From 7ccbf9b817b47d0393fe66bda6f6013ec24486ba Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Tue, 29 Jun 2010 16:32:03 +0700 Subject: Fixed bug #51855. Race condition in XA START. If several threads concurrently execute the statement XA START 'x', then mysqld server could crash. sql/sql_class.cc: xid_cache_insert: added checking for element in cache before insert it, return TRUE if such element already exists. sql/sql_parse.cc: mysql_execute_command modified: * sequence of calls to xid_cache_search(..)/xid_cache_insert(...) replaced by call to xid_cache_insert(...) in alternative 'case SQLCOM_XA_START:' * added comment to alternative 'case SQLCOM_XA_COMMIT:'. --- sql/sql_class.cc | 10 +++++++--- sql/sql_parse.cc | 26 ++++++++++++++++++-------- 2 files changed, 25 insertions(+), 11 deletions(-) (limited to 'sql') diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 93aa6a8268c..99792f2b262 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -3365,9 +3365,13 @@ bool xid_cache_insert(XID *xid, enum xa_states xa_state) bool xid_cache_insert(XID_STATE *xid_state) { pthread_mutex_lock(&LOCK_xid_cache); - DBUG_ASSERT(hash_search(&xid_cache, xid_state->xid.key(), - xid_state->xid.key_length())==0); - my_bool res=my_hash_insert(&xid_cache, (uchar*)xid_state); + if (hash_search(&xid_cache, xid_state->xid.key(), xid_state->xid.key_length())) + { + pthread_mutex_unlock(&LOCK_xid_cache); + my_error(ER_XAER_DUPID, MYF(0)); + return TRUE; + } + my_bool res= my_hash_insert(&xid_cache, (uchar*)xid_state); pthread_mutex_unlock(&LOCK_xid_cache); return res; } diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index ed2c76fdcb8..a8dede3e7f5 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -4730,7 +4730,7 @@ create_sp_error: my_error(ER_XAER_NOTA, MYF(0)); break; } - thd->transaction.xid_state.xa_state=XA_ACTIVE; + thd->transaction.xid_state.xa_state= XA_ACTIVE; my_ok(thd); break; } @@ -4750,16 +4750,16 @@ create_sp_error: my_error(ER_XAER_OUTSIDE, MYF(0)); break; } - if (xid_cache_search(thd->lex->xid)) - { - my_error(ER_XAER_DUPID, MYF(0)); - break; - } DBUG_ASSERT(thd->transaction.xid_state.xid.is_null()); - thd->transaction.xid_state.xa_state=XA_ACTIVE; + thd->transaction.xid_state.xa_state= XA_ACTIVE; thd->transaction.xid_state.rm_error= 0; thd->transaction.xid_state.xid.set(thd->lex->xid); - xid_cache_insert(&thd->transaction.xid_state); + if (xid_cache_insert(&thd->transaction.xid_state)) + { + thd->transaction.xid_state.xa_state= XA_NOTR; + thd->transaction.xid_state.xid.null(); + break; + } thd->transaction.all.modified_non_trans_table= FALSE; thd->options= ((thd->options & ~(OPTION_KEEP_LOG)) | OPTION_BEGIN); thd->server_status|= SERVER_STATUS_IN_TRANS; @@ -4813,6 +4813,16 @@ create_sp_error: case SQLCOM_XA_COMMIT: if (!thd->transaction.xid_state.xid.eq(thd->lex->xid)) { + /* + xid_state.in_thd is always true beside of xa recovery + procedure. Note, that there is no race condition here + between xid_cache_search and xid_cache_delete, since we're always + deleting our own XID (thd->lex->xid == thd->transaction.xid_state.xid). + The only case when thd->lex->xid != thd->transaction.xid_state.xid + and xid_state->in_thd == 0 is in ha_recover() functionality, + which is called before starting client connections, and thus is + always single-threaded. + */ XID_STATE *xs=xid_cache_search(thd->lex->xid); if (!xs || xs->in_thd) my_error(ER_XAER_NOTA, MYF(0)); -- cgit v1.2.1 From e98169d52c8610efa523040d4409054e352f92df Mon Sep 17 00:00:00 2001 From: Alexey Kopytov Date: Mon, 12 Jul 2010 18:58:55 +0400 Subject: Bug#55061: Build failing on sol 8 x86 - assembler code vs compiler problem GCC-style inline assembly is not supported by the Sun Studio compilers prior to version 12. Added a check for the Sun Studio version to avoid using _FPU_GETCW() / _FPU_SETCW() when inline assembly is unsupported. This can lead to some differences in floating point calculations on Solaris 8/x86 which, however, is not worth bothering with Sun-style assembly .il templates. --- sql/mysqld.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 99f16b36dfa..598db8d993c 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -190,7 +190,7 @@ typedef fp_except fp_except_t; # define fpu_control_t unsigned int # define _FPU_EXTENDED 0x300 # define _FPU_DOUBLE 0x200 -# if defined(__GNUC__) || defined(__SUNPRO_CC) +# if defined(__GNUC__) || (defined(__SUNPRO_CC) && __SUNPRO_CC >= 0x590) # define _FPU_GETCW(cw) asm volatile ("fnstcw %0" : "=m" (*&cw)) # define _FPU_SETCW(cw) asm volatile ("fldcw %0" : : "m" (*&cw)) # else -- cgit v1.2.1 From 689a96fcce55221101b8c9b613104c0b96edfb6b Mon Sep 17 00:00:00 2001 From: Sven Sandberg Date: Tue, 20 Jul 2010 17:27:13 +0200 Subject: BUG#55322: SHOW BINLOG EVENTS increases @@SESSION.MAX_ALLOWED_PACKET Problem: when SHOW BINLOG EVENTS was issued, it increased the value of @@session.max_allowed_packet. This allowed a non-root user to increase the amount of memory used by her thread arbitrarily. Thus, it removes the bound on the amount of system resources used by a client, so it presents a security risk (DoS attack). Fix: it is correct to increase the value of @@session.max_allowed_packet while executing SHOW BINLOG EVENTS (see BUG 30435). However, the increase should only be temporary. Thus, the fix is to restore the value when SHOW BINLOG EVENTS ends. The value of @@session.max_allowed_packet is also increased in mysql_binlog_send (i.e., the binlog dump thread). It is not clear if this can cause any trouble, since normally the client that issues COM_BINLOG_DUMP will not issue any other commands that would be affected by the increased value of @@session.max_allowed_packet. However, we restore the value just in case. mysql-test/suite/rpl/r/rpl_packet.result: update result file mysql-test/suite/rpl/t/rpl_packet.test: Add test that verifies that @@session.max_allowed_packet does not change when issuing SHOW BINLOG EVENTS. Make previous sub-test clean up. Add comments listing the bugs in this test case. sql/sql_repl.cc: Restore the old value of thd->variables.max_allowed_packet at the end of mysql_binlog_send and mysql_show_binlog_events. --- sql/sql_repl.cc | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'sql') diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index c220f609c09..dcbc982b4aa 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -357,6 +357,7 @@ void mysql_binlog_send(THD* thd, char* log_ident, my_off_t pos, #ifndef DBUG_OFF int left_events = max_binlog_dump_events; #endif + int old_max_allowed_packet= thd->variables.max_allowed_packet; DBUG_ENTER("mysql_binlog_send"); DBUG_PRINT("enter",("log_ident: '%s' pos: %ld", log_ident, (long) pos)); @@ -762,6 +763,7 @@ end: pthread_mutex_lock(&LOCK_thread_count); thd->current_linfo = 0; pthread_mutex_unlock(&LOCK_thread_count); + thd->variables.max_allowed_packet= old_max_allowed_packet; DBUG_VOID_RETURN; err: @@ -779,6 +781,7 @@ err: pthread_mutex_unlock(&LOCK_thread_count); if (file >= 0) (void) my_close(file, MYF(MY_WME)); + thd->variables.max_allowed_packet= old_max_allowed_packet; my_message(my_errno, errmsg, MYF(0)); DBUG_VOID_RETURN; @@ -1422,6 +1425,7 @@ bool mysql_show_binlog_events(THD* thd) bool ret = TRUE; IO_CACHE log; File file = -1; + int old_max_allowed_packet= thd->variables.max_allowed_packet; DBUG_ENTER("mysql_show_binlog_events"); Log_event::init_show_field_list(&field_list); @@ -1560,6 +1564,7 @@ err: pthread_mutex_lock(&LOCK_thread_count); thd->current_linfo = 0; pthread_mutex_unlock(&LOCK_thread_count); + thd->variables.max_allowed_packet= old_max_allowed_packet; DBUG_RETURN(ret); } -- cgit v1.2.1 From b0035c76d46caf25d6b52f4e1552c1e83f7f0911 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Tue, 20 Jul 2010 14:36:15 -0300 Subject: Bug#54453: Failing assertion: trx->active_trans when renaming a table with active trx Essentially, the problem is that InnoDB does a implicit commit when a cursor (table handler) is unlocked/closed, creating a dissonance between the transaction state within the server layer and the storage engine layer. Theoretically, a statement transaction can encompass several table instances in a similar manner to a multiple statement transaction, hence it does not make sense to limit a statement transaction to the lifetime of the table instances (cursors) used within it. Since this particular instance of the problem is only triggerable on 5.1 and is masked on 5.5 due 2PC being skipped (assertion is in the prepare phase of a 2PC), the solution (which is less risky) is to explicitly end the transaction before the cached table is unlock on rename table. The patch is to be null merged into trunk. mysql-test/include/commit.inc: Fix counters, the binlog engine does not get involved anymore. mysql-test/suite/innodb_plugin/r/innodb_bug54453.result: Add test case result for Bug#54453 mysql-test/suite/innodb_plugin/t/innodb_bug54453.test: Add test case for Bug#54453 sql/sql_table.cc: End transaction as otherwise InnoDB will end it behind our backs. --- sql/sql_table.cc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'sql') diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 50045ec6d90..47b91fcca0e 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -6848,6 +6848,14 @@ view_err: if (!error && (new_name != table_name || new_db != db)) { thd_proc_info(thd, "rename"); + + /* + Workaround InnoDB ending the transaction when the table instance + is unlocked/closed (close_cached_table below), otherwise the trx + state will differ between the server and storage engine layers. + */ + ha_autocommit_or_rollback(thd, 0); + /* Then do a 'simple' rename of the table. First we need to close all instances of 'source' table. -- cgit v1.2.1 From 9a5fa17fd3c4885262e31bf14cf495d02e5f6b27 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Tue, 20 Jul 2010 15:07:36 -0300 Subject: Bug#45288: pb2 returns a lot of compilation warnings on linux Fix warnings flagged by the new warning option -Wunused-but-set-variable that was added to GCC 4.6 and that is enabled by -Wunused and -Wall. The option causes a warning whenever a local variable is assigned to but is later unused. It also warns about meaningless pointer dereferences. client/mysql.cc: Meaningless pointer dereferences. client/mysql_upgrade.c: Check whether reading from the file succeeded. extra/comp_err.c: Unused. extra/yassl/src/yassl_imp.cpp: Skip instead of reading data that is discarded. include/my_pthread.h: Variable is only used in debug builds. include/mysys_err.h: Add new error messages. mysys/errors.c: Add new error message for permission related functions. mysys/mf_iocache.c: Variable is only checked under THREAD. mysys/my_copy.c: Raise a error if chmod or chown fails. mysys/my_redel.c: Raise a error if chmod or chown fails. regex/engine.c: Use a equivalent variable for the assert. server-tools/instance-manager/instance_options.cc: Unused. sql/field.cc: Unused. sql/item.cc: Unused. sql/log.cc: Do not ignore the return value of freopen: only set buffer if reopening succeeds. Adjust doxygen comment to the right function. Pass message lenght to log function. sql/mysqld.cc: Do not ignore the return value of freopen: only set buffer if reopening succeeds. sql/partition_info.cc: Unused. sql/slave.cc: No need to set pointer to the address of '\0'. sql/spatial.cc: Unused. Left for historical purposes. sql/sql_acl.cc: Unused. sql/sql_base.cc: Pointers are always set to the same variables. sql/sql_parse.cc: End statement if reading fails. Store the buffer after it has actually been updated. sql/sql_repl.cc: No need to set pointer to the address of '\0'. sql/sql_show.cc: Put variable under the same ifdef block. sql/udf_example.c: Set null pointer flag appropriately. storage/csv/ha_tina.cc: Meaningless dereferences. storage/example/ha_example.cc: Return the error since it's available. storage/myisam/mi_locking.c: Remove unused and dead code. --- sql/field.cc | 2 -- sql/item.cc | 5 ++-- sql/log.cc | 73 +++++++++++++++++++++++++++------------------------ sql/mysqld.cc | 7 +++-- sql/partition_info.cc | 2 -- sql/slave.cc | 7 ++--- sql/spatial.cc | 3 +-- sql/sql_acl.cc | 2 -- sql/sql_base.cc | 14 +++------- sql/sql_load.cc | 13 +++++---- sql/sql_parse.cc | 17 +++++++----- sql/sql_repl.cc | 7 ++--- sql/sql_show.cc | 4 +-- sql/sql_table.cc | 2 -- sql/table.cc | 3 +-- sql/udf_example.c | 2 +- 16 files changed, 73 insertions(+), 90 deletions(-) (limited to 'sql') diff --git a/sql/field.cc b/sql/field.cc index c648b53e139..c887a5f1c9b 100644 --- a/sql/field.cc +++ b/sql/field.cc @@ -5541,7 +5541,6 @@ int Field_date::store(const char *from, uint len,CHARSET_INFO *cs) int Field_date::store(double nr) { longlong tmp; - int error= 0; if (nr >= 19000000000000.0 && nr <= 99991231235959.0) nr=floor(nr/1000000.0); // Timestamp to date if (nr < 0.0 || nr > 99991231.0) @@ -5550,7 +5549,6 @@ int Field_date::store(double nr) set_datetime_warning(MYSQL_ERROR::WARN_LEVEL_WARN, ER_WARN_DATA_OUT_OF_RANGE, nr, MYSQL_TIMESTAMP_DATE); - error= 1; } else tmp= (longlong) rint(nr); diff --git a/sql/item.cc b/sql/item.cc index db2c4c0974b..66c5314c16e 100644 --- a/sql/item.cc +++ b/sql/item.cc @@ -255,11 +255,10 @@ my_decimal *Item::val_decimal_from_int(my_decimal *decimal_value) my_decimal *Item::val_decimal_from_string(my_decimal *decimal_value) { String *res; - char *end_ptr; + if (!(res= val_str(&str_value))) - return 0; // NULL or EOM + return NULL; - end_ptr= (char*) res->ptr()+ res->length(); if (str2my_decimal(E_DEC_FATAL_ERROR & ~E_DEC_BAD_NUM, res->ptr(), res->length(), res->charset(), decimal_value) & E_DEC_BAD_NUM) diff --git a/sql/log.cc b/sql/log.cc index d8d5f6fa418..614a07e6b63 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -5050,6 +5050,22 @@ void sql_perror(const char *message) } +/* + Unfortunately, there seems to be no good way + to restore the original streams upon failure. +*/ +static bool redirect_std_streams(const char *file) +{ + if (freopen(file, "a+", stdout) && freopen(file, "a+", stderr)) + { + setbuf(stderr, NULL); + return FALSE; + } + + return TRUE; +} + + bool flush_error_log() { bool result=0; @@ -5077,11 +5093,7 @@ bool flush_error_log() setbuf(stderr, NULL); (void) my_delete(err_renamed, MYF(0)); my_rename(log_error_file,err_renamed,MYF(0)); - if (freopen(log_error_file,"a+",stdout)) - { - freopen(log_error_file,"a+",stderr); - setbuf(stderr, NULL); - } + redirect_std_streams(log_error_file); if ((fd = my_open(err_temp, O_RDONLY, MYF(0))) >= 0) { @@ -5096,13 +5108,7 @@ bool flush_error_log() result= 1; #else my_rename(log_error_file,err_renamed,MYF(0)); - if (freopen(log_error_file,"a+",stdout)) - { - FILE *reopen; - reopen= freopen(log_error_file,"a+",stderr); - setbuf(stderr, NULL); - } - else + if (redirect_std_streams(log_error_file)) result= 1; #endif VOID(pthread_mutex_unlock(&LOCK_error_log)); @@ -5153,25 +5159,9 @@ static void print_buffer_to_nt_eventlog(enum loglevel level, char *buff, #endif /* __NT__ */ -/** - Prints a printf style message to the error log and, under NT, to the - Windows event log. - - This function prints the message into a buffer and then sends that buffer - to other functions to write that message to other logging sources. - - @param event_type Type of event to write (Error, Warning, or Info) - @param format Printf style format of message - @param args va_list list of arguments for the message - - @returns - The function always returns 0. The return value is present in the - signature to be compatible with other logging routines, which could - return an error (e.g. logging to the log tables) -*/ - #ifndef EMBEDDED_LIBRARY -static void print_buffer_to_file(enum loglevel level, const char *buffer) +static void print_buffer_to_file(enum loglevel level, const char *buffer, + size_t length) { time_t skr; struct tm tm_tmp; @@ -5185,7 +5175,7 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) localtime_r(&skr, &tm_tmp); start=&tm_tmp; - fprintf(stderr, "%02d%02d%02d %2d:%02d:%02d [%s] %s\n", + fprintf(stderr, "%02d%02d%02d %2d:%02d:%02d [%s] %.*s\n", start->tm_year % 100, start->tm_mon+1, start->tm_mday, @@ -5194,7 +5184,7 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) start->tm_sec, (level == ERROR_LEVEL ? "ERROR" : level == WARNING_LEVEL ? "Warning" : "Note"), - buffer); + (int) length, buffer); fflush(stderr); @@ -5202,7 +5192,22 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) DBUG_VOID_RETURN; } +/** + Prints a printf style message to the error log and, under NT, to the + Windows event log. + This function prints the message into a buffer and then sends that buffer + to other functions to write that message to other logging sources. + + @param level The level of the msg significance + @param format Printf style format of message + @param args va_list list of arguments for the message + + @returns + The function always returns 0. The return value is present in the + signature to be compatible with other logging routines, which could + return an error (e.g. logging to the log tables) +*/ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) { char buff[1024]; @@ -5210,7 +5215,7 @@ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) DBUG_ENTER("vprint_msg_to_log"); length= my_vsnprintf(buff, sizeof(buff), format, args); - print_buffer_to_file(level, buff); + print_buffer_to_file(level, buff, length); #ifdef __NT__ print_buffer_to_nt_eventlog(level, buff, length, sizeof(buff)); @@ -5218,7 +5223,7 @@ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) DBUG_RETURN(0); } -#endif /*EMBEDDED_LIBRARY*/ +#endif /* EMBEDDED_LIBRARY */ void sql_print_error(const char *format, ...) diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 99f16b36dfa..fda64e5a1ea 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -3783,7 +3783,6 @@ static void end_ssl() static int init_server_components() { - FILE* reopen; DBUG_ENTER("init_server_components"); /* We need to call each of these following functions to ensure that @@ -3826,8 +3825,8 @@ static int init_server_components() if (freopen(log_error_file, "a+", stdout)) #endif { - reopen= freopen(log_error_file, "a+", stderr); - setbuf(stderr, NULL); + if (freopen(log_error_file, "a+", stderr)) + setbuf(stderr, NULL); } } } @@ -8222,7 +8221,7 @@ mysqld_get_one_option(int optid, *val= 0; val+= 2; while (*val && my_isspace(mysqld_charset, *val)) - *val++; + val++; if (!*val) { sql_print_error("Bad syntax in replicate-rewrite-db - empty TO db!\n"); diff --git a/sql/partition_info.cc b/sql/partition_info.cc index d85888e295c..f37151ea51d 100644 --- a/sql/partition_info.cc +++ b/sql/partition_info.cc @@ -1206,13 +1206,11 @@ bool partition_info::set_up_charset_field_preps() i= 0; while ((field= *(ptr++))) { - CHARSET_INFO *cs; uchar *field_buf; LINT_INIT(field_buf); if (!field_is_partition_charset(field)) continue; - cs= ((Field_str*)field)->charset(); size= field->pack_length(); if (!(field_buf= (uchar*) sql_calloc(size))) goto error; diff --git a/sql/slave.cc b/sql/slave.cc index 795bc481071..f1e0962e7e8 100644 --- a/sql/slave.cc +++ b/sql/slave.cc @@ -3035,11 +3035,8 @@ log '%s' at position %s, relay log '%s' position: %s", RPL_LOG_NAME, pthread_mutex_lock(&rli->data_lock); if (rli->slave_skip_counter) { - char *pos; - pos= strmake(saved_log_name, rli->group_relay_log_name, FN_REFLEN - 1); - pos= '\0'; - pos= strmake(saved_master_log_name, rli->group_master_log_name, FN_REFLEN - 1); - pos= '\0'; + strmake(saved_log_name, rli->group_relay_log_name, FN_REFLEN - 1); + strmake(saved_master_log_name, rli->group_master_log_name, FN_REFLEN - 1); saved_log_pos= rli->group_relay_log_pos; saved_master_log_pos= rli->group_master_log_pos; saved_skip= rli->slave_skip_counter; diff --git a/sql/spatial.cc b/sql/spatial.cc index 11df6c00dc5..2305a8eb97d 100644 --- a/sql/spatial.cc +++ b/sql/spatial.cc @@ -159,11 +159,10 @@ Geometry *Geometry::construct(Geometry_buffer *buffer, { uint32 geom_type; Geometry *result; - char byte_order; if (data_len < SRID_SIZE + WKB_HEADER_SIZE) // < 4 + (1 + 4) return NULL; - byte_order= data[SRID_SIZE]; + /* + 1 to skip the byte order (stored in position SRID_SIZE). */ geom_type= uint4korr(data + SRID_SIZE + 1); if (!(result= create_by_typeid(buffer, (int) geom_type))) return NULL; diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 90eef872115..b507b70d1fb 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -5701,7 +5701,6 @@ bool mysql_create_user(THD *thd, List &list) { int result; String wrong_users; - ulong sql_mode; LEX_USER *user_name, *tmp_user_name; List_iterator user_list(list); TABLE_LIST tables[GRANT_TABLES]; @@ -5748,7 +5747,6 @@ bool mysql_create_user(THD *thd, List &list) } some_users_created= TRUE; - sql_mode= thd->variables.sql_mode; if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0)) { append_user(&wrong_users, user_name); diff --git a/sql/sql_base.cc b/sql/sql_base.cc index d2392bdd9b1..c38526a6d0b 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -5674,7 +5674,7 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) DBUG_ENTER("update_field_dependencies"); if (thd->mark_used_columns != MARK_COLUMNS_NONE) { - MY_BITMAP *current_bitmap, *other_bitmap; + MY_BITMAP *bitmap; /* We always want to register the used keys, as the column bitmap may have @@ -5685,15 +5685,9 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) table->merge_keys.merge(field->part_of_key); if (thd->mark_used_columns == MARK_COLUMNS_READ) - { - current_bitmap= table->read_set; - other_bitmap= table->write_set; - } + bitmap= table->read_set; else - { - current_bitmap= table->write_set; - other_bitmap= table->read_set; - } + bitmap= table->write_set; /* The test-and-set mechanism in the bitmap is not reliable during @@ -5702,7 +5696,7 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) only those columns that are used in the SET clause. I.e they are being set here. See multi_update::prepare() */ - if (bitmap_fast_test_and_set(current_bitmap, field->field_index)) + if (bitmap_fast_test_and_set(bitmap, field->field_index)) { if (thd->mark_used_columns == MARK_COLUMNS_WRITE) { diff --git a/sql/sql_load.cc b/sql/sql_load.cc index ee7481234a4..a4cf46b35e8 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -128,6 +128,7 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, bool is_fifo=0; #ifndef EMBEDDED_LIBRARY LOAD_FILE_INFO lf_info; + THD::killed_state killed_status; #endif char *db = table_list->db; // This is never null /* @@ -138,7 +139,6 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, char *tdb= thd->db ? thd->db : db; // Result is never null ulong skip_lines= ex->skip_lines; bool transactional_table; - THD::killed_state killed_status= THD::NOT_KILLED; DBUG_ENTER("mysql_load"); #ifdef EMBEDDED_LIBRARY @@ -455,7 +455,11 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, error=1; thd->killed= THD::KILL_QUERY; };); - killed_status= (error == 0)? THD::NOT_KILLED : thd->killed; + +#ifndef EMBEDDED_LIBRARY + killed_status= (error == 0) ? THD::NOT_KILLED : thd->killed; +#endif + /* We must invalidate the table in query cache before binlog writing and ha_autocommit_... @@ -708,12 +712,9 @@ read_fixed_length(THD *thd, COPY_INFO &info, TABLE_LIST *table_list, List_iterator_fast it(fields_vars); Item_field *sql_field; TABLE *table= table_list->table; - ulonglong id; bool err; DBUG_ENTER("read_fixed_length"); - id= 0; - while (!read_info.read_fixed_length()) { if (thd->killed) @@ -839,12 +840,10 @@ read_sep_field(THD *thd, COPY_INFO &info, TABLE_LIST *table_list, Item *item; TABLE *table= table_list->table; uint enclosed_length; - ulonglong id; bool err; DBUG_ENTER("read_sep_field"); enclosed_length=enclosed.length(); - id= 0; for (;;it.rewind()) { diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 1f3d29ffec0..134517e5bf7 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -465,6 +465,12 @@ static void handle_bootstrap_impl(THD *thd) } buff= (char*) thd->net.buff; res= fgets(buff + length, thd->net.max_packet - length, file); + if (!res && !feof(file)) + { + net_end_statement(thd); + bootstrap_error= 1; + break; + } length+= (ulong) strlen(buff + length); /* purecov: end */ } @@ -1535,7 +1541,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, { STATUS_VAR current_global_status_var; ulong uptime; - uint length; + uint length __attribute__((unused)); ulonglong queries_per_second1000; char buff[250]; uint buff_len= sizeof(buff); @@ -1548,7 +1554,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, else queries_per_second1000= thd->query_id * LL(1000) / uptime; - length= my_snprintf((char*) buff, buff_len - 1, + length= my_snprintf(buff, buff_len - 1, "Uptime: %lu Threads: %d Questions: %lu " "Slow queries: %lu Opens: %lu Flush tables: %lu " "Open tables: %u Queries per second avg: %u.%u", @@ -1560,10 +1566,6 @@ bool dispatch_command(enum enum_server_command command, THD *thd, cached_open_tables(), (uint) (queries_per_second1000 / 1000), (uint) (queries_per_second1000 % 1000)); -#ifdef EMBEDDED_LIBRARY - /* Store the buffer in permanent memory */ - my_ok(thd, 0, 0, buff); -#endif #ifdef SAFEMALLOC if (sf_malloc_cur_memory) // Using SAFEMALLOC { @@ -1578,6 +1580,9 @@ bool dispatch_command(enum enum_server_command command, THD *thd, VOID(my_net_write(net, (uchar*) buff, length)); VOID(net_flush(net)); thd->main_da.disable_status(); +#else + /* Store the buffer in permanent memory */ + my_ok(thd, 0, 0, buff); #endif break; } diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index f6045e4704e..d7dd3eb63f2 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -1168,12 +1168,9 @@ bool change_master(THD* thd, Master_info* mi) /* Before processing the command, save the previous state. */ - char *pos; - pos= strmake(saved_host, mi->host, HOSTNAME_LENGTH); - pos= '\0'; + strmake(saved_host, mi->host, HOSTNAME_LENGTH); saved_port= mi->port; - pos= strmake(saved_log_name, mi->master_log_name, FN_REFLEN - 1); - pos= '\0'; + strmake(saved_log_name, mi->master_log_name, FN_REFLEN - 1); saved_log_pos= mi->master_log_pos; /* diff --git a/sql/sql_show.cc b/sql/sql_show.cc index d0e76e501e2..eb5d3a1965d 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -3868,7 +3868,6 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, uint flags=field->flags; char tmp[MAX_FIELD_WIDTH]; String type(tmp,sizeof(tmp), system_charset_info); - char *end; int decimals, field_length; if (wild && wild[0] && @@ -3889,7 +3888,7 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, field->field_name) & COL_ACLS; if (!tables->schema_table && !col_access) continue; - end= tmp; + char *end= tmp; for (uint bitnr=0; col_access ; col_access>>=1,bitnr++) { if (col_access & 1) @@ -4015,7 +4014,6 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, table->field[15]->store((const char*) pos, strlen((const char*) pos), cs); - end= tmp; if (field->unireg_check == Field::NEXT_NUMBER) table->field[16]->store(STRING_WITH_LEN("auto_increment"), cs); if (show_table->timestamp_field == field && diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 47b91fcca0e..f765e5c5cae 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -6507,7 +6507,6 @@ bool mysql_alter_table(THD *thd,char *new_db, char *new_name, uint index_add_count= 0; uint *index_add_buffer= NULL; uint candidate_key_count= 0; - bool committed= 0; bool no_pk; DBUG_ENTER("mysql_alter_table"); @@ -7380,7 +7379,6 @@ view_err: DBUG_PRINT("info", ("Committing before unlocking table")); if (ha_autocommit_or_rollback(thd, 0) || end_active_trans(thd)) goto err1; - committed= 1; } /*end of if (! new_table) for add/drop index*/ diff --git a/sql/table.cc b/sql/table.cc index dde3654dab1..e989ab039a0 100644 --- a/sql/table.cc +++ b/sql/table.cc @@ -534,7 +534,7 @@ int open_table_def(THD *thd, TABLE_SHARE *share, uint db_flags) int error, table_type; bool error_given; File file; - uchar head[288], *disk_buff; + uchar head[288]; char path[FN_REFLEN]; MEM_ROOT **root_ptr, *old_root; DBUG_ENTER("open_table_def"); @@ -543,7 +543,6 @@ int open_table_def(THD *thd, TABLE_SHARE *share, uint db_flags) error= 1; error_given= 0; - disk_buff= NULL; strxmov(path, share->normalized_path.str, reg_ext, NullS); if ((file= my_open(path, O_RDONLY | O_SHARE, MYF(0))) < 0) diff --git a/sql/udf_example.c b/sql/udf_example.c index 637293209e0..468118b44ef 100644 --- a/sql/udf_example.c +++ b/sql/udf_example.c @@ -1067,7 +1067,7 @@ char *myfunc_argument_name(UDF_INIT *initid __attribute__((unused)), { if (!args->attributes[0]) { - null_value= 0; + *null_value= 1; return 0; } (*length)--; /* space for ending \0 (for debugging purposes) */ -- cgit v1.2.1 From bd41af86ebc53510760504b980f073be4438f6e9 Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Wed, 21 Jul 2010 14:56:43 +0700 Subject: Fixed bug #42496 - the server could crash on a debug assert after a failure to write into a closed socket sql/protocol.cc: Protocol::flush modified: set thd->main_da.can_overwrite_status= TRUE before call to net_flush() in order to prevent crash on assert in case of socket write failure, reset it to FALSE when net_flush() returned; Protocol::send_fields modified: return from method with error if call to my_net_write(), proto.write() or write_eof_packet() failed. sql/sql_cache.cc: Query_cache::send_result_to_client modified: call to thd->main_da.disable_status() only if write to socket was successful. sql/sql_cursor.cc: Materialized_cursor::fetch modified: leave method if call to result->send_data() failed. sql/sql_prepare.cc: send_prep_stmt() modified: call to thd->main_da.disable_status() only if thd->protocol_text.send_fields() completed successfully. --- sql/protocol.cc | 15 +++++++++++---- sql/sql_cache.cc | 3 ++- sql/sql_cursor.cc | 7 ++++++- sql/sql_prepare.cc | 7 +++++-- 4 files changed, 24 insertions(+), 8 deletions(-) (limited to 'sql') diff --git a/sql/protocol.cc b/sql/protocol.cc index dc53e029647..dfb78462f13 100644 --- a/sql/protocol.cc +++ b/sql/protocol.cc @@ -534,7 +534,11 @@ void Protocol::end_partial_result_set(THD *thd_arg) bool Protocol::flush() { #ifndef EMBEDDED_LIBRARY - return net_flush(&thd->net); + bool error; + thd->main_da.can_overwrite_status= TRUE; + error= net_flush(&thd->net); + thd->main_da.can_overwrite_status= FALSE; + return error; #else return 0; #endif @@ -574,7 +578,8 @@ bool Protocol::send_fields(List *list, uint flags) if (flags & SEND_NUM_ROWS) { // Packet with number of elements uchar *pos= net_store_length(buff, list->elements); - (void) my_net_write(&thd->net, buff, (size_t) (pos-buff)); + if (my_net_write(&thd->net, buff, (size_t) (pos-buff))) + DBUG_RETURN(1); } #ifndef DBUG_OFF @@ -698,7 +703,7 @@ bool Protocol::send_fields(List *list, uint flags) if (flags & SEND_DEFAULTS) item->send(&prot, &tmp); // Send default value if (prot.write()) - break; /* purecov: inspected */ + DBUG_RETURN(1); #ifndef DBUG_OFF field_types[count++]= field.type; #endif @@ -711,7 +716,9 @@ bool Protocol::send_fields(List *list, uint flags) to show that there is no cursor. Send no warning information, as it will be sent at statement end. */ - write_eof_packet(thd, &thd->net, thd->server_status, thd->total_warn_count); + if (write_eof_packet(thd, &thd->net, thd->server_status, + thd->total_warn_count)) + DBUG_RETURN(1); } DBUG_RETURN(prepare_for_send(list)); diff --git a/sql/sql_cache.cc b/sql/sql_cache.cc index f862cbed4f1..fcf4edbdc22 100644 --- a/sql/sql_cache.cc +++ b/sql/sql_cache.cc @@ -1653,7 +1653,8 @@ def_week_frmt: %lu, in_trans: %d, autocommit: %d", thd->limit_found_rows = query->found_rows(); thd->status_var.last_query_cost= 0.0; - thd->main_da.disable_status(); + if (!thd->main_da.is_set()) + thd->main_da.disable_status(); BLOCK_UNLOCK_RD(query_block); DBUG_RETURN(1); // Result sent to client diff --git a/sql/sql_cursor.cc b/sql/sql_cursor.cc index 6f61dc40f66..d7d029d28d4 100644 --- a/sql/sql_cursor.cc +++ b/sql/sql_cursor.cc @@ -658,7 +658,12 @@ void Materialized_cursor::fetch(ulong num_rows) if ((res= table->file->rnd_next(table->record[0]))) break; /* Send data only if the read was successful. */ - result->send_data(item_list); + /* + If network write failed (i.e. due to a closed socked), + the error has already been set. Just return. + */ + if (result->send_data(item_list)) + return; } switch (res) { diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index 041d9f7c30b..bd152866deb 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -263,8 +263,11 @@ static bool send_prep_stmt(Prepared_statement *stmt, uint columns) &stmt->lex->param_list, Protocol::SEND_EOF); } - /* Flag that a response has already been sent */ - thd->main_da.disable_status(); + + if (!error) + /* Flag that a response has already been sent */ + thd->main_da.disable_status(); + DBUG_RETURN(error); } #else -- cgit v1.2.1 From e24abd9091ce28a27f27073ab70aed94851362bc Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 21 Jul 2010 18:05:57 +0300 Subject: Addendum #4 to bug #53095 SHOW DATABASES LIKE ... was not converting to lowercase on comparison as the documentation is suggesting. Fixed it to behave similarly to SHOW TABLES LIKE ... and updated the failing on MacOSX lowercase_table2 test case. --- sql/sql_show.cc | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index eb5d3a1965d..616bced8f4a 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -521,8 +521,19 @@ find_files(THD *thd, List *files, const char *db, continue; file_name_len= filename_to_tablename(file->name, uname, sizeof(uname)); - if (wild && wild_compare(uname, wild, 0)) - continue; + if (wild) + { + if (lower_case_table_names) + { + if (my_wildcmp(files_charset_info, + uname, uname + file_name_len, + wild, wild + wild_length, + wild_prefix, wild_one,wild_many)) + continue; + } + else if (wild_compare(uname, wild, 0)) + continue; + } if (!(file_name= thd->make_lex_string(file_name, uname, file_name_len, TRUE))) { -- cgit v1.2.1 From e9a52f962f2d89fe1938145105bcb35f970a2414 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 22 Jul 2010 11:15:15 -0500 Subject: Bug#49542 - Do as the comment suggests and downgrade directory errors from find_file() to a warning unless they happen during a SHOW command. --- sql/sql_show.cc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index eb5d3a1965d..c979d44dc1c 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -1,4 +1,4 @@ -/* Copyright 2000-2008 MySQL AB, 2008 Sun Microsystems, Inc. +/* Copyright 2000, 2010 Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -9,9 +9,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ /* Function with list databases, tables or fields */ @@ -2986,7 +2986,7 @@ make_table_name_list(THD *thd, List *table_names, LEX *lex, */ if (res == FIND_FILES_DIR) { - if (lex->sql_command != SQLCOM_SELECT) + if (sql_command_flags[lex->sql_command] & CF_STATUS_COMMAND) return 1; thd->clear_error(); return 2; -- cgit v1.2.1 From 2124538d9cea1cea39b01f0b8b99052b36004fb9 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 29 Jul 2010 11:00:57 +0800 Subject: BUG#49124 Security issue with /*!-versioned */ SQL statements on Slave /*![:version:] Query Code */, where [:version:] is a sequence of 5 digits representing the mysql server version(e.g /*!50200 ... */), is a special comment that the query in it can be executed on those servers whose versions are larger than the version appearing in the comment. It leads to a security issue when slave's version is larger than master's. A malicious user can improve his privileges on slaves. Because slave SQL thread is running with SUPER privileges, so it can execute queries that he/she does not have privileges on master. This bug is fixed with the logic below: - To replace '!' with ' ' in the magic comments which are not applied on master. So they become common comments and will not be applied on slave. - Example: 'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /*!99999 ,(3)*/ will be binlogged as 'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /* 99999 ,(3)*/ mysql-test/suite/rpl/t/rpl_conditional_comments.test: Test the patch for this bug. sql/mysql_priv.h: Rename inBuf as rawBuf and remove the const limitation. sql/sql_lex.cc: To replace '!' with ' ' in the magic comments which are not applied on master. sql/sql_lex.h: Remove the const limitation on parameter buff, as it can be modified in the function since this patch. Add member function yyUnput for Lex_input_stream. It set a character back the query buff. sql/sql_parse.cc: Rename inBuf as rawBuf and remove the const limitation. sql/sql_partition.cc: Remove the const limitation on parameter part_buff, as it can be modified in the function since this patch. sql/sql_partition.h: Remove the const limitation on parameter part_buff, as it can be modified in the function since this patch. sql/table.h: Remove the const limitation on variable partition_info, as it can be modified since this patch. --- sql/mysql_priv.h | 2 +- sql/sql_lex.cc | 19 +++++++++++++++---- sql/sql_lex.h | 20 +++++++++++++++++--- sql/sql_parse.cc | 12 ++++++------ sql/sql_partition.cc | 2 +- sql/sql_partition.h | 2 +- sql/table.h | 2 +- 7 files changed, 42 insertions(+), 17 deletions(-) (limited to 'sql') diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h index 88f3763ef50..9f2c0b04f2c 100644 --- a/sql/mysql_priv.h +++ b/sql/mysql_priv.h @@ -1024,7 +1024,7 @@ bool mysql_opt_change_db(THD *thd, bool force_switch, bool *cur_db_changed); -void mysql_parse(THD *thd, const char *inBuf, uint length, +void mysql_parse(THD *thd, char *rawbuf, uint length, const char ** semicolon); bool mysql_test_parse_for_slave(THD *thd,char *inBuf,uint length); diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc index 6bfd6f3906c..2bff036b1f1 100644 --- a/sql/sql_lex.cc +++ b/sql/sql_lex.cc @@ -111,7 +111,7 @@ st_parsing_options::reset() } -bool Lex_input_stream::init(THD *thd, const char *buff, unsigned int length) +bool Lex_input_stream::init(THD *thd, char *buff, unsigned int length) { DBUG_EXECUTE_IF("bug42064_simulate_oom", DBUG_SET("+d,simulate_out_of_memory");); @@ -1292,11 +1292,10 @@ int MYSQLlex(void *arg, void *yythd) ulong version; version=strtol(version_str, NULL, 10); - /* Accept 'M' 'm' 'm' 'd' 'd' */ - lip->yySkipn(5); - if (version <= MYSQL_VERSION_ID) { + /* Accept 'M' 'm' 'm' 'd' 'd' */ + lip->yySkipn(5); /* Expand the content of the special comment as real code */ lip->set_echo(TRUE); state=MY_LEX_START; @@ -1304,7 +1303,19 @@ int MYSQLlex(void *arg, void *yythd) } else { + const char* version_mark= lip->get_ptr() - 1; + DBUG_ASSERT(*version_mark == '!'); + /* + Patch and skip the conditional comment to avoid it + being propagated infinitely (eg. to a slave). + */ + char *pcom= lip->yyUnput(' '); comment_closed= ! consume_comment(lip, 1); + if (! comment_closed) + { + DBUG_ASSERT(pcom == version_mark); + *pcom= '!'; + } /* version allowed to have one level of comment inside. */ } } diff --git a/sql/sql_lex.h b/sql/sql_lex.h index cefb0cb49fb..7403bb5a1a4 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -1180,7 +1180,7 @@ public: @retval FALSE OK @retval TRUE Error */ - bool init(THD *thd, const char *buff, unsigned int length); + bool init(THD *thd, char *buff, unsigned int length); /** Set the echo mode. @@ -1294,6 +1294,20 @@ public: m_ptr += n; } + /** + Puts a character back into the stream, canceling + the effect of the last yyGet() or yySkip(). + Note that the echo mode should not change between calls + to unput, get, or skip from the stream. + */ + char *yyUnput(char ch) + { + *--m_ptr= ch; + if (m_echo) + m_cpp_ptr--; + return m_ptr; + } + /** End of file indicator for the query text to parse. @return true if there are no more characters to parse @@ -1440,7 +1454,7 @@ public: private: /** Pointer to the current position in the raw input stream. */ - const char *m_ptr; + char *m_ptr; /** Starting position of the last token parsed, in the raw buffer. */ const char *m_tok_start; @@ -1972,7 +1986,7 @@ public: @retval FALSE OK @retval TRUE Error */ - bool init(THD *thd, const char *buff, unsigned int length) + bool init(THD *thd, char *buff, unsigned int length) { return m_lip.init(thd, buff, length); } diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 0a509f62849..9ec03ea1d5f 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -5946,13 +5946,13 @@ void mysql_init_multi_delete(LEX *lex) Parse a query. @param thd Current thread - @param inBuf Begining of the query text + @param rawbuf Begining of the query text @param length Length of the query text @param[out] found_semicolon For multi queries, position of the character of the next query in the query text. */ -void mysql_parse(THD *thd, const char *inBuf, uint length, +void mysql_parse(THD *thd, char *rawbuf, uint length, const char ** found_semicolon) { DBUG_ENTER("mysql_parse"); @@ -5978,7 +5978,7 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, lex_start(thd); mysql_reset_thd_for_next_command(thd); - if (query_cache_send_result_to_client(thd, (char*) inBuf, length) <= 0) + if (query_cache_send_result_to_client(thd, rawbuf, length) <= 0) { LEX *lex= thd->lex; @@ -5987,7 +5987,7 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, Parser_state parser_state; bool err; - if (!(err= parser_state.init(thd, inBuf, length))) + if (!(err= parser_state.init(thd, rawbuf, length))) { err= parse_sql(thd, & parser_state, NULL); *found_semicolon= parser_state.m_lip.found_semicolon; @@ -6073,14 +6073,14 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, 1 can be ignored */ -bool mysql_test_parse_for_slave(THD *thd, char *inBuf, uint length) +bool mysql_test_parse_for_slave(THD *thd, char *rawbuf, uint length) { LEX *lex= thd->lex; bool error= 0; DBUG_ENTER("mysql_test_parse_for_slave"); Parser_state parser_state; - if (!(error= parser_state.init(thd, inBuf, length))) + if (!(error= parser_state.init(thd, rawbuf, length))) { lex_start(thd); mysql_reset_thd_for_next_command(thd); diff --git a/sql/sql_partition.cc b/sql/sql_partition.cc index 122ae661046..76caa2b0c8d 100644 --- a/sql/sql_partition.cc +++ b/sql/sql_partition.cc @@ -3876,7 +3876,7 @@ void get_partition_set(const TABLE *table, uchar *buf, const uint index, */ bool mysql_unpack_partition(THD *thd, - const char *part_buf, uint part_info_len, + char *part_buf, uint part_info_len, const char *part_state, uint part_state_len, TABLE* table, bool is_create_table_ind, handlerton *default_db_type, diff --git a/sql/sql_partition.h b/sql/sql_partition.h index b9efbf25a00..02a5ead1117 100644 --- a/sql/sql_partition.h +++ b/sql/sql_partition.h @@ -78,7 +78,7 @@ void get_full_part_id_from_key(const TABLE *table, uchar *buf, KEY *key_info, const key_range *key_spec, part_id_range *part_spec); -bool mysql_unpack_partition(THD *thd, const char *part_buf, +bool mysql_unpack_partition(THD *thd, char *part_buf, uint part_info_len, const char *part_state, uint part_state_len, TABLE *table, bool is_create_table_ind, diff --git a/sql/table.h b/sql/table.h index 3ef3c5e0cb2..8ea7175eec4 100644 --- a/sql/table.h +++ b/sql/table.h @@ -442,7 +442,7 @@ typedef struct st_table_share #ifdef WITH_PARTITION_STORAGE_ENGINE /** @todo: Move into *ha_data for partitioning */ bool auto_partitioned; - const char *partition_info; + char *partition_info; uint partition_info_len; uint partition_info_buffer_size; const char *part_state; -- cgit v1.2.1