From c9f7948bc47edc7ddc3b3693b9a3e4b623a97ca6 Mon Sep 17 00:00:00 2001 From: Mithun C Y Date: Fri, 30 Jan 2015 16:36:23 +0530 Subject: Bug #19892803: ASSERTION FAILED: N < M_SIZE WITH DISTINCT TIME ISSUE: ------ We pre-allocate the ref_pointer_array before we resolve outer references. This means that in some cases the ref_pointer_array may not be large enough to hold all references created. One such case is aggregate functions in having clause of a subquery which may add items to select list of outer query. So it is necessary to consider select_n_having_items for subqueries while allocating ref_pointer_array else we will get buffer overflow. SOLUTION: --------- Allocate a larger ref_pointer_array by aggregating select_n_having_items for subqueries. The fix in sql_yacc.yy is a backport from bug fix 18782905. --- sql/sql_yacc.yy | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'sql/sql_yacc.yy') diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 74a21c9f6b6..b32f7d26cf3 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -1,5 +1,5 @@ /* - Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -14128,6 +14128,13 @@ subselect_end: */ lex->current_select->select_n_where_fields+= child->select_n_where_fields; + + /* + Aggregate functions in having clause may add fields to an outer + select. Count them also. + */ + lex->current_select->select_n_having_items+= + child->select_n_having_items; } ; -- cgit v1.2.1 From 86f46a3da4a6d82cb510dc4c270d46cfd6a8965b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Lindstr=C3=B6m?= Date: Mon, 23 Mar 2015 09:49:32 +0200 Subject: MDEV-7301: Unknown column quoted with backticks in HAVING clause when using function. Merged upstream fix to Bug#16221433 MYSQL REJECTS QUERY DUE TO BAD RESOLUTION OF NAMES IN HAVING; VIEW UNREADABLE authored by Guilhem Bichot . --- sql/sql_yacc.yy | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'sql/sql_yacc.yy') diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 777cef517c0..257001c80d1 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -9214,7 +9214,8 @@ udf_expr: parse it out. If we hijack the input stream with remember_name we may get quoted or escaped names. */ - else if ($2->type() != Item::FIELD_ITEM) + else if ($2->type() != Item::FIELD_ITEM && + $2->type() != Item::REF_ITEM /* For HAVING */ ) $2->set_name($1, (uint) ($3 - $1), thd->charset()); $$= $2; } -- cgit v1.2.1 From c8dbef22add27eb6cc737b12eb80b968663d34bb Mon Sep 17 00:00:00 2001 From: Oleksandr Byelkin Date: Sun, 12 Apr 2015 20:41:28 +1000 Subject: MDEV-6916 REPAIR VIEW / mysql migration from: r4407 --- sql/sql_yacc.yy | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) (limited to 'sql/sql_yacc.yy') diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 257001c80d1..d9faaf287c2 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -1145,6 +1145,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize); %token MULTIPOINT %token MULTIPOLYGON %token MUTEX_SYM +%token MYSQL_SYM %token MYSQL_ERRNO_SYM %token NAMES_SYM /* SQL-2003-N */ %token NAME_SYM /* SQL-2003-N */ @@ -7191,11 +7192,16 @@ opt_checksum_type: ; repair: - REPAIR opt_no_write_to_binlog table_or_tables + REPAIR opt_no_write_to_binlog table_or_view { LEX *lex=Lex; lex->sql_command = SQLCOM_REPAIR; lex->no_write_to_binlog= $2; + if (lex->no_write_to_binlog && lex->only_view) + { + my_parse_error(ER(ER_SYNTAX_ERROR)); + MYSQL_YYABORT; + } lex->check_opt.init(); lex->alter_info.reset(); /* Will be overriden during execution. */ @@ -7204,6 +7210,15 @@ repair: table_list opt_mi_repair_type { LEX* lex= thd->lex; + if ((lex->only_view && + ((lex->check_opt.flags & (T_QUICK | T_EXTEND)) || + (lex->check_opt.sql_flags & TT_USEFRM))) || + (!lex->only_view && + (lex->check_opt.sql_flags & TT_FROM_MYSQL))) + { + my_parse_error(ER(ER_SYNTAX_ERROR)); + MYSQL_YYABORT; + } DBUG_ASSERT(!lex->m_stmt); lex->m_stmt= new (thd->mem_root) Repair_table_statement(lex); if (lex->m_stmt == NULL) @@ -7225,6 +7240,7 @@ mi_repair_type: QUICK { Lex->check_opt.flags|= T_QUICK; } | EXTENDED_SYM { Lex->check_opt.flags|= T_EXTEND; } | USE_FRM { Lex->check_opt.sql_flags|= TT_USEFRM; } + | FROM MYSQL_SYM { Lex->check_opt.sql_flags|= TT_FROM_MYSQL; } ; analyze: @@ -7257,7 +7273,7 @@ binlog_base64_event: ; check: - CHECK_SYM table_or_tables + CHECK_SYM table_or_view { LEX *lex=Lex; @@ -7275,6 +7291,13 @@ check: table_list opt_mi_check_type { LEX* lex= thd->lex; + if (lex->only_view && + (lex->check_opt.flags & (T_QUICK | T_FAST | T_EXTEND | + T_CHECK_ONLY_CHANGED))) + { + my_parse_error(ER(ER_SYNTAX_ERROR)); + MYSQL_YYABORT; + } DBUG_ASSERT(!lex->m_stmt); lex->m_stmt= new (thd->mem_root) Check_table_statement(lex); if (lex->m_stmt == NULL) @@ -7382,6 +7405,7 @@ keycache: LEX *lex=Lex; lex->sql_command= SQLCOM_ASSIGN_TO_KEYCACHE; lex->ident= $6; + lex->only_view= FALSE; } ; @@ -7426,6 +7450,7 @@ preload: LEX *lex=Lex; lex->sql_command=SQLCOM_PRELOAD_KEYS; lex->alter_info.reset(); + lex->only_view= FALSE; } preload_list_or_parts {} @@ -13187,6 +13212,7 @@ keyword_sp: | MULTIPOINT {} | MULTIPOLYGON {} | MUTEX_SYM {} + | MYSQL_SYM {} | MYSQL_ERRNO_SYM {} | NAME_SYM {} | NAMES_SYM {} @@ -13786,7 +13812,18 @@ lock: table_or_tables: TABLE_SYM + { Lex->only_view= FALSE; } + | TABLES + { Lex->only_view= FALSE; } + ; + +table_or_view: + TABLE_SYM + { Lex->only_view= FALSE; } | TABLES + { Lex->only_view= FALSE; } + | VIEW_SYM + { Lex->only_view= TRUE; } ; table_lock_list: -- cgit v1.2.1 From 28b173134ee1634a2489d3cef6faf2f3ea1f6ab4 Mon Sep 17 00:00:00 2001 From: Daniel Black Date: Mon, 13 Apr 2015 21:12:23 +1000 Subject: Allow REPAIR NO_WRITE_TO_BINLOG as per serg's review > + if (lex->no_write_to_binlog && lex->only_view) > + { > + my_parse_error(ER(ER_SYNTAX_ERROR)); > + MYSQL_YYABORT; Why? REPAIR NO_WRITE_TO_BINLOG VIEW makes perfect sense to me, why did you want to disallow it? --- sql/sql_yacc.yy | 5 ----- 1 file changed, 5 deletions(-) (limited to 'sql/sql_yacc.yy') diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index d9faaf287c2..dfbc6c43399 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -7197,11 +7197,6 @@ repair: LEX *lex=Lex; lex->sql_command = SQLCOM_REPAIR; lex->no_write_to_binlog= $2; - if (lex->no_write_to_binlog && lex->only_view) - { - my_parse_error(ER(ER_SYNTAX_ERROR)); - MYSQL_YYABORT; - } lex->check_opt.init(); lex->alter_info.reset(); /* Will be overriden during execution. */ -- cgit v1.2.1 From 6f17e233bf7f4de20dda8fb31f63aa52452c4e0a Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Tue, 28 Apr 2015 21:24:32 +0200 Subject: post-merge fixes --- sql/sql_yacc.yy | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) (limited to 'sql/sql_yacc.yy') diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 8f135e63113..cc16101c38b 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -13806,19 +13806,13 @@ lock: ; table_or_tables: - TABLE_SYM - { Lex->only_view= FALSE; } - | TABLES - { Lex->only_view= FALSE; } + TABLE_SYM { Lex->only_view= FALSE; } + | TABLES { Lex->only_view= FALSE; } ; table_or_view: - TABLE_SYM - { Lex->only_view= FALSE; } - | TABLES - { Lex->only_view= FALSE; } - | VIEW_SYM - { Lex->only_view= TRUE; } + table_or_tables + | VIEW_SYM { Lex->only_view= TRUE; } ; table_lock_list: -- cgit v1.2.1