1
0
mirror of https://github.com/MariaDB/server.git synced 2025-10-22 19:52:58 +03:00
Commit Graph

2822 Commits

Author SHA1 Message Date
Davi Arnaut
54705ab176 Bug#50974: Server keeps receiving big (> max_allowed_packet) packets indefinitely.
The server could be tricked to read packets indefinitely if it
received a packet larger than the maximum size of one packet.
This problem is aggravated by the fact that it can be triggered
before authentication.

The solution is to no skip big packets for non-authenticated
sessions. If a big packet is sent before a session is authen-
ticated, a error is returned and the connection is closed.

include/mysql_com.h:
  Add skip flag. Only used in server builds.
sql/net_serv.cc:
  Control whether big packets can be skipped.
2010-04-29 10:28:16 -03:00
Ramil Kalimullin
0d5dbb166b Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing
Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only
SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not
checked for sanity. By sending long data for the table a buffer is overflown, which can
be used deliberately to include code that harms".

Fix: check incoming data length.


sql/sql_parse.cc:
  Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing
    - check incoming mysql_list_fields() table name arg length.
2010-04-29 08:42:32 +04:00
Ramil Kalimullin
2303a8c6e4 Manual merge. 2010-04-29 08:54:09 +04:00
Kristofer Pettersson
ea7d830ad2 Bug#46615 Assertion in Query_cache::invalidate in INSERT in a VIEW of a MERGE table
If the listed columns in the view definition of 
the table used in a 'INSERT .. SELECT ..'
statement mismatched, a debug assertion would
trigger in the cache invalidation code
following the failing statement.

Although the find_field_in_view() function
correctly generated ER_BAD_FIELD_ERROR during
setup_fields(), the error failed to propagate
further than handle_select(). This patch fixes
the issue by adding a check for the return
value.


mysql-test/r/query_cache_with_views.result:
  * added test for bug 46615
mysql-test/t/query_cache_with_views.test:
  * added test for bug 46615
sql/sql_parse.cc:
  * added check for handle_select() return code before attempting to invalidate the cache.
2010-03-24 17:37:41 +01:00
Georgi Kodinov
e3d0b6d792 Backport of the fix for bug #49552 to 5.0-bugteam 2010-02-25 16:57:15 +02:00
Luis Soares
e925bd737f BUG#48632: Fix for Bug #23300 Has Not Been Backported
To 5.x Release
      
Notes
=====
      
This is a backport of BUG#23300 into 5.1 GA.
      
Original cset revid (in betony):
luis.soares@sun.com-20090929140901-s4kjtl3iiyy4ls2h

Description
===========
      
When using replication, the slave will not log any slow query
logs queries replicated from the master, even if the
option "--log-slow-slave-statements" is set and these take more
than "log_query_time" to execute.
                    
In order to log slow queries in replicated thread one needs to
set the --log-slow-slave-statements, so that the SQL thread is
initialized with the correct switch. Although setting this flag
correctly configures the slave thread option to log slow queries,
there is an issue with the condition that is used to check
whether to log the slow query or not. When replaying binlog
events the statement contains the SET TIMESTAMP clause which will
force the slow logging condition check to fail. Consequently, the
slow query logging will not take place.
                    
This patch addresses this issue by removing the second condition
from the log_slow_statements as it prevents slow queries to be
binlogged and seems to be deprecated.
2010-02-05 17:01:09 +00:00
unknown
2b2ce3d6cb Bug #49137 Replication failure on SBR/MBR + multi-table DROP TEMPORARY TABLE
In statement-based or mixed-mode replication, use DROP TEMPORARY TABLE
to drop multiple tables causes different errors on master and slave, 
when one or more of these tables do not exist. Because when executed
on slave, it would automatically add IF EXISTS to the query to ignore
all ER_BAD_TABLE_ERROR errors.

To fix the problem, do not add IF EXISTS when executing DROP TEMPORARY
TABLE on the slave, and clear the ER_BAD_TABLE_ERROR error after
execution if the query does not expect any errors.


mysql-test/r/rpl_drop_temp.result:
  Updated for the patch of bug#49137.
mysql-test/t/rpl_drop_temp.test:
  Added the test file to verify if DROP MULTI TEMPORARY TABLE
  will cause different errors on master and slave, when one or
  more of these tables do not exist.
sql/log_event.cc:
  Added code to handle above cases which are
  removed from sql_parse.cc
sql/sql_parse.cc:
  Remove the code to issue the 'Unknown table' error,
  if the temporary table does not exist when dropping
  it on slave. The above cases decribed in comments
  will be handled later in log_event.cc.
2009-12-31 11:33:10 +08:00
Georgi Kodinov
443003a467 Bug #49552 : sql_buffer_result cause crash + not found records
in multitable delete/subquery

SQL_BUFFER_RESULT should not have an effect on non-SELECT 
statements according to our documentation.
Fixed by not passing it through to multi-table DELETE (similarly
to how it's done for multi-table UPDATE).
2010-01-29 11:36:28 +02:00
Davi Arnaut
c3a73a8f6d Fix for compiler warnings:
Rename method as to not hide a base.
Reorder attributes initialization.
Remove unused variable.
Rework code to silence a warning due to assignment used as truth value.


sql/item_strfunc.cc:
  Rename method as to not hide a base.
sql/item_strfunc.h:
  Rename method as to not hide a base.
sql/log_event.cc:
  Reorder attributes initialization.
sql/rpl_injector.cc:
  Rework code to silence a warning due to assignment used as truth value.
sql/rpl_record.cc:
  Remove unused variable.
sql/sql_db.cc:
  Rework code to silence a warning due to assignment used as truth value.
sql/sql_parse.cc:
  Rework code to silence a warning due to assignment used as truth value.
sql/sql_table.cc:
  Rework code to silence a warning due to assignment used as truth value.
2010-01-28 19:51:40 -02:00
He Zhenxing
2b16517522 Backport Bug#37148 to 5.1 2010-01-24 15:03:23 +08:00
Sergey Glukhov
4a10f7b46c Bug#49501 Inefficient information_schema check (system collation), addon
removed wrongly introduced strlen calls


sql/events.cc:
  removed wrongly introduced strlen calls
sql/mysql_priv.h:
  removed wrongly introduced strlen calls
sql/repl_failsafe.cc:
  removed wrongly introduced strlen calls
sql/sql_db.cc:
  removed wrongly introduced strlen calls
sql/sql_parse.cc:
  removed wrongly introduced strlen calls
sql/sql_show.cc:
  removed wrongly introduced strlen calls
2010-01-22 14:58:21 +04:00
Mattias Jonsson
8c6d6c0c6c merge 2010-01-19 12:18:48 +01:00
Sergey Glukhov
81391bd00c Bug#49501 Inefficient information_schema check (system collation)
added check_length optimization for I_S_NAME comparison


sql/event_data_objects.cc:
  added check_length optimization for I_S_NAME comparison
sql/events.cc:
  added check_length optimization for I_S_NAME comparison
sql/mysql_priv.h:
  added check_length optimization for I_S_NAME comparison
sql/repl_failsafe.cc:
  added check_length optimization for I_S_NAME comparison
sql/sql_db.cc:
  added check_length optimization for I_S_NAME comparison
sql/sql_parse.cc:
  added check_length optimization for I_S_NAME comparison
sql/sql_show.cc:
  added check_length optimization for I_S_NAME comparison
sql/sql_view.cc:
  added check_length optimization for I_S_NAME comparison
sql/table.cc:
  added check_length optimization for I_S_NAME comparison
2010-01-19 13:03:40 +04:00
Mattias Jonsson
eab2be0aee Bug#47343: InnoDB fails to clean-up after lock wait timeout on
REORGANIZE PARTITION

There were several problems which lead to this this,
all related to bad error handling.

1) There was several bugs preventing the ddl-log to be used for
   cleaning up created files on error.

2) The error handling after the copy partition rows did not close
   and unlock the tables, resulting in deletion of partitions
   which were in use, which lead InnoDB to put the partition to
   drop in a background queue.

sql/ha_partition.cc:
  Bug#47343: InnoDB fails to clean-up after lock wait timeout on
             REORGANIZE PARTITION
  
  Better error handling, if partition has been created/opened/locked
  then make sure it is unlocked and closed before returning error.
  The delete of the newly created partition is handled by the ddl-log.
sql/sql_parse.cc:
  Bug#47343: InnoDB fails to clean-up after lock wait timeout on
             REORGANIZE PARTITION
  
  Fix a bug found when experimenting, thd could really be NULL here,
  as mentioned in the function header.
sql/sql_partition.cc:
  Bug#47343: InnoDB fails to clean-up after lock wait timeout on
             REORGANIZE PARTITION
  
  Used the correct .frm shadow name to put into the ddl-log.
  Really use the ddl-log to handle errors.
sql/sql_table.cc:
  Bug#47343: InnoDB fails to clean-up after lock wait timeout on
             REORGANIZE PARTITION
  
  Fixes of the ddl-log when used as error recovery (no crash).
  When executing an entry from memory (not read from disk)
  the name_len was not set correctly.
2010-01-18 17:49:18 +01:00
unknown
377d710296 BUG#47418 RBR fails, failure with mixup of base/temporary/view
'CREATE TABLE IF NOT EXISTS ... SELECT' statement were causing 'CREATE
TEMPORARY TABLE ...' to be written to the binary log in row-based 
mode (a.k.a. RBR), when there was a temporary table with the same name.
Because the 'CREATE TABLE ... SELECT' statement was executed as 
'INSERT ... SELECT' into the temporary table. Since in RBR mode no 
other statements related to temporary tables are written into binary log,
this sometimes broke replication.

This patch changes behavior of 'CREATE TABLE [IF NOT EXISTS] ... SELECT ...'.
it ignores existence of temporary table with the 
same name as table being created and is interpreted
as attempt to create/insert into base table. This makes behavior of
'CREATE TABLE [IF NOT EXISTS] ... SELECT' consistent with
how ordinary 'CREATE TABLE' and 'CREATE TABLE ... LIKE' behave.
2010-01-16 15:44:24 +08:00
Kristofer Pettersson
a0fe99a859 automerge 2010-01-13 15:01:49 +01:00
Kristofer Pettersson
b3dd4d9486 Bug#33982 debug assertion and crash reloading grant tables after sighup or kill
In certain rare cases when a process was interrupted
during a FLUSH PRIVILEGES operation the diagnostic
area would be set to an error state but the function
responsible for the operation would still signal
success. This would lead to a debug assertion error
later on when the server would attempt to reset the
DA before sending the error message.

This patch fixes the issue by assuring that
reload_acl_and_cache() always fails if an error
condition is raised.

The second issue was that a KILL could cause
a console error message which referred to a DA
state without first making sure that such a
state existed.

This patch fixes this issue in two different
palces by first checking DA state before
fetching the error message.

 

sql/sql_acl.cc:
  * Make sure that there is an error to print before attempting to do so.
  * Minor style change: change 1 to TRUE for clarity.
sql/sql_parse.cc:
  * Always fail reload_acl_and_cache() if the query was killed.
sql/sql_servers.cc:
  * Make sure that there is an error to print before attempting to do so.
2010-01-13 12:39:00 +01:00
Martin Hansson
c8b5804f29 Bug#48157: crash in Item_field::used_tables
MySQL handles the join syntax "JOIN ... USING( field1,
... )" and natural joins by building the same parse tree as
a corresponding join with an "ON t1.field1 = t2.field1 ..."
expression would produce. This parse tree was not cleaned up
properly in the following scenario. If a thread tries to
lock some tables and finds that the tables were dropped and
re-created while waiting for the lock, it cleans up column
references in the statement by means a per-statement free
list. But if the statement was part of a stored procedure,
column references on the stored procedure's free list weren't
cleaned up and thus contained pointers to freed objects.

Fixed by adding a call to clean up the current prepared
statement's free list.


mysql-test/r/sp_sync.result:
  Bug#48157: Test case
mysql-test/t/sp_sync.test:
  Bug#48157: Test result
sql/item.h:
  Bug#48157: Commented field.
sql/sql_parse.cc:
  Bug#48157: Commented function.
sql/sql_update.cc:
  Bug#48157: fix
2010-01-12 15:16:26 +01:00
unknown
be397eb400 Bug #49137 Replication failure on SBR/MBR + multi-table DROP TEMPORARY TABLE
In statement-based or mixed-mode replication, use DROP TEMPORARY TABLE
to drop multiple tables causes different errors on master and slave, 
when one or more of these tables do not exist. Because when executed
on slave, it would automatically add IF EXISTS to the query to ignore
all ER_BAD_TABLE_ERROR errors.

To fix the problem, do not add IF EXISTS when executing DROP TEMPORARY
TABLE on the slave, and clear the ER_BAD_TABLE_ERROR error after
execution if the query does not expect any errors.

mysql-test/suite/rpl/r/rpl_drop_temp.result:
  Updated for the patch of bug#49137.
mysql-test/suite/rpl/t/rpl_drop_temp.test:
  Added the test file to verify if DROP MULTI TEMPORARY TABLE
  will cause different errors on master and slave, when one or
  more of these tables do not exist.
sql/log_event.cc:
  Added code to handle above cases which are 
  removed from sql_parse.cc
sql/sql_parse.cc:
  Remove the code to issue the 'Unknown table' error, 
  if the temporary table does not exist when dropping 
  it on slave. The above cases decribed in comments
  will be handled later in log_event.cc.
2009-12-31 12:04:19 +08:00
Davi Arnaut
06a1df9181 Bug#48983: Bad strmake calls (length one too long)
The problem is a somewhat common misusage of the strmake function.
The strmake(dst, src, len) function writes at most /len/ bytes to
the string pointed to by src, not including the trailing null byte.
Hence, if /len/ is the exact length of the destination buffer, a
one byte buffer overflow can occur if the length of the source
string is equal to or greater than /len/.

client/mysqldump.c:
  Make room for the trailing null byte.
libmysql/libmysql.c:
  Add comment, there is enough room in the buffer.
  Increase buffer length, two strings are concatenated.
libmysqld/lib_sql.cc:
  Make room for the trailing null byte.
mysys/default.c:
  Make room for the trailing null bytes.
mysys/mf_pack.c:
  Make room for the trailing null byte.
server-tools/instance-manager/commands.cc:
  Copy only if overflow isn't possible in both cases.
server-tools/instance-manager/listener.cc:
  Make room for the trailing null byte.
sql/log.cc:
  Make room for the trailing null byte.
sql/sp_pcontext.h:
  Cosmetic fix.
sql/sql_acl.cc:
  MAX_HOSTNAME already specifies space for the trailing null byte.
sql/sql_parse.cc:
  Make room for the trailing null byte.
sql/sql_table.cc:
  Make room for the trailing null byte.
2009-12-17 15:58:38 -02:00
Tatiana A. Nurnberg
9ae245009c auto-merge 2009-11-24 10:22:22 -08:00
Tatiana A. Nurnberg
be04d1a479 Bug#48319: Server crashes on "GRANT/REVOKE ... TO CURRENT_USER"
CURRENT_USER() in GRANT ... TO CURRENT_USER() only gave us a definer,
not a full user (i.e., password-element was not initiliazed). Hence
dereferencing the password led to a crash.

Properly initializes definers now, just so there are no misunderstandings.
Also does some magic so IDENTIFIED BY ... works with CURRENT_USER().

mysql-test/r/grant2.result:
  Show GRANT ... TO CURRENT_USER() no longer crashes.
  Show it to work with IDENTIFIED BY to boot.
mysql-test/t/grant2.test:
  Show GRANT ... TO CURRENT_USER() no longer crashes.
  Show it to work with IDENTIFIED BY to boot.
sql/sql_acl.cc:
  Make IDENTIFIED BY ... work with CURRENT_USER()
sql/sql_parse.cc:
  Zero password-part of definer just in case somebody mistakes this for
  a complete LEX_USER!
2009-10-29 22:06:10 -07:00
Sergey Vojtovich
17ed708975 BUG#43171 - Assertion failed: thd->transaction.xid_state.xid.is_null()
XA START may cause assertion failure/server crash when it is called
after unilateral roll back issued by the Resource Manager (both
in regular transaction and after XA transaction).

The problem was that rm_error variable wasn't set/reset properly.

mysql-test/r/xa.result:
  A test case for BUG#43171.
mysql-test/t/xa.test:
  A test case for BUG#43171.
sql/handler.cc:
  Setting rm_error when we're out of XA transaction has no
  special meaning. But it blocks reset of thd->transaction.xid
  structure later.
sql/sql_parse.cc:
  Reset rm_error before we enter ha_rollback(), so
  thd->transaction.xid strucure is reinitialized.
2009-10-28 19:39:08 +04:00
Georgi Kodinov
c4479b1db7 merge 2009-10-16 16:11:21 +03:00
Martin Hansson
3bd2461668 Bug#46019: ERROR 1356 When selecting from within another
view that has Group By
      
When SELECT'ing from a view that mentions another,
materialized, view, access was being denied. The issue was
resolved by lifting a special case which avoided such access
checking in check_single_table_access. In the past, this was
necessary since if such a check were performed, the error
message would be downgraded to a warning in the case of SHOW
CREATE VIEW. The downgrading of errors was meant to handle
only that scenario, but could not distinguish the two as it
read only the error messages.
      
The special case was needed in the fix of bug no 36086.
Before that, views were confused with derived tables.
      
After bug no 35996 was fixed, the manipulation of errors
during SHOW CREATE VIEW execution is not dependent on the
actual error messages in the queue, it rather looks at the
actual cause of the error and takes appropriate
action. Hence the aforementioned special case is now
superfluous and the bug is fixed.


mysql-test/r/view_grant.result:
  Bug#46019: Test result.
mysql-test/t/view_grant.test:
  Bug#46019: Test case.
sql/sql_parse.cc:
  Bug#46019: fix.
2009-10-16 13:12:21 +02:00
Georgi Kodinov
7b4ef910f7 Bug #40877: multi statement execution fails in 5.1.30
Implemented the server infrastructure for the fix:

1. Added a function LEX_STRING *thd_query_string(THD) to return
a LEX_STRING structure instead of char *.
This is the function that must be called in innodb instead of 
thd_query()

2. Did some encapsulation in THD : aggregated thd_query and 
thd_query_length into a LEX_STRING and made accessor and mutator 
methods for easy code updating. 

3. Updated the server code to use the new methods where applicable.
2009-10-16 13:29:42 +03:00
Georgi Kodinov
1a48dd4e2b Bug #43029: FORCE INDEX FOR ORDER BY is ignored when join
buffering is used

FORCE INDEX FOR ORDER BY now prevents the optimizer from 
using join buffering. As a result the optimizer can use
indexed access on the first table and doesn't need to 
sort the complete resultset at the end of the statement.
2009-10-07 18:03:42 +03:00
Davi Arnaut
289f4a4083 Manual merge. 2009-09-30 20:06:08 -03:00
Davi Arnaut
3c5d9f4272 Post-merge cleanup: Reorganize code for better comprehensibility.
Removes the need of a hack (the jump to label).
2009-09-30 19:59:30 -03:00
Davi Arnaut
436ccb6984 Manual merge. 2009-09-30 19:25:06 -03:00
Davi Arnaut
e218ac06ed Post-merge fix: DBUG macros are wrapped inside a loop.
sql/sql_parse.cc:
  DBUG macros are wrapped inside a loop. Allow to break
  the command switch from within a DBUG macro.
2009-09-30 19:14:55 -03:00
Davi Arnaut
565f1bc4a1 Bug#47525: MySQL crashed (Federated)
On Mac OS X or Windows, sending a SIGHUP to the server or a
asynchronous flush (triggered by flush_time), would cause the
server to crash.

The problem was that a hook used to detach client API handles
wasn't prepared to handle cases where the thread does not have
a associated session.

The solution is to verify whether the thread has a associated
session before trying to detach a handle.

mysql-test/r/federated_debug.result:
  Add test case result for Bug#47525
mysql-test/t/federated_debug-master.opt:
  Debug point.
mysql-test/t/federated_debug.test:
  Add test case for Bug#47525
sql/slave.cc:
  Check whether a the thread has a associated session.
sql/sql_parse.cc:
  Add debug code to simulate a reload without thread session.
2009-09-30 18:38:02 -03:00
Alexander Nozdrin
70972926ab A patch for Bug#45118 (mysqld.exe crashed in debug mode
on Windows in dbug.c) -- part 2: a patch for the DBUG subsystem
to detect misuse of DBUG_ENTER / DBUG_RETURN macros.
5.1 version.
2009-09-10 11:40:57 +04:00
Staale Smedseng
5be4c38226 Merge from 5.0 for 43414 2009-08-28 18:21:54 +02:00
Staale Smedseng
1ba25ae47c Bug #43414 Parenthesis (and other) warnings compiling MySQL
with gcc 4.3.2
      
This patch fixes a number of GCC warnings about variables used
before initialized. A new macro UNINIT_VAR() is introduced for
use in the variable declaration, and LINT_INIT() usage will be
gradually deprecated. (A workaround is used for g++, pending a
patch for a g++ bug.)
      
GCC warnings for unused results (attribute warn_unused_result)
for a number of system calls (present at least in later
Ubuntus, where the usual void cast trick doesn't work) are
also fixed.


client/mysqlmanager-pwgen.c:
  A fix for warn_unused_result, adding fallback to use of
  srand()/rand() if /dev/random cannot be used. Also actually
  adds calls to rand() in the second branch so that it actually
  creates a random password.
2009-08-28 17:51:31 +02:00
Georgi Kodinov
787a4940ca reverted the fix for bug #46019 from 5.1-bugteam 2009-08-21 17:41:48 +03:00
Georgi Kodinov
1317d24b33 merge of bug #46019 to 5.1-bugteam 2009-08-20 17:11:22 +03:00
Gleb Shchepa
dc0a87fdc2 Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!

The problem of that bugreport was mostly fixed by the
patch for bug 38691.
However, attached test case focused on another crash or
valgrind warning problem: SHOW PROCESSLIST query accesses
freed memory of SP instruction that run in a parallel
connection.

Changes of thd->query/thd->query_length in dangerous
places have been guarded with the per-thread
LOCK_thd_data mutex (the THD::LOCK_delete mutex has been
renamed to THD::LOCK_thd_data).


sql/ha_myisam.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
  Unnecessary locking with the global LOCK_thread_count
  mutex has been removed.
sql/log_event.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the THD::set_query()) method call/LOCK_thd_data
  mutex.
sql/slave.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the THD::set_query() method call/LOCK_thd_data mutex.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sp_head.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
sql/sql_class.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The new THD::LOCK_thd_data mutex and THD::set_query()
  method has been added to guard modifications of THD::query/
  THD::query_length fields, also the Statement::set_statement()
  method has been overloaded in the THD class.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_class.h:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The new THD::LOCK_thd_data mutex and THD::set_query()
  method has been added to guard modifications of THD::query/
  THD::query_length fields, also the Statement::set_statement()
  method has been overloaded in the THD class.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_insert.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
sql/sql_parse.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data mutex.
sql/sql_repl.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_show.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Inter-thread read of THD::query/query_length field has
  been protected with a new per-thread LOCK_thd_data
  mutex in the mysqld_list_processes function.
2009-07-24 20:58:58 +05:00
Davi Arnaut
8ec2f3d0d1 Bug#43587: Putting event_scheduler=1 in init SQL file crashes
mysqld

The problem was that enabling the event scheduler inside a init
file caused the server to crash upon start-up. The crash occurred
because the event scheduler wasn't being initialized before the
commands in the init-file are processed.

The solution is to initialize the event scheduler before the init
file is read. The patch also disables the event scheduler during
bootstrap and makes the bootstrap operation robust in the
presence of background threads.

mysql-test/std_data/init_file.dat:
  Add test case for Bug#43587
sql/event_scheduler.cc:
  Signal that the thread_count has been decremented.
sql/events.cc:
  Disable the event scheduler during bootstrap.
sql/mysql_priv.h:
  Export variable.
sql/mysqld.cc:
  Initialize the event scheduler before commands are executed.
sql/sql_parse.cc:
  Signal that the bootstrap thread is done.
2009-07-24 15:45:42 -03:00
Konstantin Osipov
b4bf7dd31e Code review for Bug#43587 Putting event_scheduler=1 in init SQL file crashes
mysqld
2009-07-24 20:20:46 +04:00
Gleb Shchepa
2bc6b6a800 Merge from 5.0
******
manual merge 5.0-bugteam --> 5.1-bugteam (bug 38816)
2009-07-24 21:04:55 +05:00
Georgi Kodinov
097c7b38c8 Bug #45287: phase 2 : 5.0 64 bit compilation warnings
Fixed various compilation warnings when compiling on a 
 64 bit windows.
2009-07-16 15:37:38 +03:00
Staale Smedseng
3c052dd097 Merge from 5.0 2009-07-01 14:32:04 +02:00
Staale Smedseng
3cd431d553 Bug #45790 Potential DoS vector: Writing of user input to log
without proper formatting
      
The problem is that a suitably crafted database identifier
supplied to COM_CREATE_DB or COM_DROP_DB can cause a SIGSEGV,
and thereby a denial of service. The database name is printed
to the log without using a format string, so potential
attackers can control the behavior of my_b_vprintf() by
supplying their own format string. A CREATE or DROP privilege
would be required.
      
This patch supplies a format string to the printing of the
database name. A test case is added to mysql_client_test.


sql/sql_parse.cc:
  Added format strings.
tests/mysql_client_test.c:
  Added new test case.
2009-07-01 14:09:44 +02:00
Staale Smedseng
6777150883 Merge from 5.0-bt 2009-06-29 15:17:01 +02:00
Alexey Kopytov
73cbaa6d17 Bug #45309: InnoDB does not rollback for delete and update
queries if query was killed 
 
Since we rely on thd->is_error() to decide whether we should 
COMMIT or ROLLBACK after a query execution, check the query 
'killed' state and throw an error before calling 
ha_autocommit_or_rollback(), not after. 
 
The patch was tested manually. For reliable results, the test 
case would have to KILL QUERY while a DELETE/UPDATE query in 
another thread is still running. I don't see a way to achieve 
this kind of synchronization in our test suite (no debug_sync 
in 5.1).

sql/sql_parse.cc:
  Since we rely on thd->is_error() to decide whether we should 
  COMMIT or ROLLBACK after query execution, check the query 
  'killed' state and throw an error before calling 
  ha_autocommit_or_rollback(), not after.
2009-06-23 10:15:27 +04:00
Staale Smedseng
2380d465f0 Merge from 5.0-bugteam 2009-06-17 16:56:44 +02:00
Staale Smedseng
3b0e6e4109 Bug #43414 Parenthesis (and other) warnings compiling MySQL
with gcc 4.3.2
      
Compiling MySQL with gcc 4.3.2 and later produces a number of 
warnings, many of which are new with the recent compiler
versions.
                  
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
2009-06-17 15:54:01 +02:00
Staale Smedseng
a103509788 Bug #43414 Parenthesis (and other) warnings compiling MySQL
with gcc 4.3.2

Compiling MySQL with gcc 4.3.2 and later produces a number of 
warnings, many of which are new with the recent compiler
versions.
            
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
2009-06-10 16:04:07 +02:00
Magnus Blåudd
51dd28a9a9 Merge bug#45326 2009-06-05 13:23:58 +02:00