summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mysql-test/r/func_math.result43
-rw-r--r--mysql-test/r/processlist.result3
-rw-r--r--mysql-test/r/processlist_notembedded.result12
-rw-r--r--mysql-test/r/subselect_sj.result26
-rw-r--r--mysql-test/r/subselect_sj_jcl6.result26
-rw-r--r--mysql-test/t/func_math.test25
-rw-r--r--mysql-test/t/processlist.test4
-rw-r--r--mysql-test/t/processlist_notembedded.test34
-rw-r--r--mysql-test/t/subselect_sj.test26
-rw-r--r--scripts/mysqlaccess.sh2
-rw-r--r--sql/opt_subselect.cc12
-rw-r--r--sql/sql_show.cc8
-rw-r--r--strings/ctype-simple.c18
13 files changed, 227 insertions, 12 deletions
diff --git a/mysql-test/r/func_math.result b/mysql-test/r/func_math.result
index 34b49f02659..66ee73de88e 100644
--- a/mysql-test/r/func_math.result
+++ b/mysql-test/r/func_math.result
@@ -875,6 +875,49 @@ t1 CREATE TABLE `t1` (
) ENGINE=MyISAM DEFAULT CHARSET=latin1
DROP TABLE t1;
#
+# Bug #29723340: MYSQL SERVER CRASH AFTER SQL QUERY WITH DATA ?AST
+#
+create table t1(a int);
+insert ignore t1 values("1e-214748364");
+Warnings:
+Warning 1265 Data truncated for column 'a' at row 1
+insert ignore t1 values("1e-2147483648");
+Warnings:
+Warning 1265 Data truncated for column 'a' at row 1
+insert ignore t1 values("1e-21474836480");
+Warnings:
+Warning 1265 Data truncated for column 'a' at row 1
+insert ignore t1 values("1e+214748364");
+Warnings:
+Warning 1264 Out of range value for column 'a' at row 1
+insert ignore t1 values("1e+2147483647");
+Warnings:
+Warning 1264 Out of range value for column 'a' at row 1
+insert ignore t1 values("1e+21474836470");
+Warnings:
+Warning 1264 Out of range value for column 'a' at row 1
+set global max_allowed_packet= cast(2*1024*1024*1024+1024 as unsigned);
+Warnings:
+Warning 1292 Truncated incorrect max_allowed_packet value: '2147484672'
+connect foo,localhost,root;
+set @a=2147483647;
+insert ignore t1 values (concat('1', repeat('0', @a+18), 'e-', @a-1, '0'));
+Warnings:
+Warning 1301 Result of repeat() was larger than max_allowed_packet (1073741824) - truncated
+disconnect foo;
+connection default;
+set global max_allowed_packet=default;
+select * from t1;
+a
+0
+0
+0
+2147483647
+2147483647
+2147483647
+NULL
+drop table t1;
+#
# End of 5.5 tests
#
#
diff --git a/mysql-test/r/processlist.result b/mysql-test/r/processlist.result
index 4be643c1790..2d3228a6d91 100644
--- a/mysql-test/r/processlist.result
+++ b/mysql-test/r/processlist.result
@@ -23,8 +23,9 @@ select command, time < 5 from information_schema.processlist where id != connect
command time < 5
Sleep 1
disconnect con1;
-set debug_sync='reset';
connection default;
+set debug_sync='reset';
+End of 5.5 tests
#
# 10.1 tests
#
diff --git a/mysql-test/r/processlist_notembedded.result b/mysql-test/r/processlist_notembedded.result
new file mode 100644
index 00000000000..67eeb5ae2ff
--- /dev/null
+++ b/mysql-test/r/processlist_notembedded.result
@@ -0,0 +1,12 @@
+#
+# MDEV-20466: SHOW PROCESSLIST truncates query text on \0 bytes
+#
+connect con1,localhost,root,,;
+connection con1;
+SET DEBUG_SYNC= 'before_join_optimize SIGNAL in_sync';
+connection default;
+SET DEBUG_SYNC= 'now WAIT_FOR in_sync';
+FOUND 1 /sleep \(30\)/ in MDEV-20466.text
+disconnect con1;
+SET DEBUG_SYNC = 'RESET';
+End of 5.5 tests
diff --git a/mysql-test/r/subselect_sj.result b/mysql-test/r/subselect_sj.result
index 262b4acdc89..28570223400 100644
--- a/mysql-test/r/subselect_sj.result
+++ b/mysql-test/r/subselect_sj.result
@@ -3199,5 +3199,31 @@ create table t1 (a1 varchar(25));
create table t2 (a2 varchar(25)) ;
insert into t1 select 'xxx' from dual where 'xxx' in (select a2 from t2);
drop table t1,t2;
+#
+# MDEV-13172: Wrong result / SELECT ... WHERE EXISTS ... (with UNIQUE Key)
+#
+CREATE TABLE `t1` (
+`Id` int(11) NOT NULL,
+PRIMARY KEY (`Id`)
+);
+INSERT INTO `t1` (`Id`) VALUES (1);
+CREATE TABLE `t2` (
+`t1_Id` int(11) NOT NULL DEFAULT 0,
+`col1` int(11) DEFAULT NULL,
+UNIQUE KEY `col1` (`col1`)
+);
+INSERT INTO `t2` (`t1_Id`, `col1`) VALUES (1, NULL), (1, NULL);
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+Id
+1
+explain extended
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+id select_type table type possible_keys key key_len ref rows filtered Extra
+1 PRIMARY t1 system PRIMARY NULL NULL NULL 1 100.00
+1 PRIMARY <subquery2> eq_ref distinct_key distinct_key 4 func 1 100.00
+2 MATERIALIZED t2 ref col1 col1 5 const 1 100.00 Using index condition; Using where
+Warnings:
+Note 1003 select 1 AS `Id` from (`test`.`t2`) where `test`.`t2`.`t1_Id` = 1 and `test`.`t2`.`col1` is null
+DROP TABLE t1, t2;
# End of 5.5 test
set optimizer_switch=@subselect_sj_tmp;
diff --git a/mysql-test/r/subselect_sj_jcl6.result b/mysql-test/r/subselect_sj_jcl6.result
index 3c52dc515f3..0484beddcbc 100644
--- a/mysql-test/r/subselect_sj_jcl6.result
+++ b/mysql-test/r/subselect_sj_jcl6.result
@@ -3211,6 +3211,32 @@ create table t1 (a1 varchar(25));
create table t2 (a2 varchar(25)) ;
insert into t1 select 'xxx' from dual where 'xxx' in (select a2 from t2);
drop table t1,t2;
+#
+# MDEV-13172: Wrong result / SELECT ... WHERE EXISTS ... (with UNIQUE Key)
+#
+CREATE TABLE `t1` (
+`Id` int(11) NOT NULL,
+PRIMARY KEY (`Id`)
+);
+INSERT INTO `t1` (`Id`) VALUES (1);
+CREATE TABLE `t2` (
+`t1_Id` int(11) NOT NULL DEFAULT 0,
+`col1` int(11) DEFAULT NULL,
+UNIQUE KEY `col1` (`col1`)
+);
+INSERT INTO `t2` (`t1_Id`, `col1`) VALUES (1, NULL), (1, NULL);
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+Id
+1
+explain extended
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+id select_type table type possible_keys key key_len ref rows filtered Extra
+1 PRIMARY t1 system PRIMARY NULL NULL NULL 1 100.00
+1 PRIMARY <subquery2> eq_ref distinct_key distinct_key 4 func 1 100.00
+2 MATERIALIZED t2 ref col1 col1 5 const 1 100.00 Using index condition; Using where
+Warnings:
+Note 1003 select 1 AS `Id` from (`test`.`t2`) where `test`.`t2`.`t1_Id` = 1 and `test`.`t2`.`col1` is null
+DROP TABLE t1, t2;
# End of 5.5 test
set optimizer_switch=@subselect_sj_tmp;
#
diff --git a/mysql-test/t/func_math.test b/mysql-test/t/func_math.test
index 46b0a00233b..04fee6fb66b 100644
--- a/mysql-test/t/func_math.test
+++ b/mysql-test/t/func_math.test
@@ -628,6 +628,31 @@ DROP TABLE t1;
--echo #
+--echo # Bug #29723340: MYSQL SERVER CRASH AFTER SQL QUERY WITH DATA ?AST
+--echo #
+
+create table t1(a int);
+insert ignore t1 values("1e-214748364");
+insert ignore t1 values("1e-2147483648");
+insert ignore t1 values("1e-21474836480");
+insert ignore t1 values("1e+214748364");
+insert ignore t1 values("1e+2147483647");
+insert ignore t1 values("1e+21474836470");
+
+# if max max_allowed_packet will ever be increased beyond 2GB, this could
+# break again:
+set global max_allowed_packet= cast(2*1024*1024*1024+1024 as unsigned);
+connect foo,localhost,root;
+set @a=2147483647;
+insert ignore t1 values (concat('1', repeat('0', @a+18), 'e-', @a-1, '0'));
+disconnect foo;
+connection default;
+set global max_allowed_packet=default;
+
+select * from t1;
+drop table t1;
+
+--echo #
--echo # End of 5.5 tests
--echo #
diff --git a/mysql-test/t/processlist.test b/mysql-test/t/processlist.test
index 4734c75c8d3..8e98701459a 100644
--- a/mysql-test/t/processlist.test
+++ b/mysql-test/t/processlist.test
@@ -49,10 +49,10 @@ SET DEBUG_SYNC = 'now WAIT_FOR query_done';
select command, time < 5 from information_schema.processlist where id != connection_id();
disconnect con1;
-set debug_sync='reset';
-
connection default;
+set debug_sync='reset';
+--echo End of 5.5 tests
--echo #
--echo # 10.1 tests
diff --git a/mysql-test/t/processlist_notembedded.test b/mysql-test/t/processlist_notembedded.test
new file mode 100644
index 00000000000..2dc6a0539ab
--- /dev/null
+++ b/mysql-test/t/processlist_notembedded.test
@@ -0,0 +1,34 @@
+source include/have_debug.inc;
+source include/have_debug_sync.inc;
+source include/not_embedded.inc;
+
+--echo #
+--echo # MDEV-20466: SHOW PROCESSLIST truncates query text on \0 bytes
+--echo #
+
+connect (con1,localhost,root,,);
+
+connection con1;
+
+let $q= `select CONCAT("SELECT user FROM mysql.user WHERE user ='some", CHAR(0), "' or sleep (30)")`;
+
+SET DEBUG_SYNC= 'before_join_optimize SIGNAL in_sync';
+--disable_query_log
+--send_eval $q;
+--enable_query_log
+connection default;
+
+SET DEBUG_SYNC= 'now WAIT_FOR in_sync';
+
+exec $MYSQL test -e "SHOW PROCESSLIST" > $MYSQLTEST_VARDIR/tmp/MDEV-20466.text;
+
+let SEARCH_FILE=$MYSQLTEST_VARDIR/tmp/MDEV-20466.text;
+let SEARCH_PATTERN=sleep \(30\);
+source include/search_pattern_in_file.inc;
+remove_file $MYSQLTEST_VARDIR/tmp/MDEV-20466.text;
+
+disconnect con1;
+
+SET DEBUG_SYNC = 'RESET';
+
+--echo End of 5.5 tests
diff --git a/mysql-test/t/subselect_sj.test b/mysql-test/t/subselect_sj.test
index e619a5df52c..c6877db8281 100644
--- a/mysql-test/t/subselect_sj.test
+++ b/mysql-test/t/subselect_sj.test
@@ -2886,6 +2886,32 @@ insert into t1 select 'xxx' from dual where 'xxx' in (select a2 from t2);
drop table t1,t2;
+
+--echo #
+--echo # MDEV-13172: Wrong result / SELECT ... WHERE EXISTS ... (with UNIQUE Key)
+--echo #
+
+CREATE TABLE `t1` (
+ `Id` int(11) NOT NULL,
+ PRIMARY KEY (`Id`)
+);
+
+INSERT INTO `t1` (`Id`) VALUES (1);
+
+CREATE TABLE `t2` (
+ `t1_Id` int(11) NOT NULL DEFAULT 0,
+ `col1` int(11) DEFAULT NULL,
+ UNIQUE KEY `col1` (`col1`)
+);
+
+INSERT INTO `t2` (`t1_Id`, `col1`) VALUES (1, NULL), (1, NULL);
+
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+explain extended
+SELECT Id FROM t1 WHERE Id in (SELECT t1_Id FROM t2 WHERE t2.col1 IS NULL);
+
+DROP TABLE t1, t2;
+
--echo # End of 5.5 test
# The following command must be the last one the file
diff --git a/scripts/mysqlaccess.sh b/scripts/mysqlaccess.sh
index c599aa96c57..aaf711b0fb9 100644
--- a/scripts/mysqlaccess.sh
+++ b/scripts/mysqlaccess.sh
@@ -26,7 +26,7 @@ use Fcntl;
BEGIN {
# ****************************
# static information...
- $VERSION = "2.06, 20 Dec 2000";
+ $VERSION = "2.10, 13 Sep 2019";
$0 =~ m%/([^/]+)$%o;
$script = $1;
$script = 'MySQLAccess' unless $script;
diff --git a/sql/opt_subselect.cc b/sql/opt_subselect.cc
index 1d3ebba4f4e..2fb5b88687f 100644
--- a/sql/opt_subselect.cc
+++ b/sql/opt_subselect.cc
@@ -2647,9 +2647,17 @@ bool find_eq_ref_candidate(TABLE *table, table_map sj_inner_tables)
{
do /* For all equalities on all key parts */
{
- /* Check if this is "t.keypart = expr(outer_tables) */
+ /*
+ Check if this is "t.keypart = expr(outer_tables)
+
+ Don't allow variants that can produce duplicates:
+ - Dont allow "ref or null"
+ - the keyuse (that is, the operation) must be null-rejecting,
+ unless the other expression is non-NULLable.
+ */
if (!(keyuse->used_tables & sj_inner_tables) &&
- !(keyuse->optimize & KEY_OPTIMIZE_REF_OR_NULL))
+ !(keyuse->optimize & KEY_OPTIMIZE_REF_OR_NULL) &&
+ (keyuse->null_rejecting || !keyuse->val->maybe_null))
{
bound_parts |= 1 << keyuse->keypart;
}
diff --git a/sql/sql_show.cc b/sql/sql_show.cc
index 1099821fcb3..4bc9870f422 100644
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -2734,8 +2734,12 @@ void mysqld_list_processes(THD *thd,const char *user, bool verbose)
else
protocol->store_null();
protocol->store(thd_info->state_info, system_charset_info);
- protocol->store(thd_info->query_string.str(),
- thd_info->query_string.charset());
+ if (thd_info->query_string.length())
+ protocol->store(thd_info->query_string.str(),
+ thd_info->query_string.length(),
+ thd_info->query_string.charset());
+ else
+ protocol->store_null();
if (!thd->variables.old_mode &&
!(thd->variables.old_behavior & OLD_MODE_NO_PROGRESS_INFO))
protocol->store(thd_info->progress, 3, &store_buffer);
diff --git a/strings/ctype-simple.c b/strings/ctype-simple.c
index 9b13be5aaa2..1c382de5e28 100644
--- a/strings/ctype-simple.c
+++ b/strings/ctype-simple.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2002, 2013, Oracle and/or its affiliates.
- Copyright (c) 2009, 2014, SkySQL Ab.
+ Copyright (c) 2009, 2019, MariaDB Corporation.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -1726,10 +1726,20 @@ exp: /* [ E [ <sign> ] <unsigned integer> ] */
goto ret_sign;
}
}
- for (exponent= 0 ;
- str < end && (ch= (uchar) (*str - '0')) < 10;
- str++)
+ if (shift > 0 && !negative_exp)
+ goto ret_too_big;
+ for (exponent= 0 ; str < end && (ch= (uchar) (*str - '0')) < 10; str++)
{
+ if (negative_exp)
+ {
+ if (exponent - shift > DIGITS_IN_ULONGLONG)
+ goto ret_zero;
+ }
+ else
+ {
+ if (exponent + shift > DIGITS_IN_ULONGLONG)
+ goto ret_too_big;
+ }
exponent= exponent * 10 + ch;
}
shift+= negative_exp ? -exponent : exponent;