3619 Tatjana Azundris Nuernberg 2011-05-12 [merge]
auto-merge
removed:
include/my_handler.h
mysql-test/suite/bugs/
mysql-test/suite/bugs/combinations
mysql-test/suite/bugs/data/
mysql-test/suite/bugs/data/rpl_bug12691.dat
mysql-test/suite/bugs/r/
mysql-test/suite/bugs/r/rpl_bug12691.result
mysql-test/suite/bugs/r/rpl_bug31582.result
mysql-test/suite/bugs/r/rpl_bug31583.result
mysql-test/suite/bugs/r/rpl_bug33029.result
mysql-test/suite/bugs/r/rpl_bug38205.result
mysql-test/suite/bugs/t/
mysql-test/suite/bugs/t/rpl_bug12691.test
mysql-test/suite/bugs/t/rpl_bug31582.test
mysql-test/suite/bugs/t/rpl_bug31583.test
mysql-test/suite/bugs/t/rpl_bug33029.test
mysql-test/suite/bugs/t/rpl_bug38205.test
mysys/my_gethostbyname.c
mysys/my_handler.c
mysys/my_port.c
added:
include/my_compare.h
mysql-test/include/not_crashrep.inc
mysql-test/suite/innodb/r/innodb_bug59410.result
mysql-test/suite/innodb/r/innodb_bug59641.result
mysql-test/suite/innodb/t/innodb_bug59410.test
mysql-test/suite/innodb/t/innodb_bug59641.test
mysql-test/suite/innodb_plugin/r/innodb_bug59410.result
mysql-test/suite/innodb_plugin/r/innodb_bug59641.result
mysql-test/suite/innodb_plugin/t/innodb_bug59410.test
mysql-test/suite/innodb_plugin/t/innodb_bug59641.test
mysys/my_compare.c
win/build-vs10.bat
win/build-vs10_x64.bat
renamed:
mysql-test/r/partition_not_embedded.result => mysql-test/r/partition_myisam.result
mysql-test/suite/bugs/r/rpl_bug23533.result => mysql-test/suite/binlog/r/binlog_bug23533.result
mysql-test/suite/bugs/r/rpl_bug36391.result => mysql-test/suite/binlog/r/binlog_bug36391.result
mysql-test/suite/bugs/r/rpl_bug37426.result => mysql-test/suite/rpl/r/rpl_bug37426.result
mysql-test/suite/bugs/t/rpl_bug23533.test => mysql-test/suite/binlog/t/binlog_bug23533.test
mysql-test/suite/bugs/t/rpl_bug36391-master.opt => mysql-test/suite/binlog/t/binlog_bug36391-master.opt
mysql-test/suite/bugs/t/rpl_bug36391.test => mysql-test/suite/binlog/t/binlog_bug36391.test
mysql-test/suite/bugs/t/rpl_bug37426.test => mysql-test/suite/rpl/t/rpl_bug37426.test
mysql-test/t/partition_not_embedded.test => mysql-test/t/partition_myisam.test
modified:
.bzrignore
CMakeLists.txt
README
client/Makefile.am
client/client_priv.h
client/mysqlbinlog.cc
client/mysqlslap.c
client/mysqltest.cc
cmd-line-utils/libedit/el.c
cmd-line-utils/libedit/vi.c
configure.in
extra/perror.c
extra/replace.c
include/Makefile.am
include/heap.h
include/my_global.h
include/myisam.h
libmysql/CMakeLists.txt
libmysql/Makefile.shared
mysql-test/collections/default.experimental
mysql-test/extra/rpl_tests/rpl_extra_col_master.test
mysql-test/extra/rpl_tests/rpl_record_compare.test
mysql-test/include/mix1.inc
mysql-test/include/mtr_warnings.sql
mysql-test/include/wait_until_disconnected.inc
mysql-test/lib/My/ConfigFactory.pm
mysql-test/lib/My/Find.pm
mysql-test/lib/My/SafeProcess/safe_process.pl
mysql-test/mysql-test-run.pl
mysql-test/r/analyse.result
mysql-test/r/archive.result
mysql-test/r/cast.result
mysql-test/r/ctype_cp932_binlog_stm.result
mysql-test/r/events_1.result
mysql-test/r/events_bugs.result
mysql-test/r/events_restart.result
mysql-test/r/func_group.result
mysql-test/r/func_in.result
mysql-test/r/func_math.result
mysql-test/r/func_time.result
mysql-test/r/gis.result
mysql-test/r/having.result
mysql-test/r/loaddata.result
mysql-test/r/lock_sync.result
mysql-test/r/lowercase_table2.result
mysql-test/r/mysqlbinlog.result
mysql-test/r/mysqlbinlog_base64.result
mysql-test/r/mysqldump.result
mysql-test/r/mysqlslap.result
mysql-test/r/order_by.result
mysql-test/r/packet.result
mysql-test/r/shm.result
mysql-test/r/show_check.result
mysql-test/r/sp-destruct.result
mysql-test/r/subselect.result
mysql-test/r/type_timestamp.result
mysql-test/r/variables-notembedded.result
mysql-test/r/variables.result
mysql-test/r/view.result
mysql-test/suite/binlog/t/binlog_index.test
mysql-test/suite/funcs_1/r/is_columns_is_embedded.result
mysql-test/suite/funcs_1/r/is_columns_myisam_embedded.result
mysql-test/suite/funcs_1/r/is_columns_mysql_embedded.result
mysql-test/suite/innodb/t/innodb_bug53756.test
mysql-test/suite/innodb_plugin/t/innodb_bug53756.test
mysql-test/suite/rpl/r/rpl_extra_col_master_innodb.result
mysql-test/suite/rpl/r/rpl_extra_col_master_myisam.result
mysql-test/suite/rpl/r/rpl_packet.result
mysql-test/suite/rpl/r/rpl_row_rec_comp_innodb.result
mysql-test/suite/rpl/r/rpl_row_rec_comp_myisam.result
mysql-test/suite/rpl/r/rpl_server_id2.result
mysql-test/suite/rpl/t/rpl_loaddata_map-master.opt
mysql-test/suite/rpl/t/rpl_loaddata_map-slave.opt
mysql-test/suite/rpl/t/rpl_row_rec_comp_myisam.test
mysql-test/suite/rpl/t/rpl_row_until.test
mysql-test/suite/rpl/t/rpl_server_id2.test
mysql-test/t/analyse.test
mysql-test/t/archive.test
mysql-test/t/cast.test
mysql-test/t/crash_commit_before.test
mysql-test/t/ctype_cp932_binlog_stm.test
mysql-test/t/events_1.test
mysql-test/t/events_bugs.test
mysql-test/t/events_restart.test
mysql-test/t/func_group.test
mysql-test/t/func_in.test
mysql-test/t/func_math.test
mysql-test/t/func_time.test
mysql-test/t/gis.test
mysql-test/t/having.test
mysql-test/t/loaddata.test
mysql-test/t/lock_sync.test
mysql-test/t/lowercase_table2.test
mysql-test/t/myisam_crash_before_flush_keys.test
mysql-test/t/mysqlbinlog.test
mysql-test/t/mysqlbinlog_base64.test
mysql-test/t/mysqldump.test
mysql-test/t/mysqlslap.test
mysql-test/t/order_by.test
mysql-test/t/show_check.test
mysql-test/t/sp-destruct.test
mysql-test/t/subselect.test
mysql-test/t/type_timestamp.test
mysql-test/t/variables-notembedded.test
mysql-test/t/variables.test
mysql-test/t/view.test
mysys/CMakeLists.txt
mysys/Makefile.am
mysys/my_net.c
plugin/fulltext/plugin_example.c
scripts/make_win_bin_dist
sql-common/my_time.c
sql/event_db_repository.cc
sql/field.cc
sql/field.h
sql/ha_partition.cc
sql/ha_partition.h
sql/handler.cc
sql/handler.h
sql/hostname.cc
sql/item.cc
sql/item.h
sql/item_cmpfunc.cc
sql/item_func.cc
sql/item_sum.cc
sql/item_timefunc.cc
sql/item_timefunc.h
sql/log_event.cc
sql/mysqld.cc
sql/opt_range.cc
sql/opt_sum.cc
sql/set_var.cc
sql/slave.cc
sql/sql_base.cc
sql/sql_class.cc
sql/sql_connect.cc
sql/sql_load.cc
sql/sql_select.cc
sql/sql_select.h
sql/sql_show.cc
sql/sql_table.cc
storage/archive/ha_archive.cc
storage/heap/ha_heap.cc
storage/heap/ha_heap.h
storage/innobase/handler/ha_innodb.cc
storage/innobase/include/sync0arr.h
storage/innobase/include/trx0trx.h
storage/innobase/log/log0log.c
storage/innobase/srv/srv0srv.c
storage/innobase/sync/sync0arr.c
storage/innobase/trx/trx0trx.c
storage/innodb_plugin/ChangeLog
storage/innodb_plugin/btr/btr0cur.c
storage/innodb_plugin/btr/btr0sea.c
storage/innodb_plugin/buf/buf0buf.c
storage/innodb_plugin/buf/buf0lru.c
storage/innodb_plugin/handler/ha_innodb.cc
storage/innodb_plugin/handler/ha_innodb.h
storage/innodb_plugin/handler/handler0alter.cc
storage/innodb_plugin/include/buf0buf.h
storage/innodb_plugin/include/sync0arr.h
storage/innodb_plugin/include/trx0trx.h
storage/innodb_plugin/include/trx0undo.h
storage/innodb_plugin/log/log0log.c
storage/innodb_plugin/page/page0zip.c
storage/innodb_plugin/srv/srv0srv.c
storage/innodb_plugin/sync/sync0arr.c
storage/innodb_plugin/trx/trx0i_s.c
storage/innodb_plugin/trx/trx0sys.c
storage/innodb_plugin/trx/trx0trx.c
storage/innodb_plugin/trx/trx0undo.c
storage/myisam/ft_stopwords.c
storage/myisam/ha_myisam.cc
storage/myisam/ha_myisam.h
storage/myisam/mi_check.c
storage/myisam/mi_test1.c
storage/myisam/mi_write.c
storage/myisam/myisamdef.h
storage/myisam/sp_test.c
storage/myisammrg/ha_myisammrg.cc
storage/myisammrg/ha_myisammrg.h
storage/ndb/src/kernel/blocks/lgman.cpp
vio/viosocket.c
mysql-test/r/partition_myisam.result
mysql-test/suite/binlog/r/binlog_bug23533.result
mysql-test/suite/binlog/r/binlog_bug36391.result
mysql-test/suite/rpl/r/rpl_bug37426.result
mysql-test/suite/binlog/t/binlog_bug23533.test
mysql-test/suite/binlog/t/binlog_bug36391.test
mysql-test/suite/rpl/t/rpl_bug37426.test
mysql-test/t/partition_myisam.test
=== modified file 'mysql-test/r/type_newdecimal.result'
--- a/mysql-test/r/type_newdecimal.result 2009-12-08 09:26:11 +0000
+++ b/mysql-test/r/type_newdecimal.result 2010-11-11 09:46:49 +0000
@@ -1913,4 +1913,17 @@ group by PAY.id + 1;
mult v_net_with_discount v_total
1.0000 27.18 27.180000
DROP TABLE currencies, payments, sub_tasks;
+#
+# Bug#55436: buffer overflow in debug binary of dbug_buff in
+# Field_new_decimal::store_value
+#
+SET SQL_MODE='';
+CREATE TABLE t1(f1 DECIMAL(44,24)) ENGINE=MYISAM;
+INSERT INTO t1 SET f1 = -64878E-85;
+Warnings:
+Note 1265 Data truncated for column 'f1' at row 1
+SELECT f1 FROM t1;
+f1
+0.000000000000000000000000
+DROP TABLE IF EXISTS t1;
End of 5.1 tests
=== modified file 'mysql-test/t/type_newdecimal.test'
--- a/mysql-test/t/type_newdecimal.test 2009-12-08 09:26:11 +0000
+++ b/mysql-test/t/type_newdecimal.test 2010-11-11 09:46:49 +0000
@@ -1510,5 +1510,19 @@ group by PAY.id + 1;
DROP TABLE currencies, payments, sub_tasks;
+--echo #
+--echo # Bug#55436: buffer overflow in debug binary of dbug_buff in
+--echo # Field_new_decimal::store_value
+--echo #
+
+# this threw memory warnings on Windows. Also make sure future changes
+# don't change these results, as per usual.
+SET SQL_MODE='';
+CREATE TABLE t1(f1 DECIMAL(44,24)) ENGINE=MYISAM;
+INSERT INTO t1 SET f1 = -64878E-85;
+SELECT f1 FROM t1;
+DROP TABLE IF EXISTS t1;
+
+
--echo End of 5.1 tests
=== modified file 'sql/field.cc'
--- a/sql/field.cc 2011-04-12 10:01:33 +0000
+++ b/sql/field.cc 2011-05-12 04:43:53 +0000
@@ -2583,7 +2583,7 @@ bool Field_new_decimal::store_value(cons
DBUG_ENTER("Field_new_decimal::store_value");
#ifndef DBUG_OFF
{
- char dbug_buff[DECIMAL_MAX_STR_LENGTH+1];
+ char dbug_buff[DECIMAL_MAX_STR_LENGTH+2];
DBUG_PRINT("enter", ("value: %s", dbug_decimal_as_string(dbug_buff, decimal_value)));
}
#endif
@@ -2598,7 +2598,7 @@ bool Field_new_decimal::store_value(cons
}
#ifndef DBUG_OFF
{
- char dbug_buff[DECIMAL_MAX_STR_LENGTH+1];
+ char dbug_buff[DECIMAL_MAX_STR_LENGTH+2];
DBUG_PRINT("info", ("saving with precision %d scale: %d value %s",
(int)precision, (int)dec,
dbug_decimal_as_string(dbug_buff, decimal_value)));
@@ -2673,7 +2673,7 @@ int Field_new_decimal::store(const char
}
#ifndef DBUG_OFF
- char dbug_buff[DECIMAL_MAX_STR_LENGTH+1];
+ char dbug_buff[DECIMAL_MAX_STR_LENGTH+2];
DBUG_PRINT("enter", ("value: %s",
dbug_decimal_as_string(dbug_buff, &decimal_value)));
#endif
=== modified file 'sql/my_decimal.cc'
--- a/sql/my_decimal.cc 2010-12-14 16:08:25 +0000
+++ b/sql/my_decimal.cc 2011-05-05 05:39:38 +0000
@@ -95,10 +95,11 @@ int my_decimal2string(uint mask, const m
UNSIGNED. Hence the buffer for a ZEROFILLed value is the length
the user requested, plus one for a possible decimal point, plus
one if the user only wanted decimal places, but we force a leading
- zero on them. Because the type is implicitly UNSIGNED, we do not
- need to reserve a character for the sign. For all other cases,
- fixed_prec will be 0, and my_decimal_string_length() will be called
- instead to calculate the required size of the buffer.
+ zero on them, plus one for the '\0' terminator. Because the type
+ is implicitly UNSIGNED, we do not need to reserve a character for
+ the sign. For all other cases, fixed_prec will be 0, and
+ my_decimal_string_length() will be called instead to calculate the
+ required size of the buffer.
*/
int length= (fixed_prec
? (fixed_prec + ((fixed_prec == fixed_dec) ? 1 : 0) + 1)
@@ -276,7 +277,7 @@ print_decimal_buff(const my_decimal *dec
const char *dbug_decimal_as_string(char *buff, const my_decimal *val)
{
- int length= DECIMAL_MAX_STR_LENGTH;
+ int length= DECIMAL_MAX_STR_LENGTH + 1; /* minimum size for buff */
if (!val)
return "NULL";
(void)decimal2string((decimal_t*) val, buff, &length, 0,0,0);
=== modified file 'sql/my_decimal.h'
--- a/sql/my_decimal.h 2010-10-19 22:36:59 +0000
+++ b/sql/my_decimal.h 2011-05-05 05:39:38 +0000
@@ -55,7 +55,7 @@ C_MODE_END
/**
maximum length of string representation (number of maximum decimal
- digits + 1 position for sign + 1 position for decimal point)
+ digits + 1 position for sign + 1 position for decimal point, no terminator)
*/
#define DECIMAL_MAX_STR_LENGTH (DECIMAL_MAX_POSSIBLE_PRECISION + 2)
@@ -212,6 +212,7 @@ inline uint32 my_decimal_precision_to_le
inline
int my_decimal_string_length(const my_decimal *d)
{
+ /* length of string representation including terminating '\0' */
return decimal_string_size(d);
}
=== modified file 'strings/decimal.c'
--- a/strings/decimal.c 2011-01-19 13:17:52 +0000
+++ b/strings/decimal.c 2011-05-12 02:41:51 +0000
@@ -320,8 +320,8 @@ int decimal_actual_fraction(decimal_t *f
from - value to convert
to - points to buffer where string representation
should be stored
- *to_len - in: size of to buffer
- out: length of the actually written string
+ *to_len - in: size of to buffer (incl. terminating '\0')
+ out: length of the actually written string (excl. '\0')
fixed_precision - 0 if representation can be variable length and
fixed_decimals will not be checked in this case.
Put number as with fixed point position with this
@@ -338,6 +338,7 @@ int decimal2string(decimal_t *from, char
int fixed_precision, int fixed_decimals,
char filler)
{
+ /* {intg_len, frac_len} output widths; {intg, frac} places in input */
int len, intg, frac= from->frac, i, intg_len, frac_len, fill;
/* number digits before decimal point */
int fixed_intg= (fixed_precision ?
No bundle (reason: useless for push emails).
| Thread |
|---|
| • bzr push into mysql-5.1 branch (tatjana.nuernberg:3619) | Tatjana Azundris Nuernberg | 12 May |
