summaryrefslogtreecommitdiff
path: root/sql
Commit message (Collapse)AuthorAgeFilesLines
* Fix for non-partition buildsMikael Ronstrom2009-10-191-0/+20
|
* Removed GLOBAL INDEX syntax, need to develop GLOBAL indexes before adding ↵Mikael Ronstrom2009-10-164-25/+3
| | | | syntax for it
* Fixed review commentsMikael Ronstrom2009-10-168-38/+55
|
* BUG#47837, Duplicate field names were allowed in both column list ↵Mikael Ronstrom2009-10-063-0/+52
| | | | partitioning and key partitioning, added check to give error in this case
* BUG#47838, NULL values in ranges was dropped due to missing else part in ↵Mikael Ronstrom2009-10-061-4/+7
| | | | store_tuple_to_record
* BUG#47776, Fixed character set handling, used wrong length, eventually also ↵Mikael Ronstrom2009-10-051-13/+21
| | | | found that didn't need to convert to my_strnxfrm-format for column list partitioned tables, also column list partitioned tables can use multi-byte character sets in partition fields as well as where strxfrm multiplies the number of bytes in the string
* BUG#47754, used number of parts instead of number of list values as end part ↵Mikael Ronstrom2009-10-021-1/+9
| | | | for list partitioning in column list partitioning
* Fixed no_ to num_ change for NDB handlerMikael Ronstrom2009-10-011-14/+14
|
* BUG#47752, missed to sort values in list partitioningMikael Ronstrom2009-10-012-5/+6
|
* Changed all no_ to num_ to avoid strange names like no_list_values which is ↵Mikael Ronstrom2009-10-0111-450/+439
| | | | not expected to be number of list values, rather a boolea indicating no list values
* WL#3352, Introducing Column list partitioning, makes it possible to ↵Mikael Ronstrom2009-09-1517-745/+1770
| | | | partition on most data types, makes it possible to prune on multi-field partitioning
* Merge from mysql-5.1-bugteamAlexander Nozdrin2009-08-2626-215/+313
|\
| * Bug#45261: Crash, stored procedure + decimalDavi Arnaut2009-08-2410-102/+137
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem was that creating a DECIMAL column from a decimal value could lead to a failed assertion as decimal values can have a higher precision than those attached to a table. The assert could be triggered by creating a table from a decimal with a large (> 30) scale. Also, there was a problem in calculating the number of digits in the integral and fractional parts if both exceeded the maximum number of digits permitted by the new decimal type. The solution is to ensure that truncation procedure is executed when deducing a DECIMAL column from a decimal value of higher precision. If the integer part is equal to or bigger than the maximum precision for the DECIMAL type (65), the integer part is truncated to fit and the fractional becomes zero. Otherwise, the fractional part is truncated to fit into the space left after the integer part is copied. This patch borrows code and ideas from Martin Hansson's patch. mysql-test/r/type_newdecimal.result: Add test case result for Bug#45261. Also, update test case to reflect that an additive operation increases the precision of the resulting type by 1. mysql-test/t/type_newdecimal.test: Add test case for Bug#45261 sql/field.cc: Added DBUG_ASSERT to ensure object's invariant is maintained. Implement method to create a field to hold a decimal value from an item. sql/field.h: Explain member variable. Add method to create a new decimal field. sql/item.cc: The precision should only be capped when storing the value on a table. Also, this makes it impossible to calculate the integer part if Item::decimals (the scale) is larger than the precision. sql/item.h: Simplify calculation of integer part. sql/item_cmpfunc.cc: Do not limit the precision. It will be capped later. sql/item_func.cc: Use new method for allocating a new decimal field. Add a specialized method for retrieving the precision of a user variable item. sql/item_func.h: Add method to return the precision of a user variable. sql/item_sum.cc: Use new method for allocating a new decimal field. sql/my_decimal.h: The integer part could be improperly calculated for a decimal with 31 digits in the fractional part. sql/sql_select.cc: Use new method which truncates the integer or decimal parts as needed.
| * auto-merge mysql-5.1-bugteam (local) --> mysql-5.1-bugteamAlfranio Correia2009-08-241-3/+0
| |\
| | * BUG#45694 Deadlock in replicated statement is not retriedAlfranio Correia2009-08-191-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the SQL Thread fails to execute an event due to a temporary error (e.g. ER_LOCK_DEADLOCK) and the option "--slave_transaction_retries" is set the SQL Thread should not be aborted and the transaction should be restarted from the beginning and re-executed. Unfortunately, a wrong interpretation of the THD::is_fatal_error was preventing this behavior. In a nutshell, "this variable is set to TRUE if an execution of a compound statement cannot continue. In particular, it is used to disable access to the CONTINUE or EXIT handlers of stored routines. So even temporary errors may have this variable set. To fix the bug, we have done what follows: DBUG_ENTER("has_temporary_error"); - if (thd->is_fatal_error) - DBUG_RETURN(0); - DBUG_EXECUTE_IF("all_errors_are_temporary_errors", if (thd->main_da.is_error()) {
| * | auto-merge mysql-5.1-bugteam (local) --> mysql-5.1-bugteamAlfranio Correia2009-08-241-2/+11
| |\ \
| | * | BUG#46130 Slave does not correctly handle "expected errors"Alfranio Correia2009-08-131-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In STATEMENT based replication, a statement that failed on the master but that updated non-transactional tables is written to binary log with the error code appended to it. On the slave, the statement is executed and the same error is expected. However, when an "expected error" did not happen on the slave and was either ignored or was related to a concurrency issue on the master, the slave did not rollback the effects of the statement and as such inconsistencies might happen. To fix the problem, we automatically rollback a statement that should have failed on a slave but succeded and whose expected failure is either ignored or stems from a concurrency issue on the master.
| * | | mergeMattias Jonsson2009-08-211-33/+0
| |\ \ \
| | * | | Bug#46639: 1030 (HY000): Got error 124 from storage engine onMattias Jonsson2009-08-211-33/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | INSERT ... SELECT ... Problem was that when bulk insert is used on an empty table/partition, it disables the indexes for better performance, but in this specific case it also tries to read from that partition using an index, which is not possible since it has been disabled. Solution was to allow index reads on disabled indexes if there are no records. Also reverted the patch for bug#38005, since that was a workaround in the partitioning engine instead of a fix in myisam. mysql-test/r/partition.result: Bug#46639: 1030 (HY000): Got error 124 from storage engine on INSERT ... SELECT ... updated result file mysql-test/t/partition.test: Bug#46639: 1030 (HY000): Got error 124 from storage engine on INSERT ... SELECT ... Added testcase sql/ha_partition.cc: Bug#46639: 1030 (HY000): Got error 124 from storage engine on INSERT ... SELECT ... reverted the patch for bug#38005, since that was a workaround around this problem, not needed after fixing it in myisam. storage/myisam/mi_search.c: Bug#46639: 1030 (HY000): Got error 124 from storage engine on INSERT ... SELECT ... Return HA_ERR_END_OF_FILE instead of HA_ERR_WRONG_INDEX when there are no rows.
| * | | | reverted the fix for bug #46019 from 5.1-bugteamGeorgi Kodinov2009-08-213-18/+3
| |\ \ \ \
| | * \ \ \ automergeGeorgi Kodinov2009-08-211-0/+1
| | |\ \ \ \
| | | * \ \ \ Merge.Martin Hansson2009-08-211-0/+1
| | | |\ \ \ \
| | * | | | | | Revert of the fix for bug #46019.Georgi Kodinov2009-08-212-31/+4
| | |/ / / / /
| * | | | | | Merge.Martin Hansson2009-08-211-0/+1
| |\ \ \ \ \ \
| | * \ \ \ \ \ Bug#46616: MergeMartin Hansson2009-08-201-0/+1
| | |\ \ \ \ \ \ | | | | |/ / / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mysql-test/r/auto_increment.result: Bug#46616: Test result. mysql-test/t/auto_increment.test: Bug#46616: Test case. sql/sql_update.cc: Bug#46616: Fix.
| | | * | | | | Bug#46616: Assertion `!table->auto_increment_field_not_null' on Martin Hansson2009-08-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | view manipulations The bespoke flag was not properly reset after last call to fill_record. Fixed by resetting in caller mysql_update. mysql-test/r/auto_increment.result: Bug#46616: Test result. mysql-test/t/auto_increment.test: Bug#46616: Test case. sql/sql_update.cc: Bug#46616: Fix.
| * | | | | | | Fix for bug #46456 [Ver->Prg]: HANDLER OPEN + TRUNCATE + DROPRamil Kalimullin2009-08-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (temporary) TABLE, crash Problem: if one has an open "HANDLER t1", further "TRUNCATE t1" doesn't close the handler and leaves handler table hash in an inconsistent state, that may lead to a server crash. Fix: TRUNCATE should implicitly close all open handlers. Doc. request: the fact should be described in the manual accordingly. mysql-test/r/handler_myisam.result: Fix for bug #46456 [Ver->Prg]: HANDLER OPEN + TRUNCATE + DROP (temporary) TABLE, crash - test result. mysql-test/t/handler_myisam.test: Fix for bug #46456 [Ver->Prg]: HANDLER OPEN + TRUNCATE + DROP (temporary) TABLE, crash - test case. sql/sql_delete.cc: Fix for bug #46456 [Ver->Prg]: HANDLER OPEN + TRUNCATE + DROP (temporary) TABLE, crash - remove all truncated tables from the HANDLER's hash.
| * | | | | | | merge of bug #46019 to 5.1-bugteamGeorgi Kodinov2009-08-203-3/+18
| |\ \ \ \ \ \ \ | | | |_|/ / / / | | |/| | | | |
| | * | | | | | Bug #46019: ERROR 1356 When selecting from within anotherGeorgi Kodinov2009-08-192-4/+31
| | | |/ / / / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | view that has Group By Table access rights checking function check_grant() assumed that no view is opened when it's called. This is not true with nested views where the inner view needs materialization. In this case the view is already materialized when check_grant() is called for it. This caused check_grant() to not look for table level grants on the materialized view table. Fixed by checking if a view is already materialized and if it is check table level grants using the original table name (not the ones of the materialized temp table).
| * | | | | | Bug #45962: memory leak after 'sort aborted' errorsGeorgi Kodinov2009-07-091-1/+10
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the function exits with an error it was not freeing the local Unique class instance. Fixed my making sure all the places where the function returns from are freeing the Unique instance
| * | | | | automergeGeorgi Kodinov2009-08-178-87/+88
| |\ \ \ \ \ | | |_|/ / / | |/| | | |
| * | | | | AutomergeRamil Kalimullin2009-08-142-0/+33
| |\ \ \ \ \
| | * \ \ \ \ Merge from mysql-5.0-bugteam.Davi Arnaut2009-08-132-0/+33
| | |\ \ \ \ \ | | | | |/ / / | | | |/| | |
| | | * | | | Bug#46013: rpl_extraColmaster_myisam fails on pb2Davi Arnaut2009-08-132-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug#45243: crash on win in sql thread clear_tables_to_lock() -> free() Bug#45242: crash on win in mysql_close() -> free() Bug#45238: rpl_slave_skip, rpl_change_master failed (lost connection) for STOP SLAVE Bug#46030: rpl_truncate_3innodb causes server crash on windows Bug#46014: rpl_stm_reset_slave crashes the server sporadically in pb2 When killing a user session on the server, it's necessary to interrupt (notify) the thread associated with the session that the connection is being killed so that the thread is woken up if waiting for I/O. On a few platforms (Mac, Windows and HP-UX) where the SIGNAL_WITH_VIO_CLOSE flag is defined, this interruption procedure is to asynchronously close the underlying socket of the connection. In order to enable this schema, each connection serving thread registers its VIO (I/O interface) so that other threads can access it and close the connection. But only the owner thread of the VIO might delete it as to guarantee that other threads won't see freed memory (the thread unregisters the VIO before deleting it). A side note: closing the socket introduces a harmless race that might cause a thread attempt to read from a closed socket, but this is deemed acceptable. The problem is that this infrastructure was meant to only be used by server threads, but the slave I/O thread was registering the VIO of a mysql handle (a client API structure that represents a connection to another server instance) as a active connection of the thread. But under some circumstances such as network failures, the client API might destroy the VIO associated with a handle at will, yet the VIO wouldn't be properly unregistered. This could lead to accesses to freed data if a thread attempted to kill a slave I/O thread whose connection was already broken. There was a attempt to work around this by checking whether the socket was being interrupted, but this hack didn't work as intended due to the aforementioned race -- attempting to read from the socket would yield a "bad file descriptor" error. The solution is to add a hook to the client API that is called from the client code before the VIO of a handle is deleted. This hook allows the slave I/O thread to detach the active vio so it does not point to freed memory. server-tools/instance-manager/mysql_connection.cc: Add stub method required for linking. sql-common/client.c: Invoke hook. sql/client_settings.h: Export hook. sql/slave.cc: Introduce hook that clears the active VIO before it is freed by the client API.
| * | | | | | Fix for bug #46614: Assertion in show_create_trigger() Ramil Kalimullin2009-08-141-2/+0
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | on SHOW CREATE TRIGGER + MERGE table Problem: SHOW CREATE TRIGGER erroneously relies on fact that we have the only underlying table for a trigger (wrong for merge tables). Fix: remove erroneous assert(). mysql-test/r/merge.result: Fix for bug #46614: Assertion in show_create_trigger() on SHOW CREATE TRIGGER + MERGE table - test result. mysql-test/t/merge.test: Fix for bug #46614: Assertion in show_create_trigger() on SHOW CREATE TRIGGER + MERGE table - test case. sql/sql_show.cc: Fix for bug #46614: Assertion in show_create_trigger() on SHOW CREATE TRIGGER + MERGE table - unnecessary assert() removed as we may have more than 1 tables open e.g. for a merge table.
| * | | | | BUG#45574 CREATE IF NOT EXISTS is not binlogged if the object existsunknown2009-08-133-53/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is an inconsistency with DROP DATABASE|TABLE|EVENT IF EXISTS and CREATE DATABASE|TABLE|EVENT IF NOT EXISTS. DROP IF EXISTS statements are binlogged even if either the DB, TABLE or EVENT does not exist. In contrast, Only the CREATE EVENT IF NOT EXISTS is binlogged when the EVENT exists. This patch fixes the following cases for all the replication formats: CREATE DATABASE IF NOT EXISTS. CREATE TABLE IF NOT EXISTS, CREATE TABLE IF NOT EXISTS ... LIKE, CREAET TABLE IF NOT EXISTS ... SELECT. sql/sql_insert.cc: Part of the code was moved from the create_table_from_items to select_create::prepare. When replication is row based, CREATE TABLE IF NOT EXISTS.. SELECT is binlogged if the table exists.
| * | | | | mergeMattias Jonsson2009-08-123-17/+5
| |\ \ \ \ \
| | * | | | | A follow up patch for the follow up patch for Bug#45829 Konstantin Osipov2009-08-122-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "CREATE TABLE TRANSACTIONAL PAGE_CHECKSUM ROW_FORMAT=PAGE accepted, does nothing". Put back stubs for members of structures that are shared between sql/ and pluggable storage engines. to not break ABI unnecessarily. To be NULL-merged into 5.4, where we do break the ABI already.
| | * | | | | A follow up patch for Bug#45829 "CREATE TABLE TRANSACTIONAL Konstantin Osipov2009-08-123-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PAGE_CHECKSUM ROW_FORMAT=PAGE accepted, does nothing" Remove unused code that would lead to warnings when compiling sql_yacc.yy. sql/handler.h: Remove unused defines. sql/sql_yacc.yy: Remove unused grammar. sql/table.h: Remove unused TABLE members.
| * | | | | | manual mergeMattias Jonsson2009-08-121-0/+3
| |\ \ \ \ \ \
| | * | | | | | Bug#46478: timestamp field incorrectly defaultedMattias Jonsson2009-08-061-0/+3
| | | |_|_|/ / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when partition is reoganized. Problem was that table->timestamp_field_type was not changed before copying rows between partitions. fixed by setting it to TIMESTAMP_NO_AUTO_SET as the first thing in fast_alter_partition_table, so that all if-branches is covered.
| * | | | | | mergeMattias Jonsson2009-08-122-2/+11
| |\ \ \ \ \ \ | | |_|/ / / / | |/| | | | |
| | * | | | | Bug#39893: Crash if select on a partitioned table, when partitioning is disabledMattias Jonsson2009-01-082-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Problem was that it tried to run partitioning function calls when opening a partitioned table, when it was explicitly disabled. Solution is to check if the partitioning plugin is ready to use before using any partitioning specific calls. mysql-test/r/disabled_partition.require: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled New require file to use when partitioning is disabled (but compiled in) mysql-test/r/not_partition.result: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled Updated testcase mysql-test/r/partition_disabled.result: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled New result file mysql-test/std_data/parts/t1.frm: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled frm file for 'create table t1 (a int) partition by hash (a)' mysql-test/t/not_partition.test: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled Updated test cases mysql-test/t/partition_disabled-master.opt: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled New opt file mysql-test/t/partition_disabled.test: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled New test file (looks like not_partition.test, but with different errors) sql/sql_yacc.yy: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled Better error message (it is already built with partitioning, but is explicitly disabled). sql/table.cc: Bug#39893: Crash if select on a partitioned table, when partitioning is disabled If the partitioning plugin is not ready, fail to open the table.
| * | | | | | Manual Mergeunknown2009-08-121-0/+9
| |\ \ \ \ \ \ | | | |_|/ / / | | |/| | | |
| | * | | | | BUG#45516 SQL thread does not use database charset properlyunknown2009-08-121-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replication SQL thread does not set database default charset to thd->variables.collation_database properly, when executing LOAD DATA binlog. This bug can be repeated by using "LOAD DATA" command in STATEMENT mode. This patch adds code to find the default character set of the current database then assign it to thd->db_charset when slave server begins to execute a relay log. The test of this bug is added into rpl_loaddata_charset.test
* | | | | | | merge of 5.1-main into mysql-trunk.Guilhem Bichot2009-08-1250-425/+993
|\ \ \ \ \ \ \ | | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | Changes to ha_innodb.cc are not propagated to plugin, they will come back via Oracle/Innobase if needed.
| * | | | | | Merge from mysql-5.1-bugteam.Davi Arnaut2009-08-117-24/+46
| |\ \ \ \ \ \ | | |/ / / / /
| | * | | | | Manual merge.Davi Arnaut2009-08-102-7/+10
| | |\ \ \ \ \ | | | |/ / / /
| | | * | | | Bug#45010: invalid memory reads during parsing some strange statementsDavi Arnaut2009-08-071-7/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem is that the lexer could inadvertently skip over the end of a query being parsed if it encountered a malformed multibyte character. A specially crated query string could cause the lexer to jump up to six bytes past the end of the query buffer. Another problem was that the laxer could use unfiltered user input as a signed array index for the parser maps (having upper and lower bounds 0 and 256 respectively). The solution is to ensure that the lexer only skips over well-formed multibyte characters and that the index value of the parser maps is always a unsigned value. mysql-test/r/ctype_recoding.result: Update test case result: ending backtick is not skipped over anymore. sql/sql_lex.cc: Characters being analyzed must be unsigned as they can be used as indexes for the parser maps. Only skip over if the string is a valid multi-byte sequence. tests/mysql_client_test.c: Add test case for Bug#45010
| | * | | | | MergeMartin Hansson2009-08-102-13/+20
| | |\ \ \ \ \ | | | |_|_|_|/ | | |/| | | |
View Lorry Controller Status