote_show_create = 0;
+savepoint b;
+insert into t1 values(13);
+savepoint "b""b";
+insert into t1 values(14);
+set sql_mode = '';
+set sql_quote_show_create = 1;
+savepoint c;
+insert into t1 values(15);
+savepoint `c``c`;
+insert into t1 values(16);
+set sql_quote_show_create = 0;
+savepoint d;
+insert into t1 values(17);
+savepoint `d``d`;
+insert into t1 values(18);
+COMMIT;
+set sql_quote_show_create = 1;
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	BEGIN
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(10)
+master-bin.000001	#	Query	#	#	SAVEPOINT "a"
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(11)
+master-bin.000001	#	Query	#	#	SAVEPOINT "a""a"
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(12)
+master-bin.000001	#	Query	#	#	SAVEPOINT b
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(13)
+master-bin.000001	#	Query	#	#	SAVEPOINT "b""b"
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(14)
+master-bin.000001	#	Query	#	#	SAVEPOINT `c`
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(15)
+master-bin.000001	#	Query	#	#	SAVEPOINT `c``c`
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(16)
+master-bin.000001	#	Query	#	#	SAVEPOINT d
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(17)
+master-bin.000001	#	Query	#	#	SAVEPOINT `d``d`
+master-bin.000001	#	Query	#	#	use `test`; insert into t1 values(18)
+master-bin.000001	#	Xid	#	#	COMMIT /* XID */
+*** Test correct USE statement in SHOW BINLOG EVENTS ***
+set sql_mode = 'ANSI_QUOTES';
+CREATE DATABASE "db1`; SELECT 'oops!'";
+use "db1`; SELECT 'oops!'";
+CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM;
+INSERT INTO t1 VALUES (1);
+set sql_mode = '';
+INSERT INTO t1 VALUES (2);
+set sql_mode = 'ANSI_QUOTES';
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	CREATE DATABASE "db1`; SELECT 'oops!'"
+master-bin.000001	#	Query	#	#	use "db1`; SELECT 'oops!'"; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM
+master-bin.000001	#	Query	#	#	use "db1`; SELECT 'oops!'"; INSERT INTO t1 VALUES (1)
+master-bin.000001	#	Query	#	#	use "db1`; SELECT 'oops!'"; INSERT INTO t1 VALUES (2)
+set sql_mode = '';
+set sql_quote_show_create = 0;
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	CREATE DATABASE "db1`; SELECT 'oops!'"
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (1)
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (2)
+set sql_quote_show_create = 1;
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	CREATE DATABASE "db1`; SELECT 'oops!'"
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (1)
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (2)
+DROP TABLE t1;
+use test;
+***Test LOAD DATA INFILE with various identifiers that need correct quoting ***
+use `db1``; SELECT 'oops!'`;
+set timestamp=1000000000;
+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3),
+`c``3` VARCHAR(7));
+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f''le.txt' INTO TABLE `t``1`
+  FIELDS TERMINATED BY ',' ESCAPED BY '\\' ENCLOSED BY ''''
+  LINES TERMINATED BY '\n'
+  (`a``1`, @`b```) SET `b``2` = @`b```, `c``3` = concat('|', "b""a'z", "!");
+SELECT * FROM `t``1`;
+a`1	b`2	c`3
+fo\o	bar	|b"a'z!
+truncate `t``1`;
+use test;
+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f''le.txt'
+  INTO TABLE `db1``; SELECT 'oops!'`.`t``1`
+  FIELDS TERMINATED BY ',' ESCAPED BY '\\' ENCLOSED BY ''''
+  LINES TERMINATED BY '\n'
+  (`a``1`, `b``2`) SET `c``3` = concat('|', "b""a'z", "!");
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+a`1	b`2	c`3
+fo\o	bar	|b"a'z!
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3),
+`c``3` VARCHAR(7))
+master-bin.000001	#	Begin_load_query	#	#	;file_id=#;block_len=#
+master-bin.000001	#	Execute_load_query	#	#	use `db1``; SELECT 'oops!'`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f\'le.txt' INTO TABLE `t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, @`b```) SET `b``2`=(@`b```), `c``3`=concat('|','b"a\'z','!') ;file_id=#
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; truncate `t``1`
+master-bin.000001	#	Begin_load_query	#	#	;file_id=#;block_len=#
+master-bin.000001	#	Execute_load_query	#	#	use `test`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f\'le.txt' INTO TABLE `db1``; SELECT 'oops!'`.`t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, `b``2`) SET `c``3`=concat('|','b"a\'z','!') ;file_id=#
+/*!40019 SET @@session.max_insert_delayed_threads=0*/;
+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
+DELIMITER /*!*/;
+ROLLBACK/*!*/;
+use `db1``; SELECT 'oops!'`/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+SET @@session.pseudo_thread_id=999999999/*!*/;
+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
+SET @@session.sql_mode=0/*!*/;
+SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/;
+/*!\C latin1 *//*!*/;
+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/;
+SET @@session.lc_time_names=0/*!*/;
+SET @@session.collation_database=DEFAULT/*!*/;
+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3),
+`c``3` VARCHAR(7))
+/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+LOAD DATA LOCAL INFILE '<name>' INTO TABLE `t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, @`b```) SET `b``2`=(@`b```), `c``3`=concat('|','b"a\'z','!')
+/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+truncate `t``1`
+/*!*/;
+use `test`/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+LOAD DATA LOCAL INFILE '<name>' INTO TABLE `db1``; SELECT 'oops!'`.`t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, `b``2`) SET `c``3`=concat('|','b"a\'z','!')
+/*!*/;
+DELIMITER ;
+# End of log file
+ROLLBACK /* added by mysqlbinlog */;
+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+a`1	b`2	c`3
+fo\o	bar	|b"a'z!
+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`;
+drop table t1,t2;
+*** Test truncation of long SET expression in LOAD DATA ***
+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(1000));
+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/file.txt' INTO TABLE t1
+FIELDS TERMINATED BY ','
+  (a, @b) SET b = CONCAT(@b, '| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|', @b);
+SELECT * FROM t1 ORDER BY a;
+a	b
+1	X| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|X
+2	A| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|A
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Begin_load_query	#	#	;file_id=#;block_len=#
+master-bin.000001	#	Execute_load_query	#	#	use `test`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/file.txt' INTO TABLE `t1` FIELDS TERMINATED BY ',' ENCLOSED BY '' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a`, @`b`) SET `b`=concat((@`b`),'| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|',(@`b`)) ;file_id=#
+SELECT * FROM t1 ORDER BY a;
+a	b
+1	X| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|X
+2	A| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|A
+DROP TABLE t1;
+*** Test user variables whose names require correct quoting ***
+use `db1``; SELECT 'oops!'`;
+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100));
+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100));
+SELECT @`a``1`:=a1, @`a``2`:=a2, @`a``3`:=a3, @`a``4`:=a4, @`b```:=b, @```c`:=c, @```d```:=d FROM t1;
+@`a``1`:=a1	@`a``2`:=a2	@`a``3`:=a3	@`a``4`:=a4	@`b```:=b	@```c`:=c	@```d```:=d
+-9223372036854775808	42	9223372036854775807	18446744073709551615	-1.23456012345679e+125	-1234501234567890123456789012345678901234567890123456789.0123456789	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98));
+show binlog events from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100))
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100))
+master-bin.000001	#	User var	#	#	@`a``1`=-9223372036854775808
+master-bin.000001	#	User var	#	#	@`a``2`=42
+master-bin.000001	#	User var	#	#	@`a``3`=9223372036854775807
+master-bin.000001	#	User var	#	#	@`a``4`=-1
+master-bin.000001	#	User var	#	#	@`b```=-1.2345601234568e+125
+master-bin.000001	#	User var	#	#	@```c`=-1234501234567890123456789012345678901234567890123456789.0123456789
+master-bin.000001	#	User var	#	#	@```d```=_latin1 0x78787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878 COLLATE latin1_swedish_ci
+master-bin.000001	#	Query	#	#	use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98))
+/*!40019 SET @@session.max_insert_delayed_threads=0*/;
+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
+DELIMITER /*!*/;
+ROLLBACK/*!*/;
+use `db1``; SELECT 'oops!'`/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+SET @@session.pseudo_thread_id=999999999/*!*/;
+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
+SET @@session.sql_mode=0/*!*/;
+SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/;
+/*!\C latin1 *//*!*/;
+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/;
+SET @@session.lc_time_names=0/*!*/;
+SET @@session.collation_database=DEFAULT/*!*/;
+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100))
+/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100))
+/*!*/;
+SET @`a``1`:=-9223372036854775808/*!*/;
+SET @`a``2`:=42/*!*/;
+SET @`a``3`:=9223372036854775807/*!*/;
+SET @`a``4`:=-1/*!*/;
+SET @`b```:=-1.2345601234568e+125/*!*/;
+SET @```c`:=-1234501234567890123456789012345678901234567890123456789.0123456789/*!*/;
+SET @```d```:=_latin1 0x78787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878 COLLATE `latin1_swedish_ci`/*!*/;
+SET TIMESTAMP=1000000000/*!*/;
+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98))
+/*!*/;
+DELIMITER ;
+# End of log file
+ROLLBACK /* added by mysqlbinlog */;
+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;
+SELECT * FROM `db1``; SELECT 'oops!'`.t1 ORDER BY a1;
+a1	a2	a3	a4	b	c	d
+-9223372036854775808	42	9223372036854775807	18446744073709551615	-1.23456012345679e+125	-1234501234567890123456789012345678901234567890123456789.0123456789	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+-9223372036854775807	4200	9223372036854775806	0	-6.17280061728394e+124	-1234501234567890123456789012345678901234567890123456789.0123456789	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+DROP TABLE t1;
+*** Test correct quoting of DELETE FROM statement binlogged for HEAP table that is emptied due to server restart
+include/stop_slave.inc
+CREATE TABLE `db1``; SELECT 'oops!'`.`t``1` (`a``` INT PRIMARY KEY) ENGINE=heap;
+INSERT INTO `db1``; SELECT 'oops!'`.`t``1` VALUES (1), (2), (5);
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1` ORDER BY 1;
+a`
+1
+2
+5
+set timestamp=1000000000;
+# The table should be empty on the master.
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+a`
+# The DELETE statement should be correctly quoted
+show binlog events in 'master-bin.000002' from <binlog_start>;
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000002	#	Query	#	#	use `test`; DELETE FROM `db1``; SELECT 'oops!'`.`t``1`
+include/start_slave.inc
+# The table should be empty on the slave also.
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+a`
+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`;
+use test;
+DROP DATABASE `db1``; SELECT 'oops!'`;
+include/rpl_end.inc
--- a/mysql-test/suite/rpl/r/rpl_row_mysqlbinlog.result
+++ b/mysql-test/suite/rpl/r/rpl_row_mysqlbinlog.result
@ -153,7 +153,7 @@ Warning: The option '--position' is deprecated and will be removed in a future r
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
 DELIMITER /*!*/;
 ROLLBACK/*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=1000000000/*!*/;
 SET @@session.pseudo_thread_id=999999999/*!*/;
 SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
@ -175,7 +175,7 @@ ROLLBACK /* added by mysqlbinlog */;
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
 DELIMITER /*!*/;
 ROLLBACK/*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=1000000000/*!*/;
 SET @@session.pseudo_thread_id=999999999/*!*/;
 SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
@ -284,7 +284,7 @@ ROLLBACK /* added by mysqlbinlog */;
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
 DELIMITER /*!*/;
 ROLLBACK/*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=1000000000/*!*/;
 SET @@session.pseudo_thread_id=999999999/*!*/;
 SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
@ -316,7 +316,7 @@ Warning: The option '--position' is deprecated and will be removed in a future r
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
 DELIMITER /*!*/;
 ROLLBACK/*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=1000000000/*!*/;
 SET @@session.pseudo_thread_id=999999999/*!*/;
 SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1, @@session.autocommit=1/*!*/;
--- a/mysql-test/suite/rpl/r/rpl_sp.result
+++ b/mysql-test/suite/rpl/r/rpl_sp.result
@ -627,7 +627,7 @@ drop database if exists mysqltest1
 SET TIMESTAMP=t/*!*/;
 create database mysqltest1
 /*!*/;
-use mysqltest1/*!*/;
+use `mysqltest1`/*!*/;
 SET TIMESTAMP=t/*!*/;
 create table t1 (a varchar(100))
 /*!*/;
@ -840,7 +840,7 @@ drop database mysqltest1
 SET TIMESTAMP=t/*!*/;
 drop user "zedjzlcsjhd"@127.0.0.1
 /*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=t/*!*/;
 drop function if exists f1
 /*!*/;
@ -925,7 +925,7 @@ create database mysqltest
 SET TIMESTAMP=t/*!*/;
 create database mysqltest2
 /*!*/;
-use mysqltest2/*!*/;
+use `mysqltest2`/*!*/;
 SET TIMESTAMP=t/*!*/;
 create table t ( t integer )
 /*!*/;
@ -943,7 +943,7 @@ insert into t values (1);
 return 0;
 end
 /*!*/;
-use mysqltest/*!*/;
+use `mysqltest`/*!*/;
 SET TIMESTAMP=t/*!*/;
 SELECT `mysqltest2`.`f1`()
 /*!*/;
@ -953,14 +953,14 @@ drop database mysqltest
 SET TIMESTAMP=t/*!*/;
 drop database mysqltest2
 /*!*/;
-use test/*!*/;
+use `test`/*!*/;
 SET TIMESTAMP=t/*!*/;
 CREATE DEFINER=`root`@`localhost` PROCEDURE `mysqltestbug36570_p1`()
 begin
 select 1;
 end
 /*!*/;
-use mysql/*!*/;
+use `mysql`/*!*/;
 SET TIMESTAMP=t/*!*/;
 CREATE DEFINER=`root`@`localhost` PROCEDURE `test`.` mysqltestbug36570_p2`( a int)
 `label`:
--- a/mysql-test/suite/rpl/t/rpl_mdev382.test
+++ b/mysql-test/suite/rpl/t/rpl_mdev382.test
@ -0,0 +1,249 @@
+--source include/have_innodb.inc
+--source include/not_windows.inc
+--source include/have_binlog_format_statement.inc
+--source include/master-slave.inc
+
+# MDEV-382: multiple SQL injections in replication code.
+
+# Test previous SQL injection attack against binlog for SAVEPOINT statement.
+# The test would cause syntax error on slave due to improper quoting of
+# the savepoint name.
+connection master;
+create table t1 (a int primary key) engine=innodb;
+create table t2 (a int primary key) engine=myisam;
+
+begin;
+insert into t1 values (1);
+SET sql_mode = 'ANSI_QUOTES';
+savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`;
+insert into t1 values (2);
+insert into t2 values (1);
+SET sql_mode = '';
+rollback to savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`;
+insert into t1 values (3);
+commit;
+
+--source include/show_binlog_events.inc
+
+# This failed due to syntax error in query when the bug was not fixed.
+sync_slave_with_master;
+connection slave;
+
+# Test some more combinations of ANSI_QUOTES and sql_quote_show_create
+connection master;
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+BEGIN;
+insert into t1 values(10);
+set sql_mode = 'ANSI_QUOTES';
+set sql_quote_show_create = 1;
+savepoint a;
+insert into t1 values(11);
+savepoint "a""a";
+insert into t1 values(12);
+set sql_quote_show_create = 0;
+savepoint b;
+insert into t1 values(13);
+savepoint "b""b";
+insert into t1 values(14);
+set sql_mode = '';
+set sql_quote_show_create = 1;
+savepoint c;
+insert into t1 values(15);
+savepoint `c``c`;
+insert into t1 values(16);
+set sql_quote_show_create = 0;
+savepoint d;
+insert into t1 values(17);
+savepoint `d``d`;
+insert into t1 values(18);
+COMMIT;
+set sql_quote_show_create = 1;
+
+--source include/show_binlog_events.inc
+
+--echo *** Test correct USE statement in SHOW BINLOG EVENTS ***
+connection master;
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+set sql_mode = 'ANSI_QUOTES';
+CREATE DATABASE "db1`; SELECT 'oops!'";
+use "db1`; SELECT 'oops!'";
+CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM;
+INSERT INTO t1 VALUES (1);
+set sql_mode = '';
+INSERT INTO t1 VALUES (2);
+set sql_mode = 'ANSI_QUOTES';
+--source include/show_binlog_events.inc
+set sql_mode = '';
+set sql_quote_show_create = 0;
+--source include/show_binlog_events.inc
+set sql_quote_show_create = 1;
+--source include/show_binlog_events.inc
+DROP TABLE t1;
+
+use test;
+
+--echo ***Test LOAD DATA INFILE with various identifiers that need correct quoting ***
+
+--let $load_file= $MYSQLTEST_VARDIR/tmp/f'le.txt
+--write_file $load_file
+'fo\\o','bar'
+EOF
+--exec chmod go+r "$load_file"
+
+use `db1``; SELECT 'oops!'`;
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+set timestamp=1000000000;
+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3),
+    `c``3` VARCHAR(7));
+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
+eval LOAD DATA INFILE '$MYSQLTEST_VARDIR/tmp/f''le.txt' INTO TABLE `t``1`
+  FIELDS TERMINATED BY ',' ESCAPED BY '\\\\' ENCLOSED BY ''''
+  LINES TERMINATED BY '\\n'
+  (`a``1`, @`b```) SET `b``2` = @`b```, `c``3` = concat('|', "b""a'z", "!");
+
+SELECT * FROM `t``1`;
+# Also test when code prefixes table name with database.
+truncate `t``1`;
+use test;
+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
+eval LOAD DATA INFILE '$MYSQLTEST_VARDIR/tmp/f''le.txt'
+  INTO TABLE `db1``; SELECT 'oops!'`.`t``1`
+  FIELDS TERMINATED BY ',' ESCAPED BY '\\\\' ENCLOSED BY ''''
+  LINES TERMINATED BY '\\n'
+  (`a``1`, `b``2`) SET `c``3` = concat('|', "b""a'z", "!");
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+let $pos2= query_get_value(SHOW MASTER STATUS, Position, 1);
+
+--source include/show_binlog_events.inc
+let $MYSQLD_DATADIR= `select @@datadir`;
+--replace_regex /LOCAL INFILE '.*SQL_LOAD.*' INTO/LOCAL INFILE '<name>' INTO/
+--exec $MYSQL_BINLOG --short-form --start-position=$binlog_start --stop-position=$pos2 $MYSQLD_DATADIR/master-bin.000001
+
+sync_slave_with_master;
+connection slave;
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+connection master;
+
+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`;
+--remove_file $load_file
+
+connection master;
+drop table t1,t2;
+
+
+--echo *** Test truncation of long SET expression in LOAD DATA ***
+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(1000));
+--let $load_file= $MYSQLTEST_VARDIR/tmp/file.txt
+--write_file $load_file
+1,X
+2,A
+EOF
+--exec chmod go+r "$load_file"
+
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+# The bug was that the SET expression was truncated to 256 bytes, so test with
+# an expression longer than that.
+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
+eval LOAD DATA INFILE '$load_file' INTO TABLE t1
+  FIELDS TERMINATED BY ','
+  (a, @b) SET b = CONCAT(@b, '| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|', @b);
+
+SELECT * FROM t1 ORDER BY a;
+--source include/show_binlog_events.inc
+
+sync_slave_with_master;
+connection slave;
+SELECT * FROM t1 ORDER BY a;
+
+connection master;
+--remove_file $load_file
+DROP TABLE t1;
+
+
+--echo *** Test user variables whose names require correct quoting ***
+use `db1``; SELECT 'oops!'`;
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100));
+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100));
+SELECT @`a``1`:=a1, @`a``2`:=a2, @`a``3`:=a3, @`a``4`:=a4, @`b```:=b, @```c`:=c, @```d```:=d FROM t1;
+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98));
+let $pos2= query_get_value(SHOW MASTER STATUS, Position, 1);
+
+--source include/show_binlog_events.inc
+
+--exec $MYSQL_BINLOG --short-form --start-position=$binlog_start --stop-position=$pos2 $MYSQLD_DATADIR/master-bin.000001
+
+sync_slave_with_master;
+connection slave;
+SELECT * FROM `db1``; SELECT 'oops!'`.t1 ORDER BY a1;
+
+connection master;
+DROP TABLE t1;
+
+
+--echo *** Test correct quoting of DELETE FROM statement binlogged for HEAP table that is emptied due to server restart
+
+# Let's keep the slave stopped during master restart, to avoid any potential
+# races between slave reconnect and master restart.
+connection slave;
+--source include/stop_slave.inc
+
+connection master;
+CREATE TABLE `db1``; SELECT 'oops!'`.`t``1` (`a``` INT PRIMARY KEY) ENGINE=heap;
+INSERT INTO `db1``; SELECT 'oops!'`.`t``1` VALUES (1), (2), (5);
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1` ORDER BY 1;
+
+# Restart the master mysqld.
+# This will cause an implicit truncation of the memory-based table, which will
+# cause logging of an explicit DELETE FROM to binlog.
+--write_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
+wait-rpl_mdev382.test
+EOF
+
+--shutdown_server 30
+
+--remove_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
+--write_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect
+restart-rpl_mdev382.test
+EOF
+
+connection default;
+--enable_reconnect
+--source include/wait_until_connected_again.inc
+# rpl_end.inc needs to use the connection server_1
+connection server_1;
+--enable_reconnect
+--source include/wait_until_connected_again.inc
+connection master;
+--enable_reconnect
+--source include/wait_until_connected_again.inc
+set timestamp=1000000000;
+
+--echo # The table should be empty on the master.
+let $binlog_file= master-bin.000002;
+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1);
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+
+--echo # The DELETE statement should be correctly quoted
+--source include/show_binlog_events.inc
+
+connection slave;
+--source include/start_slave.inc
+
+connection master;
+sync_slave_with_master;
+connection slave;
+--echo # The table should be empty on the slave also.
+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`;
+
+connection master;
+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`;
+sync_slave_with_master;
+
+
+connection master;
+use test;
+DROP DATABASE `db1``; SELECT 'oops!'`;
+
+
+--source include/rpl_end.inc