List:Commits« Previous MessageNext Message »
From:MySQL Build Team Date:May 6 2011 8:32am
Subject:bzr push into mysql-5.5 branch (build:3492 to 3493)
View as plain text  
 3493 bjorn.munch@stripped	2011-05-06 [merge]
      Merge from mysql-5.5.12-release

    modified:
      mysql-test/r/archive.result
      mysql-test/r/cast.result
      mysql-test/r/explain.result
      mysql-test/r/func_gconcat.result
      mysql-test/r/gis.result
      mysql-test/r/mysqldump.result
      mysql-test/r/sp.result
      mysql-test/r/subselect3.result
      mysql-test/t/archive.test
      mysql-test/t/cast.test
      mysql-test/t/explain.test
      mysql-test/t/gis.test
      mysql-test/t/mysqldump.test
      mysql-test/t/sp.test
      scripts/make_win_bin_dist
      sql/item_timefunc.cc
      sql/sql_acl.cc
      sql/sql_base.cc
      sql/sql_parse.cc
      storage/archive/ha_archive.cc
 3492 Luis Soares	2011-05-06 [merge]
      BUG#12354268
      
      Automerge from mysql-5.1 into mysql-5.5.

    modified:
      client/mysqlbinlog.cc
      mysql-test/r/mysqlbinlog_base64.result
      mysql-test/t/mysqlbinlog_base64.test
=== modified file 'mysql-test/r/archive.result'
--- a/mysql-test/r/archive.result	2010-12-01 12:56:46 +0000
+++ b/mysql-test/r/archive.result	2011-03-03 09:12:32 +0000
@@ -12807,3 +12807,19 @@ DROP TABLE t1;
 #
 CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
 DROP TABLE `a/../`;
+#
+# BUG#57162 - valgrind errors, random data when returning
+#             ordered data from archive tables
+#
+SET sort_buffer_size=32804;
+CREATE TABLE t1(a INT, b CHAR(255), c CHAR(255), d CHAR(255),
+e CHAR(255), f INT) ENGINE=ARCHIVE DEFAULT CHARSET utf8;
+INSERT INTO t1 VALUES(-1,'b','c','d','e',1);
+INSERT INTO t1 SELECT * FROM t1;
+INSERT INTO t1 SELECT * FROM t1;
+INSERT INTO t1 SELECT t1.* FROM t1,t1 t2,t1 t3,t1 t4,t1 t5,t1 t6;
+SELECT * FROM t1 ORDER BY f LIMIT 1;
+a	b	c	d	e	f
+-1	b	c	d	e	1
+DROP TABLE t1;
+SET sort_buffer_size=DEFAULT;

=== modified file 'mysql-test/r/cast.result'
--- a/mysql-test/r/cast.result	2010-04-11 06:52:42 +0000
+++ b/mysql-test/r/cast.result	2011-04-07 12:11:51 +0000
@@ -451,4 +451,21 @@ SELECT CONVERT(t2.a USING UTF8) FROM t1,
 1
 1
 DROP TABLE t1;
+#
+# Bug #11765023: 57934: DOS POSSIBLE SINCE BINARY CASTING 
+#   DOESN'T ADHERE TO MAX_ALLOWED_PACKET
+SET @@GLOBAL.max_allowed_packet=2048;
+Warnings:
+Warning	1708	The value of 'max_allowed_packet' should be no less than the value of 'net_buffer_length'
+SELECT CONVERT('a', BINARY(2049));
+CONVERT('a', BINARY(2049))
+NULL
+Warnings:
+Warning	1301	Result of cast_as_binary() was larger than max_allowed_packet (2048) - truncated
+SELECT CONVERT('a', CHAR(2049));
+CONVERT('a', CHAR(2049))
+NULL
+Warnings:
+Warning	1301	Result of cast_as_char() was larger than max_allowed_packet (2048) - truncated
+SET @@GLOBAL.max_allowed_packet=default;
 End of 5.1 tests

=== modified file 'mysql-test/r/explain.result'
--- a/mysql-test/r/explain.result	2010-12-17 11:11:34 +0000
+++ b/mysql-test/r/explain.result	2011-03-24 10:27:11 +0000
@@ -180,7 +180,6 @@ ERROR 42000: Mixing of GROUP columns (MI
 SHOW WARNINGS;
 Level	Code	Message
 Error	1140	Mixing of GROUP columns (MIN(),MAX(),COUNT(),...) with no GROUP columns is illegal if there is no GROUP BY clause
-Note	1003	select 1 AS `1` from `test`.`t1` where <not>(<exists>(...))
 SET SESSION sql_mode=@old_sql_mode;
 DROP TABLE t1;
 End of 5.0 tests.
@@ -318,3 +317,17 @@ id	select_type	table	type	possible_keys
 DEALLOCATE PREPARE stmt;
 DROP TABLE t1;
 End of 5.1 tests.
+#
+# Bug#11829785 EXPLAIN EXTENDED CRASH WITH RIGHT OUTER JOIN, SUBQUERIES
+#
+CREATE TABLE t1(a INT);
+INSERT INTO t1 VALUES (0), (0);
+PREPARE s FROM 
+'EXPLAIN EXTENDED
+SELECT SUBSTRING(1, (SELECT 1 FROM t1 a1 RIGHT OUTER JOIN t1 ON 0)) AS d
+FROM t1 WHERE 0 > ANY (SELECT @a FROM t1)';
+EXECUTE s;
+ERROR 21000: Subquery returns more than 1 row
+DEALLOCATE PREPARE s;
+DROP TABLE t1;
+#

=== modified file 'mysql-test/r/func_gconcat.result'
--- a/mysql-test/r/func_gconcat.result	2011-03-08 17:39:25 +0000
+++ b/mysql-test/r/func_gconcat.result	2011-03-24 10:27:11 +0000
@@ -1056,7 +1056,6 @@ ERROR HY000: Only constant XPATH queries
 SHOW WARNINGS;
 Level	Code	Message
 Error	1105	Only constant XPATH queries are supported
-Note	1003	select updatexml('1',`test`.`t1`.`a`,'1') AS `UPDATEXML('1', a, '1')` from `test`.`t1` order by (select group_concat(1 separator ',') from `test`.`t1`)
 DROP TABLE t1;
 End of 5.1 tests
 DROP TABLE IF EXISTS t1, t2;

=== modified file 'mysql-test/r/gis.result'
--- a/mysql-test/r/gis.result	2011-03-21 16:09:40 +0000
+++ b/mysql-test/r/gis.result	2011-04-07 10:57:32 +0000
@@ -1043,6 +1043,10 @@ create spatial index i on t1 (a);
 ERROR 42000: A SPATIAL index may only contain a geometrical type column
 drop table t1;
 End of 5.1 tests
+CREATE TABLE t0 (a BINARY(32) NOT NULL);
+CREATE SPATIAL INDEX i on t0 (a);
+ERROR 42000: A SPATIAL index may only contain a geometrical type column
+INSERT INTO t0 VALUES (1);
 CREATE TABLE t1(
 col0 BINARY NOT NULL,
 col2 TIMESTAMP,
@@ -1071,5 +1075,5 @@ col2 LINESTRING,
 SPATIAL INDEX i1 (col1, col2)
 );
 ERROR HY000: Incorrect arguments to SPATIAL INDEX
-DROP TABLE t1;
-DROP TABLE t2;
+DROP TABLE t0, t1, t2;
+End of 5.5 tests

=== modified file 'mysql-test/r/mysqldump.result'
--- a/mysql-test/r/mysqldump.result	2011-03-17 11:01:31 +0000
+++ b/mysql-test/r/mysqldump.result	2011-03-21 14:22:13 +0000
@@ -4626,7 +4626,7 @@ DELIMITER ;
 /*!50003 SET collation_connection  = @saved_col_connection */ ;
 ALTER DATABASE `test-database` CHARACTER SET utf8 COLLATE utf8_unicode_ci ;
 DROP DATABASE `test-database`;
-USE `test`;
+USE test;
 #
 # End of 5.1 tests
 #

=== modified file 'mysql-test/r/sp.result'
--- a/mysql-test/r/sp.result	2011-03-10 08:07:57 +0000
+++ b/mysql-test/r/sp.result	2011-03-17 11:02:19 +0000
@@ -7452,6 +7452,24 @@ c1
 # Cleanup
 drop table t1;
 drop procedure p1;
+# 
+# BUG#11766234: 59299: ASSERT (TABLE_REF->TABLE || TABLE_REF->VIEW) 
+#               FAILS IN SET_FIELD_ITERATOR
+# 
+CREATE TABLE t1 (a INT);
+CREATE TABLE t2 (a INT);
+CREATE VIEW v1 AS SELECT a FROM t2;
+CREATE PROCEDURE proc() SELECT * FROM t1 NATURAL JOIN v1;
+ALTER TABLE t2 CHANGE COLUMN a b CHAR;
+
+CALL proc();
+ERROR HY000: View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
+CALL proc();
+ERROR HY000: View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
+
+DROP TABLE t1,t2;
+DROP VIEW v1;
+DROP PROCEDURE proc;
 
 # --
 # -- Bug 11765684 - 58674: SP-cache does not detect changes in

=== modified file 'mysql-test/r/subselect3.result'
--- a/mysql-test/r/subselect3.result	2010-08-25 19:00:38 +0000
+++ b/mysql-test/r/subselect3.result	2011-03-24 10:27:11 +0000
@@ -865,9 +865,6 @@ Level	Code	Message
 Note	1276	Field or reference 'test.t1.a' of SELECT #3 was resolved in SELECT #2
 Note	1276	Field or reference 'test.t1.c' of SELECT #3 was resolved in SELECT #2
 Error	1054	Unknown column 'c' in 'field list'
-Note	1003	select `c` AS `c` from (select (select count(`test`.`t1`.`a`) from dual group by `c`) AS `(SELECT COUNT(a) FROM 
-(SELECT COUNT(b) FROM t1) AS x GROUP BY c
-)` from `test`.`t1` group by `test`.`t1`.`b`) `y`
 DROP TABLE t1;
 End of 5.0 tests
 create table t0 (a int);

=== modified file 'mysql-test/t/archive.test'
--- a/mysql-test/t/archive.test	2010-12-01 12:56:46 +0000
+++ b/mysql-test/t/archive.test	2011-03-03 09:12:32 +0000
@@ -1730,3 +1730,18 @@ DROP TABLE t1;
 CREATE TABLE `a/../`(a INT) ENGINE=ARCHIVE;
 remove_file $MYSQLD_DATADIR/test/a@002f@002e@002e@stripped;
 DROP TABLE `a/../`;
+
+--echo #
+--echo # BUG#57162 - valgrind errors, random data when returning
+--echo #             ordered data from archive tables
+--echo #
+SET sort_buffer_size=32804;
+CREATE TABLE t1(a INT, b CHAR(255), c CHAR(255), d CHAR(255),
+  e CHAR(255), f INT) ENGINE=ARCHIVE DEFAULT CHARSET utf8;
+INSERT INTO t1 VALUES(-1,'b','c','d','e',1);
+INSERT INTO t1 SELECT * FROM t1;
+INSERT INTO t1 SELECT * FROM t1;
+INSERT INTO t1 SELECT t1.* FROM t1,t1 t2,t1 t3,t1 t4,t1 t5,t1 t6;
+SELECT * FROM t1 ORDER BY f LIMIT 1;
+DROP TABLE t1;
+SET sort_buffer_size=DEFAULT;

=== modified file 'mysql-test/t/cast.test'
--- a/mysql-test/t/cast.test	2010-04-11 06:52:42 +0000
+++ b/mysql-test/t/cast.test	2011-03-15 14:56:11 +0000
@@ -280,5 +280,19 @@ SELECT 1 FROM
 ) AS s LIMIT 1;
 DROP TABLE t1;
 
+--echo #
+--echo # Bug #11765023: 57934: DOS POSSIBLE SINCE BINARY CASTING 
+--echo #   DOESN'T ADHERE TO MAX_ALLOWED_PACKET
+
+SET @@GLOBAL.max_allowed_packet=2048;
+# reconnect to make the new max packet size take effect
+--connect (newconn, localhost, root,,)
+
+SELECT CONVERT('a', BINARY(2049));  
+SELECT CONVERT('a', CHAR(2049));  
+
+connection default;
+disconnect newconn;
+SET @@GLOBAL.max_allowed_packet=default;
 
 --echo End of 5.1 tests

=== modified file 'mysql-test/t/explain.test'
--- a/mysql-test/t/explain.test	2010-12-17 11:11:34 +0000
+++ b/mysql-test/t/explain.test	2011-03-24 10:27:11 +0000
@@ -1,5 +1,5 @@
 #
-# Test of different EXPLAIN's
+# Test of different EXPLAINs
 
 --disable_warnings
 drop table if exists t1;
@@ -275,3 +275,24 @@ DEALLOCATE PREPARE stmt;
 DROP TABLE t1;
 
 --echo End of 5.1 tests.
+
+--echo #
+--echo # Bug#11829785 EXPLAIN EXTENDED CRASH WITH RIGHT OUTER JOIN, SUBQUERIES
+--echo #
+
+CREATE TABLE t1(a INT);
+
+INSERT INTO t1 VALUES (0), (0);
+
+PREPARE s FROM 
+'EXPLAIN EXTENDED
+SELECT SUBSTRING(1, (SELECT 1 FROM t1 a1 RIGHT OUTER JOIN t1 ON 0)) AS d
+FROM t1 WHERE 0 > ANY (SELECT @a FROM t1)';
+
+--error ER_SUBQUERY_NO_1_ROW
+EXECUTE s;
+
+DEALLOCATE PREPARE s;
+DROP TABLE t1;
+
+--echo #

=== modified file 'mysql-test/t/gis.test'
--- a/mysql-test/t/gis.test	2011-03-21 16:09:40 +0000
+++ b/mysql-test/t/gis.test	2011-04-07 10:57:32 +0000
@@ -773,7 +773,14 @@ drop table t1;
 #
 # Bug #50574 5.5.x allows spatial indexes on non-spatial 
 #           columns, causing crashes!
+# Bug#11767480 SPATIAL INDEXES ON NON-SPATIAL COLUMNS 
+#              CAUSE CRASHES.
 #
+CREATE TABLE t0 (a BINARY(32) NOT NULL);
+--error ER_SPATIAL_MUST_HAVE_GEOM_COL
+CREATE SPATIAL INDEX i on t0 (a);
+INSERT INTO t0 VALUES (1);
+
 --error ER_SPATIAL_MUST_HAVE_GEOM_COL
 CREATE TABLE t1(
   col0 BINARY NOT NULL,
@@ -811,6 +818,7 @@ CREATE TABLE t3 (
 );
 
 # cleanup
-DROP TABLE t1;
-DROP TABLE t2;
+DROP TABLE t0, t1, t2;
+
 
+--echo End of 5.5 tests

=== modified file 'mysql-test/t/mysqldump.test'
--- a/mysql-test/t/mysqldump.test	2011-03-17 11:01:31 +0000
+++ b/mysql-test/t/mysqldump.test	2011-03-21 14:22:13 +0000
@@ -2199,7 +2199,7 @@ ALTER DATABASE `test-database` CHARACTER
 
 DROP DATABASE `test-database`;
 # Switching back to test database.
-USE `test`;
+USE test;
 
 --echo #
 --echo # End of 5.1 tests

=== modified file 'mysql-test/t/sp.test'
--- a/mysql-test/t/sp.test	2011-03-10 08:07:57 +0000
+++ b/mysql-test/t/sp.test	2011-03-17 11:02:19 +0000
@@ -8713,6 +8713,30 @@ call p1(3, 2);
 drop table t1;
 drop procedure p1;
 
+
+--echo # 
+--echo # BUG#11766234: 59299: ASSERT (TABLE_REF->TABLE || TABLE_REF->VIEW) 
+--echo #               FAILS IN SET_FIELD_ITERATOR
+--echo # 
+
+CREATE TABLE t1 (a INT);
+CREATE TABLE t2 (a INT);
+CREATE VIEW v1 AS SELECT a FROM t2;
+CREATE PROCEDURE proc() SELECT * FROM t1 NATURAL JOIN v1;
+ALTER TABLE t2 CHANGE COLUMN a b CHAR;
+
+--echo
+--error ER_VIEW_INVALID
+CALL proc();
+--error ER_VIEW_INVALID
+CALL proc();
+
+--echo
+DROP TABLE t1,t2;
+DROP VIEW v1;
+DROP PROCEDURE proc;
+
+
 --echo
 --echo # --
 --echo # -- Bug 11765684 - 58674: SP-cache does not detect changes in

=== modified file 'scripts/make_win_bin_dist'
--- a/scripts/make_win_bin_dist	2011-03-08 17:39:25 +0000
+++ b/scripts/make_win_bin_dist	2011-04-07 10:57:32 +0000
@@ -181,6 +181,7 @@ cp Docs/INSTALL-BINARY    $DESTDIR/Docs/
 cp Docs/manual.chm        $DESTDIR/Docs/ || /bin/true
 cp ChangeLog              $DESTDIR/Docs/ || /bin/true
 cp support-files/my-*.ini $DESTDIR/
+cp README                 $DESTDIR/
 
 if [ -f COPYING ] ; then
   cp COPYING $DESTDIR/

=== modified file 'sql/item_timefunc.cc'
--- a/sql/item_timefunc.cc	2011-04-27 07:46:23 +0000
+++ b/sql/item_timefunc.cc	2011-05-06 08:27:04 +0000
@@ -2524,6 +2524,19 @@ String *Item_char_typecast::val_str(Stri
   String *res;
   uint32 length;
 
+  if (cast_length >= 0 &&
+      ((unsigned) cast_length) > current_thd->variables.max_allowed_packet)
+  {
+    push_warning_printf(current_thd, MYSQL_ERROR::WARN_LEVEL_WARN,
+			ER_WARN_ALLOWED_PACKET_OVERFLOWED,
+			ER(ER_WARN_ALLOWED_PACKET_OVERFLOWED),
+			cast_cs == &my_charset_bin ?
+                        "cast_as_binary" : func_name(),
+                        current_thd->variables.max_allowed_packet);
+    null_value= 1;
+    return 0;
+  }
+
   if (!charset_conversion)
   {
     if (!(res= args[0]->val_str(str)))

=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc	2011-03-18 14:16:17 +0000
+++ b/sql/sql_acl.cc	2011-03-21 14:22:13 +0000
@@ -8399,6 +8399,94 @@ static bool parse_com_change_user_packet
   DBUG_RETURN (0);
 }
 
+#ifndef EMBEDDED_LIBRARY
+/**
+  Get a null character terminated string from a user-supplied buffer.
+
+  @param buffer[in, out]    Pointer to the buffer to be scanned.
+  @param max_bytes_available[in, out]  Limit the bytes to scan.
+  @param string_length[out] The number of characters scanned not including
+                            the null character.
+
+  @remark The string_length does not include the terminating null character.
+          However, after the call, the buffer is increased by string_length+1
+          bytes, beyond the null character if there still available bytes to
+          scan.
+
+  @return pointer to beginning of the string scanned.
+    @retval NULL The buffer content is malformed
+*/
+
+static
+char *get_null_terminated_string(char **buffer,
+                                 size_t *max_bytes_available,
+                                 size_t *string_length)
+{
+  char *str= (char *)memchr(*buffer, '\0', *max_bytes_available);
+
+  if (str == NULL)
+    return NULL;
+
+  *string_length= (size_t)(str - *buffer);
+  *max_bytes_available-= *string_length + 1;
+  str= *buffer;
+  *buffer += *string_length + 1;  
+
+  return str;
+}
+
+/**
+  Get a length encoded string from a user-supplied buffer.
+
+  @param buffer[in, out] The buffer to scan; updates position after scan.
+  @param max_bytes_available[in, out] Limit the number of bytes to scan
+  @param string_length[out] Number of characters scanned
+  
+  @remark In case the length is zero, then the total size of the string is
+    considered to be 1 byte; the size byte.
+
+  @return pointer to first byte after the header in buffer.
+    @retval NULL The buffer content is malformed
+*/
+
+static
+char *get_length_encoded_string(char **buffer,
+                                size_t *max_bytes_available,
+                                size_t *string_length)
+{
+  if (*max_bytes_available == 0)
+    return NULL;
+
+  /* Do double cast to prevent overflow from signed / unsigned conversion */
+  size_t str_len= (size_t)(unsigned char)**buffer;
+
+  /*
+    If the length encoded string has the length 0
+    the total size of the string is only one byte long (the size byte)
+  */
+  if (str_len == 0)
+  {
+    ++*buffer;
+    *string_length= 0;
+    /*
+      Return a pointer to the 0 character so the return value will be
+      an empty string.
+    */
+    return *buffer-1;
+  }
+
+  if (str_len >= *max_bytes_available)
+    return NULL;
+
+  char *str= *buffer+1;
+  *string_length= str_len;
+  *max_bytes_available-= *string_length + 1;
+  *buffer+= *string_length + 1;
+  return str;
+}
+#endif
+
+
 /* the packet format is described in send_client_reply_packet() */
 static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio,
                                            uchar **buff, ulong pkt_len)
@@ -8463,50 +8551,76 @@ static ulong parse_client_handshake_pack
   }
 #endif
 
-  if (end >= (char*) net->read_pos + pkt_len + 2)
+  if (end > (char *)net->read_pos + pkt_len)
     return packet_error;
 
   if ((mpvio->client_capabilities & CLIENT_TRANSACTIONS) &&
       opt_using_transactions)
     net->return_status= mpvio->server_status;
+ 
+  /*
+    In order to safely scan a head for '\0' string terminators
+    we must keep track of how many bytes remain in the allocated
+    buffer or we might read past the end of the buffer.
+  */
+  size_t bytes_remaining_in_packet= pkt_len - (end - (char *)net->read_pos);
 
-  char *user= end;
-  char *passwd= strend(user) + 1;
-  uint user_len= passwd - user - 1, db_len;
-  char *db= passwd;
-  char db_buff[NAME_LEN + 1];           // buffer to store db in utf8
-  char user_buff[USERNAME_LENGTH + 1];	// buffer to store user in utf8
-  uint dummy_errors;
+  size_t user_len;
+  char *user= get_null_terminated_string(&end, &bytes_remaining_in_packet,
+                                         &user_len);
+  if (user == NULL)
+    return packet_error;
 
   /*
-    Old clients send null-terminated string as password; new clients send
+    Old clients send a null-terminated string as password; new clients send
     the size (1 byte) + string (not null-terminated). Hence in case of empty
     password both send '\0'.
-
-    This strlen() can't be easily deleted without changing protocol.
-
-    Cast *passwd to an unsigned char, so that it doesn't extend the sign for
-    *passwd > 127 and become 2**32-127+ after casting to uint.
   */
-  uint passwd_len= mpvio->client_capabilities & CLIENT_SECURE_CONNECTION ?
-                   (uchar) (*passwd++) : strlen(passwd);
-  
-  if (mpvio->client_capabilities & CLIENT_CONNECT_WITH_DB)
+  size_t passwd_len= 0;
+  char *passwd= NULL;
+
+  if (mpvio->client_capabilities & CLIENT_SECURE_CONNECTION)
   {
-    db= db + passwd_len + 1;
-    /* strlen() can't be easily deleted without changing protocol */
-    db_len= strlen(db);
+    /*
+      4.1+ password. First byte is password length.
+    */
+    passwd= get_length_encoded_string(&end, &bytes_remaining_in_packet,
+                                      &passwd_len);
   }
   else
   {
-    db= 0;
-    db_len= 0;
+    /*
+      Old passwords are zero terminated strings.
+    */
+    passwd= get_null_terminated_string(&end, &bytes_remaining_in_packet,
+                                       &passwd_len);
   }
 
-  if (passwd + passwd_len + db_len > (char *) net->read_pos + pkt_len)
+  if (passwd == NULL)
     return packet_error;
 
-  char *client_plugin= passwd + passwd_len + (db ? db_len + 1 : 0);
+  size_t db_len= 0;
+  char *db= NULL;
+
+  if (mpvio->client_capabilities & CLIENT_CONNECT_WITH_DB)
+  {
+    db= get_null_terminated_string(&end, &bytes_remaining_in_packet,
+                                   &db_len);
+    if (db == NULL)
+      return packet_error;
+  }
+
+  size_t client_plugin_len= 0;
+  char *client_plugin= get_null_terminated_string(&end,
+                                                  &bytes_remaining_in_packet,
+                                                  &client_plugin_len);
+  if (client_plugin == NULL)
+    client_plugin= &empty_c_string[0];
+ 
+  char db_buff[NAME_LEN + 1];           // buffer to store db in utf8
+  char user_buff[USERNAME_LENGTH + 1];	// buffer to store user in utf8
+  uint dummy_errors;
+  
 
   /* Since 4.1 all database names are stored in utf8 */
   if (db)
@@ -8552,18 +8666,18 @@ static ulong parse_client_handshake_pack
   if (find_mpvio_user(mpvio))
     return packet_error;
 
-  if (mpvio->client_capabilities & CLIENT_PLUGIN_AUTH)
-  {
-    if ((client_plugin + strlen(client_plugin)) > 
-          (char *) net->read_pos + pkt_len)
-      return packet_error;
-  }
-  else
+  if (!(mpvio->client_capabilities & CLIENT_PLUGIN_AUTH))
   {
+    /*
+      An old client is connecting
+    */
     if (mpvio->client_capabilities & CLIENT_SECURE_CONNECTION)
       client_plugin= native_password_plugin_name.str;
     else
     {
+      /*
+        A really old client is connecting
+      */
       client_plugin= old_password_plugin_name.str;
       /*
         For a passwordless accounts we use native_password_plugin.

=== modified file 'sql/sql_base.cc'
--- a/sql/sql_base.cc	2011-04-12 10:57:02 +0000
+++ b/sql/sql_base.cc	2011-05-06 08:27:04 +0000
@@ -7602,9 +7602,10 @@ static bool setup_natural_join_row_types
                                          List<TABLE_LIST> *from_clause,
                                          Name_resolution_context *context)
 {
+  DBUG_ENTER("setup_natural_join_row_types");
   thd->where= "from clause";
   if (from_clause->elements == 0)
-    return FALSE; /* We come here in the case of UNIONs. */
+    DBUG_RETURN(false); /* We come here in the case of UNIONs. */
 
   List_iterator_fast<TABLE_LIST> table_ref_it(*from_clause);
   TABLE_LIST *table_ref; /* Current table reference. */
@@ -7612,10 +7613,6 @@ static bool setup_natural_join_row_types
   TABLE_LIST *left_neighbor;
   /* Table reference to the right of the current. */
   TABLE_LIST *right_neighbor= NULL;
-  bool save_first_natural_join_processing=
-    context->select_lex->first_natural_join_processing;
-
-  context->select_lex->first_natural_join_processing= FALSE;
 
   /* Note that tables in the list are in reversed order */
   for (left_neighbor= table_ref_it++; left_neighbor ; )
@@ -7627,12 +7624,11 @@ static bool setup_natural_join_row_types
       1) for stored procedures,
       2) for multitable update after lock failure and table reopening.
     */
-    if (save_first_natural_join_processing)
+    if (context->select_lex->first_natural_join_processing)
     {
-      context->select_lex->first_natural_join_processing= FALSE;
       if (store_top_level_join_columns(thd, table_ref,
                                        left_neighbor, right_neighbor))
-        return TRUE;
+        DBUG_RETURN(true);
       if (left_neighbor)
       {
         TABLE_LIST *first_leaf_on_the_right;
@@ -7652,8 +7648,9 @@ static bool setup_natural_join_row_types
   DBUG_ASSERT(right_neighbor);
   context->first_name_resolution_table=
     right_neighbor->first_leaf_for_name_resolution();
+  context->select_lex->first_natural_join_processing= false;
 
-  return FALSE;
+  DBUG_RETURN (false);
 }
 
 

=== modified file 'sql/sql_parse.cc'
--- a/sql/sql_parse.cc	2011-04-15 12:02:22 +0000
+++ b/sql/sql_parse.cc	2011-05-06 08:27:04 +0000
@@ -4434,7 +4434,11 @@ static bool execute_sqlcom_select(THD *t
         return 1;                               /* purecov: inspected */
       thd->send_explain_fields(result);
       res= mysql_explain_union(thd, &thd->lex->unit, result);
-      if (lex->describe & DESCRIBE_EXTENDED)
+      /*
+        The code which prints the extended description is not robust
+        against malformed queries, so skip it if we have an error.
+      */
+      if (!res && (lex->describe & DESCRIBE_EXTENDED))
       {
         char buff[1024];
         String str(buff,(uint32) sizeof(buff), system_charset_info);

=== modified file 'storage/archive/ha_archive.cc'
--- a/storage/archive/ha_archive.cc	2011-05-05 23:50:31 +0000
+++ b/storage/archive/ha_archive.cc	2011-05-06 08:27:04 +0000
@@ -1181,7 +1181,7 @@ int ha_archive::unpack_row(azio_stream *
   ptr+= table->s->null_bytes;
   for (Field **field=table->field ; *field ; field++)
   {
-    if (!((*field)->is_null()))
+    if (!((*field)->is_null_in_record(record)))
     {
       ptr= (*field)->unpack(record + (*field)->offset(table->record[0]), ptr);
     }


Attachment: [text/bzr-bundle] bzr/bjorn.munch@oracle.com-20110506082704-s6dvaxpjt6a81u7c.bundle
Thread
bzr push into mysql-5.5 branch (build:3492 to 3493) MySQL Build Team6 May