due to name_const substitution
Problem:
"In general, statements executed within a stored procedure
are written to the binary log using the same rules that
would apply were the statements to be executed in standalone
fashion. Some special care is taken when logging procedure
statements because statement execution within procedures
is not quite the same as in non-procedure context".
For example, each reference to a local variable in SP's
statements is replaced by NAME_CONST(var_name, var_value).
Queries like
"CREATE TABLE ... SELECT FUNC(local_var ..."
are logged as
"CREATE TABLE ... SELECT FUNC(NAME_CONST("local_var", var_value) ..."
that leads to differrent field names and
might result in "Incorrect column name" if var_value is long enough.
Fix: in 5.x we'll issue a warning in such a case.
In 6.0 we should get rid of NAME_CONST().
Note: this issue and change should be described in the documentation
("Binary Logging of Stored Programs").
mysql-test/r/binlog.result:
Fix for bug#35383: binlog playback and replication breaks
due to name_const substitution
- test result.
mysql-test/t/binlog.test:
Fix for bug#35383: binlog playback and replication breaks
due to name_const substitution
- test case.
sql/sp_head.cc:
Fix for bug#35383: binlog playback and replication breaks
due to name_const substitution
- set thd->query_name_consts if there's NAME_CONST()
substitution(s).
sql/sql_parse.cc:
Fix for bug#35383: binlog playback and replication breaks
due to name_const substitution
- issue a warning if there's NAME_CONST() substitution and
binary logging is on for "CREATE TABLE ... SELECT ...".
manual merge. also adds test specific to 5.1+
mysql-test/suite/rpl/r/rpl_temporary.result:
show that a non-privileged user trying to
kill system-threads no longer crashes the
server. test in 5.1+ only.
mysql-test/suite/rpl/t/rpl_temporary.test:
show that a non-privileged user trying to
kill system-threads no longer crashes the
server. test in 5.1+ only.
sql/sql_class.cc:
manual merge
sql/sql_class.h:
manual merge
sql/sql_parse.cc:
manual merge
Fine-tuning. Broke out comparison into method by
suggestion of Davi. Clarified comments. Reverting
test-case which I find too brittle; proper test
case in 5.1+.
(Pushing for Azundris)
We allow security-contexts with NULL users (for
system-threads and for unauthenticated users).
If a non-SUPER-user tried to KILL such a thread,
we tried to compare the user-fields to see whether
they owned that thread. Comparing against NULL was
not a good idea.
If KILLer does not have SUPER-privilege, we
specifically check whether both KILLer and KILLee
have a non-NULL user before testing for string-
equality. If either is NULL, we reject the KILL.
mysql-test/r/rpl_temporary.result:
Try to have a non-SUPER user KILL a system thread.
mysql-test/t/rpl_temporary.test:
Try to have a non-SUPER user KILL a system thread.
sql/sql_parse.cc:
Make sure security contexts of both KILLer *and*
KILLee are non-NULL before testing for string-equality!
mysql.procs_priv table itself does not get replicated.
Inserting routine privilege record into mysql.procs_priv table
is triggered by creating function/procedure statements
according to current user's privileges.
Because the current user of SQL thread has GLOBAL_ACL,
which doesn't need any check mysql.procs_priv privilege
when create/alter/execute routines.
Corresponding GLOBAL_ACL privilege user
doesn't insert routine privilege record into
mysql.procs_priv when creating a routine.
Fixed by switching the current user of SQL thread to definer user if
the definer user exists on slave.
That populates procs_priv, otherwise to keep the SQL thread
user and procs_priv remains unchanged.
mysql-test/suite/rpl/r/rpl_do_grant.result:
Test case result for routine privilege when definer user exist or not on slave
mysql-test/suite/rpl/t/rpl_do_grant.test:
Test case result for routine privilege when definer user exist or not on slave
sql/sql_parse.cc:
Switch current user of SQL thread to definer user if the definer user
existes on slave when checking whether the routine privilege is
needed to insert mysql.procs_priv table or not.
An unnecessarily restrictive lock were taken on sub-SELECTs during DELETE.
During parsing, a global structure is reused for sub-SELECTs and the attribute
keeping track of lock options were not reset properly.
This patch introduces a new attribute to keep track on the syntactical lock
option elements found in a sub-SELECT and then sets the lock options accordingly.
Now the sub-SELECTs will try to acquire a READ lock if possible
instead of a WRITE lock as inherited from the outer DELETE statement.
mysql-test/r/lock.result:
Added test case for bug39843
mysql-test/t/lock.test:
Added test case for bug39843
sql/sql_lex.cc:
* Reset member variable lock_option on each new query.
sql/sql_lex.h:
* Introduced new member variable 'lock_option' which is keeping track
of the syntactical lock option of a (sub-)select query.
sql/sql_parse.cc:
* Wrote comments to functions.
sql/sql_yacc.yy:
* Introduced an attribute to keep track of syntactical lock options
in sub-selects.
* Made sure that the default value TL_READ_DEFAULT is at the begining
of each subselect-rule.
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
There is an inconsistency with DROP DATABASE IF EXISTS, DROP
TABLE IF EXISTS and DROP VIEW IF EXISTS: those are binlogged even
if the DB or TABLE does not exist, whereas DROP PROCEDURE IF
EXISTS does not. It would be nice or at least consistent if DROP
PROCEDURE/STATEMENT worked the same too.
Fixed DROP PROCEDURE|FUNCTION IF EXISTS by adding a call to
write_bin_log in mysql_execute_command. Checked also if all
documented "DROP (...) IF EXISTS" get binlogged. Left out DROP
SERVER IF EXISTS because it seems that it only gets binlogged when
using row event (see BUG#25705).
code backported from 6.0
per-file messages:
include/my_global.h
Remove SC_MAXWIDTH. This is unused and irrelevant nowadays.
include/my_sys.h
Remove errbuf declaration and unused definitions.
mysys/my_error.c
Remove errbuf definition and move and adjust ERRMSGSIZE.
mysys/my_init.c
Declare buffer on the stack and use my_snprintf.
mysys/safemalloc.c
Use size explicitly. It's more than enough for the message at hand.
sql/sql_error.cc
Use size explicitly. It's more than enough for the message at hand.
sql/sql_parse.cc
Declare buffer on the stack. Use my_snprintf as it will result in
less stack space being used than by a system provided sprintf --
this allows us to put the buffer on the stack without causing much
trouble. Also, the use of errbuff here was not thread-safe as the
function can be entered concurrently from multiple threads.
sql/sql_table.cc
Use MYSQL_ERRMSG_SIZE. Extra space is not needed as my_snprintf will
nul terminate strings.
storage/myisam/ha_myisam.cc
Use MYSQL_ERRMSG_SIZE.
sql/share/errmsg.txt
Error message truncation in test "innodb" in embedded mode
filename in the error message can safely take up to 210 symbols.
If the system time is adjusted back during a query execution
(resulting in the end time being earlier than the start time)
the code that prints to the slow query log gets confused and
prints unsigned negative numbers.
Fixed by not logging the statements that would have negative
execution time due to time shifts.
No test case since this would involve changing the system time.
sql/sql_parse.cc:
Bug #35396: don't log queries with negative execution times
(due to shifts in system time).
The problem was that the server did not robustly handle a
unilateral roll back issued by the Resource Manager (RM)
due to a resource deadlock within the transaction branch.
By not acknowledging the roll back, the server (TM) would
eventually corrupt the XA transaction state and crash.
The solution is to mark the transaction as rollback-only
if the RM indicates that it rolled back its branch of the
transaction.
mysql-test/r/xa.result:
Add test case result for Bug#28323
mysql-test/t/xa.test:
Add test case for Bug#28323
sql/handler.cc:
Reset XID only at the end of the global transaction.
sql/share/errmsg.txt:
Add new error codes.
sql/sql_class.h:
Remember the error reported by the Resource Manager.
sql/sql_parse.cc:
Rollback the transaction if the Resource Manager reported
a error and rolled back its branch of the transaction.
The problem was that the server did not robustly handle a
unilateral roll back issued by the Resource Manager (RM)
due to a resource deadlock within the transaction branch.
By not acknowledging the roll back, the server (TM) would
eventually corrupt the XA transaction state and crash.
The solution is to mark the transaction as rollback-only
if the RM indicates that it rolled back its branch of the
transaction.
mysql-test/r/xa.result:
Add test case result for Bug#28323
mysql-test/t/xa.test:
Add test case for Bug#28323
sql/handler.cc:
Reset XID only at the end of the global transaction.
sql/share/errmsg.txt:
Add new error codes.
sql/sql_class.h:
Remember the error reported by the Resource Manager.
sql/sql_parse.cc:
Rollback the transaction if the Resource Manager reported
a error and rolled back its branch of the transaction.
When running Stored Routines the Status Variable "Questions" was wrongly
incremented. According to the manual it should contain the "number of
statements that clients have sent to the server"
Introduced a new status variable 'questions' to replace the query_id
variable which currently corresponds badly with the number of statements
sent by the client.
The new behavior is ment to be backward compatible with 4.0 and at the
same time work with new features in a similar way.
This is a backport from 6.0
mysql-test/r/status2.result:
Added test case
mysql-test/t/status2.test:
Added test case
sql/mysqld.cc:
Introduced a new status variable 'questions' to replace the query_id
variable which currently corresponds badly with the number of statements
sent by the client.
sql/sql_class.h:
Introduced a new status variable 'questions' to replace the query_id
variable which currently corresponds badly with the number of statements
sent by the client.
sql/sql_parse.cc:
To be backward compatible with 4.0 and at the same time extend the
interpretation of the Question variable, it should be increased on
all COM-commands but COM_STATISTICS, COM_PING, COM_STMT_PREPARE,
COM_STMT_CLOSE and COM_STMT_RESET.
Since COM_QUERY can process multiple statements, there has to be an
extra increase there as well.
sql/sql_show.cc:
Removed deprecated SHOW_QUESTION status code.
sql/structs.h:
Removed deprecated SHOW_QUESTION status code.
The failure was caused by executing a CREATE-SELECT statement that creates a
table in another database than the current one. In row-based logging, the
CREATE statement was written to the binary log without the database, hence
creating the table in the wrong database, causing the following inserts to
fail since the table didn't exist in the given database.
Fixed the bug by adding a parameter to store_create_info() that will make
the function print the database name before the table name and used that
in the calls that write the CREATE statement to the binary log. The database
name is only printed if it is different than the currently selected database.
The output of SHOW CREATE TABLE has not changed and is still printed without
the database name.
mysql-test/suite/rpl/t/rpl_row_create_table.test:
Added test to check that CREATE-SELECT into another database than the
current one replicates.
sql/sql_insert.cc:
Adding parameter to calls to store_create_info().
sql/sql_show.cc:
Adding parameter to calls to store_create_info().
Extending store_create_info() with parameter 'show_database' that will cause
the database to be written before the table name.
sql/sql_show.h:
Adding parameter to call to store_create_info() to tell if the database should be shown or not.
sql/sql_table.cc:
Adding parameter to calls to store_create_info().
warnings)
Before this fix, several places in the code would raise a warning with an
error code 0, making it impossible for a stored procedure, a connector,
or a client application to trigger logic to handle the warning.
Also, the warning text was hard coded, and therefore not translated.
With this fix, new errors numbers have been created to represent these
warnings, and the warning text is coded in the errmsg.txt file.
The '@' symbol can not be used in the host name according to rfc952.
The fix:
added function check_host_name(LEX_STRING *str)
which checks that all symbols in host name string are valid and
host name length is not more than max host name length
(just moved check_string_length() function from the parser into check_host_name()).
mysql-test/r/create.result:
test result
mysql-test/t/create.test:
test case
sql/mysql_priv.h:
added function check_host_name(LEX_STRING *str)
sql/sql_parse.cc:
added function check_host_name(LEX_STRING *str)
which checks that all symbols in host name string are valid and
host name length is not more than max host name length(HOSTNAME_LENGTH).
sql/sql_yacc.yy:
using newly added function check_host_name()
The problem is that when statement-based replication was enabled,
statements such as INSERT INTO .. SELECT FROM .. and CREATE TABLE
.. SELECT FROM need to grab a read lock on the source table that
does not permit concurrent inserts, which would in turn be denied
if the source table is a log table because log tables can't be
locked exclusively.
The solution is to not take such a lock when the source table is
a log table as it is unsafe to replicate log tables under statement
based replication. Furthermore, the read lock that does not permits
concurrent inserts is now only taken if statement-based replication
is enabled and if the source table is not a log table.
include/thr_lock.h:
Introduce yet another lock type that my get upgraded depending
on the binary log format. This is not a optimal solution but
can be easily improved later.
mysql-test/r/log_tables.result:
Add test case result for Bug#34306
mysql-test/suite/binlog/r/binlog_stm_row.result:
Add test case result for Bug#34306
mysql-test/suite/binlog/t/binlog_stm_row.test:
Add test case for Bug#34306
mysql-test/t/log_tables.test:
Add test case for Bug#34306
sql/lock.cc:
Assert that TL_READ_DEFAULT is not a real lock type.
sql/mysql_priv.h:
Export new function.
sql/mysqld.cc:
Remove using_update_log.
sql/sql_base.cc:
Introduce function that returns the appropriate read lock type
depending on how the statement is going to be replicated. It will
only take a TL_READ_NO_INSERT log if the binary is enabled and the
binary log format is statement-based and the table is not a log table.
sql/sql_parse.cc:
Remove using_update_log.
sql/sql_update.cc:
Use new function to choose read lock type.
sql/sql_yacc.yy:
The lock type is now decided at open_tables time. This old behavior was
actually misleading as the binary log format can be dynamically switched
and this would not change for statements that have already been parsed
when the binary log format is changed (ie: prepared statements).
statement/stored procedure
View privileges are properly checked after the fix for bug no
36086, so the method TABLE_LIST::get_db_name() must be used
instead of field TABLE_LIST::db, as this only works for tables.
Bug appears when accessing views in prepared statements.
mysql-test/r/view_grant.result:
Bug#35600: Extended existing test case.
mysql-test/t/view_grant.test:
Bug#35600: Extended existing test result.
sql/sql_parse.cc:
Bug#35600: Using method to retrieve database name instead of
field.
The check_table_access function initializes per-table grant info and performs
access rights check. It wasn't called for SHOW STATUS statement thus left
grants info uninitialized. In some cases this led to server crash. In other
cases it allowed a user to check for presence/absence of arbitrary values in
any tables.
Now the check_table_access function is called prior to the statement
processing.
mysql-test/r/status.result:
Added a test case for the bug#37908.
mysql-test/t/status.test:
Added a test case for the bug#37908.
sql/sql_parse.cc:
Bug#37908: Skipped access right check caused server crash.
Now the check_table_access function is called when the SHOW STATUS statement
uses any table except information.STATUS.
sql/sql_yacc.yy:
Bug#37908: Skipped access right check caused server crash.
For the SHOW PROCEDURE/FUNCTION STATUS the 'mysql.proc' table isn't added
to the table list anymore as there is no need.
This patch also fixes bugs 36963 and 35600.
- In many places a view was confused with an anonymous derived
table, i.e. access checking was skipped. Fixed by introducing a
predicate to tell the difference between named and anonymous
derived tables.
- When inserting fields for "SELECT * ", there was no
distinction between base tables and views, where one should be
made. View privileges are checked elsewhere.
mysql-test/include/grant_cache.inc:
Bug#36086: Changed test case.
mysql-test/r/grant2.result:
Bug#36086: Changed test result.
mysql-test/r/grant_cache_no_prot.result:
Bug#36086: Changed test result.
mysql-test/r/grant_cache_ps_prot.result:
Bug#36086: Changed test result.
mysql-test/r/view_grant.result:
Bug#36086: Test result.
mysql-test/t/grant2.test:
Bug#36086: Changed test case.
mysql-test/t/view_grant.test:
Bug#36086: Test case.
sql/item.cc:
Bug#36086: Replaced conditional with new methods.
sql/sql_acl.cc:
Bug no 35600:
In mysql_table_grant:
Replaced conditional with the new accessor method.
In check_grant:
- Changed the requirement table->derived != null to
checking all anonymous derived tables.
- Use of the accessor methods for getting object and database
names.
Bug#36086: In check_grant_all_columns:
- Updated comment. This function is now called for views
as well.
- The error message should not disclose any column names
unless the user has privilege to see all column names.
- Changed names of Field_iterator_table_ref methods.
sql/sql_base.cc:
Bug no 36963: In insert_fields()
- Commented.
- We should call check_grant_all_columns() for views in
this case.
- Changed names of Field_iterator_table_ref methods.
- We should not disclose column names in the error message
when the user has no approprate privilege.
sql/sql_cache.cc:
Bug#36086: Replaced test with new predicate method.
sql/sql_derived.cc:
Bug#36086: commenting only. Updated and doxygenated
comment for mysql_derived_prepare().
sql/sql_parse.cc:
Bug no 35600:
- In check_single_table_access:
Due to the bug, check_grant would raise an error for a
SHOW CREATE TABLE command for a TEMPTABLE view. It should in
fact not be be invoked in this case. This table privilege
is checked already.
There is a test case for this in information_schema_db.test.
- In check_access: replaced table->derived
sql/table.cc:
Bug#36086:
- In TABLE_LIST::set_underlying_merge():
Commenting only. Doxygenated, corrected spelling,
added.
- Renamed table_name() and db_name() methods of
Field_iterator_table_ref in order to be consistent
with new methods in TABLE_LIST.
sql/table.h:
Bug#36086:
- Commented GRANT_INFO.
- Added a predicate is_anonymous_derived_table() to
TABLE_LIST.
- Added get_table_name() and get_db_name() to
TABLE_LIST in order to hide the disparate
representation of these properties.
test_if_data_home_dir fixed to look into real path.
Checks added to mi_open for symlinks into data home directory.
per-file messages:
include/my_sys.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink interface added
include/myisam.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlink interface added
myisam/mi_check.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile calls modified
myisam/mi_open.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
code added to mi_open to check for symlinks into data home directory.
mi_open_datafile now accepts 'original' file path to check if it's
an allowed symlink.
myisam/mi_static.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invlaid_symlink defined
myisam/myisamchk.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile call modified
myisam/myisamdef.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile interface modified - 'real_path' parameter added
mysql-test/r/symlink.test
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error codes corrected as some patch now rejected pointing inside datahome
mysql-test/r/symlink.result
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected in the result
mysys/my_symlink.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink() implementsd
my_realpath() now returns the 'realpath' even if a file isn't a symlink
sql/mysql_priv.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
test_if_data_home_dir interface
sql/mysqld.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
sql/sql_parse.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected
test_if_data_home_dir code fixed
Fix for a valgrind warning due to a jump on a uninitialized
variable. The problem was that the sql profile preparation
function wasn't being called for all possible code paths
of query execution.
The solution is to ensure that query profiling is always
started before dispatch_command function is called and to
explicitly call the profile preparation function on bootstrap.
sql/sql_parse.cc:
Finish query profiling properly when executing bootstrap commands.
Add query profiling to execute_init_command as it calls dispatch_command.
Post-merge fix: remove spurious semicolon that caused the function
to return failure regardless of the outcome.
sql/sql_parse.cc:
Remove spurious semicolon.
build)
The crash was caused by freeing the internal parser stack during the parser
execution.
This occured only for complex stored procedures, after reallocating the parser
stack using my_yyoverflow(), with the following C call stack:
- MYSQLparse()
- any rule calling sp_head::restore_lex()
- lex_end()
- x_free(lex->yacc_yyss), xfree(lex->yacc_yyvs)
The root cause is the implementation of stored procedures, which breaks the
assumption from 4.1 that there is only one LEX structure per parser call.
The solution is to separate the LEX structure into:
- attributes that represent a statement (the current LEX structure),
- attributes that relate to the syntax parser itself (Yacc_state),
so that parsing multiple statements in stored programs can create multiple
LEX structures while not changing the unique Yacc_state.
Now, Yacc_state and the existing Lex_input_stream are aggregated into
Parser_state, a structure that represent the complete state of the (Lexical +
Syntax) parser.
mysql-test/r/parser_stack.result:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
mysql-test/t/parser_stack.test:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sp.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sp_head.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_class.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_class.h:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_lex.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_lex.h:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_parse.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_prepare.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_trigger.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_view.cc:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
sql/sql_yacc.yy:
Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)
