From a70c34bf0f34703fd330f8cb828e48b303c5296a Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 2 Feb 2011 18:51:35 +0200 Subject: Fixes for Bug #55755 and Bug #52315 part 2 Bug #55755 : Date STD variable signness breaks server on FreeBSD and OpenBSD * Added a check to configure on the size of time_t * Created a macro to check for a valid time_t that is safe to use with datetime functions and store in TIMESTAMP columns. * Used the macro consistently instead of the ad-hoc checks introduced by 52315 * Fixed compliation warnings on platforms where the size of time_t is smaller than the size of a long (e.g. OpenBSD 4.8 64 amd64). Bug #52315: utc_date() crashes when system time > year 2037 * Added a correct check for the timestamp range instead of just variable size check to SET TIMESTAMP. * Added overflow checking before converting to time_t. * Using a correct localized error message in this case instead of the generic error. * Added a test suite. * fixed the checks so that they check for unsigned time_t as well. Used the checks consistently across the source code. * fixed the original test case to expect the new error code. --- mysql-test/t/variables.test | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mysql-test/t/variables.test') diff --git a/mysql-test/t/variables.test b/mysql-test/t/variables.test index 73e5bbd9d87..778fb133045 100644 --- a/mysql-test/t/variables.test +++ b/mysql-test/t/variables.test @@ -776,7 +776,7 @@ SET @@myisam_mmap_size= 500M; --echo # Bug #52315: utc_date() crashes when system time > year 2037 --echo # ---error 0, ER_UNKNOWN_ERROR +--error 0, ER_WRONG_VALUE_FOR_VAR SET TIMESTAMP=2*1024*1024*1024; --echo #Should not crash --disable_result_log -- cgit v1.2.1 From 9320dca994fdae18c549cb59266d49846dc1f839 Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Tue, 15 Mar 2011 17:36:12 +0600 Subject: Fixed Bug#11764168 "56976: SEVERE DENIAL OF SERVICE IN PREPARED STATEMENTS". The problem was that server didn't check resulting size of prepared statement argument which was set using mysql_send_long_data() API. By calling mysql_send_long_data() several times it was possible to create overly big string and thus force server to allocate memory for it. There was no way to limit this allocation. The solution is to add check for size of result string against value of max_long_data_size start-up parameter. When intermediate string exceeds max_long_data_size value an appropriate error message is emitted. We can't use existing max_allowed_packet parameter for this purpose since its value is limited by 1GB and therefore using it as a limit for data set through mysql_send_long_data() API would have been an incompatible change. Newly introduced max_long_data_size parameter gets value from max_allowed_packet parameter unless its value is specified explicitly. This new parameter is marked as deprecated and will be eventually replaced by max_allowed_packet parameter. Value of max_long_data_size parameter can be set only at server startup. mysql-test/t/variables.test: Added checking for new start-up parameter max_long_data_size. sql/item.cc: Added call to my_message() when accumulated string exceeds max_long_data_size value. my_message() calls error handler that was installed in mysql_stmt_get_longdata before call to Item_param::set_longdata. The error handler then sets state, last_error and last_errno fields for current statement to values which correspond to error which was caught. sql/mysql_priv.h: Added max_long_data_size variable declaration. sql/mysqld.cc: Added support for start-up parameter 'max_long_data_size'. This parameter limits size of data which can be sent from client to server using mysql_send_long_data() API. sql/set_var.cc: Added variable 'max_long_data_size' into list of variables displayed by command 'show variables'. sql/sql_prepare.cc: Added error handler class Set_longdata_error_handler. This handler is used to catch any errors that can be generated during execution of Item_param::set_longdata(). Source code snippet that makes checking for statement's state during statement execution is moved from Prepared_statement::execute() to Prepared_statement::execute_loop() in order not to call set_parameters() when statement has failed during set_long_data() execution. If this hadn't been done the call to set_parameters() would have failed. tests/mysql_client_test.c: A testcase for the bug #56976 was added. --- mysql-test/t/variables.test | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'mysql-test/t/variables.test') diff --git a/mysql-test/t/variables.test b/mysql-test/t/variables.test index 2513f4fbcc8..c61e2aa3708 100644 --- a/mysql-test/t/variables.test +++ b/mysql-test/t/variables.test @@ -1293,6 +1293,11 @@ SET @@global.max_join_size=0; SET @@global.key_buffer_size=0; SET @@global.key_cache_block_size=0; +# +# Bug#56976: added new start-up parameter +# +select @@max_long_data_size; + # cleanup SET @@global.max_binlog_cache_size=DEFAULT; SET @@global.max_join_size=DEFAULT; -- cgit v1.2.1 From dcf6b68d08acfbfdc3183b0a13f041af51573eb1 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Fri, 25 Mar 2011 12:57:27 +0200 Subject: Bug #11766769: 59959: SMALL VALUES OF --MAX-ALLOWED-PACKET ARE NOT BEING HONORED max_allowed_packet works in conjunction with net_buffer_length. max_allowed_packet is an upper bound of net_buffer_length. So it doesn't make sense to set the upper limit lower than the value. Added a warning (using ER_UNKNOWN_ERRROR and a specific message) when this is done (in the log at startup and when setting either max_allowed_packet or the net_buffer_length variables) Added a test case. Fixed several tests that broke the above rule. --- mysql-test/t/variables.test | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'mysql-test/t/variables.test') diff --git a/mysql-test/t/variables.test b/mysql-test/t/variables.test index c61e2aa3708..383bdfc79a9 100644 --- a/mysql-test/t/variables.test +++ b/mysql-test/t/variables.test @@ -1304,4 +1304,30 @@ SET @@global.max_join_size=DEFAULT; SET @@global.key_buffer_size=@kbs; SET @@global.key_cache_block_size=@kcbs; + +--echo # +--echo # Bug #11766769 : 59959: SMALL VALUES OF --MAX-ALLOWED-PACKET +--echo # ARE NOT BEING HONORED +--echo # + +CREATE TABLE t1 (a MEDIUMTEXT); + +SET GLOBAL max_allowed_packet=2048; +SET GLOBAL net_buffer_length=4096; +CONNECT (con1,localhost,root,,test); +SHOW SESSION VARIABLES LIKE 'max_allowed_packet'; +SHOW SESSION VARIABLES LIKE 'net_buffer_length'; +--disable_query_log +--error ER_NET_PACKET_TOO_LARGE +INSERT INTO t1 VALUES ('123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890'); +--enable_query_log +SELECT LENGTH(a) FROM t1; + +CONNECTION default; +DISCONNECT con1; +SET GLOBAL max_allowed_packet=default; +SET GLOBAL net_buffer_length=default; +DROP TABLE t1; + + --echo End of 5.1 tests -- cgit v1.2.1 From ff23f5360ee328bd6adb14436e68e080cfe1d110 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Mon, 28 Mar 2011 12:28:30 +0400 Subject: Bug#11766424 59527: DECIMAL_BIN_SIZE: ASSERTION `SCALE >= 0 && PRECISION > 0 && SCALE <= PRE Assertion happens due to missing initialization of unsigned_flag for Item_func_set_user_var object. It leads to incorrect calculation of decimal field size. The fix is to add initialization of unsigned_flag. mysql-test/r/variables.result: test case mysql-test/t/variables.test: test case sql/item_func.cc: add initialization of unsigned_flag. --- mysql-test/t/variables.test | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'mysql-test/t/variables.test') diff --git a/mysql-test/t/variables.test b/mysql-test/t/variables.test index 383bdfc79a9..8f111e7cf3b 100644 --- a/mysql-test/t/variables.test +++ b/mysql-test/t/variables.test @@ -1298,6 +1298,19 @@ SET @@global.key_cache_block_size=0; # select @@max_long_data_size; +--echo # +--echo # Bug#11766424 59527: DECIMAL_BIN_SIZE: ASSERTION `SCALE >= 0 && PRECISION > 0 && SCALE <= PRE +--echo # + +CREATE TABLE t1(f1 DECIMAL(1,1) UNSIGNED); +INSERT INTO t1 VALUES (0.2),(0.1); +SELECT 1 FROM t1 GROUP BY @a:= (SELECT ROUND(f1) FROM t1 WHERE @a=f1); +DROP TABLE t1; + +CREATE TABLE t1 AS SELECT @a:= CAST(1 AS UNSIGNED) AS a; +SHOW CREATE TABLE t1; +DROP TABLE t1; + # cleanup SET @@global.max_binlog_cache_size=DEFAULT; SET @@global.max_join_size=DEFAULT; -- cgit v1.2.1 From a3ab0d92defbafb462c7c5c50bab324521558971 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Mon, 28 Mar 2011 13:25:03 +0300 Subject: Fixed a test failure in embedded because of the fix for BUG#11766769 --- mysql-test/t/variables.test | 25 ------------------------- 1 file changed, 25 deletions(-) (limited to 'mysql-test/t/variables.test') diff --git a/mysql-test/t/variables.test b/mysql-test/t/variables.test index 8f111e7cf3b..d00b77e64c0 100644 --- a/mysql-test/t/variables.test +++ b/mysql-test/t/variables.test @@ -1318,29 +1318,4 @@ SET @@global.key_buffer_size=@kbs; SET @@global.key_cache_block_size=@kcbs; ---echo # ---echo # Bug #11766769 : 59959: SMALL VALUES OF --MAX-ALLOWED-PACKET ---echo # ARE NOT BEING HONORED ---echo # - -CREATE TABLE t1 (a MEDIUMTEXT); - -SET GLOBAL max_allowed_packet=2048; -SET GLOBAL net_buffer_length=4096; -CONNECT (con1,localhost,root,,test); -SHOW SESSION VARIABLES LIKE 'max_allowed_packet'; -SHOW SESSION VARIABLES LIKE 'net_buffer_length'; ---disable_query_log ---error ER_NET_PACKET_TOO_LARGE -INSERT INTO t1 VALUES ('123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890'); ---enable_query_log -SELECT LENGTH(a) FROM t1; - -CONNECTION default; -DISCONNECT con1; -SET GLOBAL max_allowed_packet=default; -SET GLOBAL net_buffer_length=default; -DROP TABLE t1; - - --echo End of 5.1 tests -- cgit v1.2.1