From: Date: January 31 2008 1:56pm Subject: bk commit into 5.0 tree (pekka:1.2590) BUG#34107 List-Archive: http://lists.mysql.com/commits/41496 X-Bug: 34107 Message-Id: <20080131125618.525C923DEC@sama.localdomain> Below is the list of changes that have just been committed into a local 5.0 repository of pekka. When pekka does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2008-01-31 13:56:12+01:00, pekka@stripped +4 -0 ndb - bug#34107 patch 1, kernel ndb/src/kernel/blocks/dbtup/Dbtup.hpp@stripped, 2008-01-31 13:54:29+01:00, pekka@stripped +3 -1 bug#34107 check stored proc overflow ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp@stripped, 2008-01-31 13:54:29+01:00, pekka@stripped +8 -0 bug#34107 check stored proc overflow ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp@stripped, 2008-01-31 13:54:29+01:00, pekka@stripped +11 -5 bug#34107 check stored proc overflow ndb/src/ndbapi/ndberror.c@stripped, 2008-01-31 13:55:02+01:00, pekka@stripped +1 -0 bug#34107 check stored proc overflow diff -Nrup a/ndb/src/kernel/blocks/dbtup/Dbtup.hpp b/ndb/src/kernel/blocks/dbtup/Dbtup.hpp --- a/ndb/src/kernel/blocks/dbtup/Dbtup.hpp 2008-01-27 16:37:49 +01:00 +++ b/ndb/src/kernel/blocks/dbtup/Dbtup.hpp 2008-01-31 13:54:29 +01:00 @@ -198,6 +198,7 @@ #define ZUNSUPPORTED_BRANCH 892 #define ZSTORED_SEIZE_ATTRINBUFREC_ERROR 873 // Part of Scan +#define ZSTORED_TOO_MUCH_ATTRINFO_ERROR 874 #define ZREAD_ONLY_CONSTRAINT_VIOLATION 893 #define ZVAR_SIZED_NOT_SUPPORTED 894 @@ -2173,7 +2174,8 @@ private: Operationrec* regOperPtr, Uint32 lenAttrInfo); void storedSeizeAttrinbufrecErrorLab(Signal* signal, - Operationrec* regOperPtr); + Operationrec* regOperPtr, + Uint32 errorCode); bool storedProcedureAttrInfo(Signal* signal, Operationrec* regOperPtr, Uint32 length, diff -Nrup a/ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp b/ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp --- a/ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp 2007-11-01 07:59:52 +01:00 +++ b/ndb/src/kernel/blocks/dbtup/DbtupExecQuery.cpp 2008-01-31 13:54:29 +01:00 @@ -77,6 +77,14 @@ void Dbtup::copyAttrinfo(Signal* signal, RbufLen = copyAttrBufPtr.p->attrbuf[ZBUF_DATA_LEN]; Rnext = copyAttrBufPtr.p->attrbuf[ZBUF_NEXT]; Rfirst = cfirstfreeAttrbufrec; + /* + * ATTRINFO comes from 2 mutually exclusive places: + * 1) TUPKEYREQ (also interpreted part) + * 2) STORED_PROCREQ before scan start + * Assert here that both have a check for overflow. + * The "<" instead of "<=" is intentional. + */ + ndbrequire(RinBufIndex + RbufLen < ZATTR_BUFFER_SIZE); MEMCOPY_NO_WORDS(&inBuffer[RinBufIndex], ©AttrBufPtr.p->attrbuf[0], RbufLen); diff -Nrup a/ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp b/ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp --- a/ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp 2006-12-23 20:04:15 +01:00 +++ b/ndb/src/kernel/blocks/dbtup/DbtupStoredProcDef.cpp 2008-01-31 13:54:29 +01:00 @@ -108,6 +108,11 @@ void Dbtup::scanProcedure(Signal* signal regOperPtr->attrinbufLen = lenAttrInfo; regOperPtr->currentAttrinbufLen = 0; regOperPtr->pageOffset = storedPtr.i; + if (lenAttrInfo >= ZATTR_BUFFER_SIZE) { // yes ">=" + jam(); + // send REF and change state to ignore the ATTRINFO to come + storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_TOO_MUCH_ATTRINFO_ERROR); + } }//Dbtup::scanProcedure() void Dbtup::copyProcedure(Signal* signal, @@ -146,7 +151,7 @@ bool Dbtup::storedProcedureAttrInfo(Sign Uint32 RnoFree = cnoFreeAttrbufrec; if (ERROR_INSERTED(4004) && !copyProcedure) { CLEAR_ERROR_INSERT_VALUE; - storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); + storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR); return false; }//if regOperPtr->currentAttrinbufLen += length; @@ -162,7 +167,7 @@ bool Dbtup::storedProcedureAttrInfo(Sign regAttrPtr.p->attrbuf[ZBUF_NEXT] = RNIL; } else { ljam(); - storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); + storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR); return false; }//if if (regOperPtr->firstAttrinbufrec == RNIL) { @@ -190,7 +195,7 @@ bool Dbtup::storedProcedureAttrInfo(Sign }//if if (ERROR_INSERTED(4005) && !copyProcedure) { CLEAR_ERROR_INSERT_VALUE; - storedSeizeAttrinbufrecErrorLab(signal, regOperPtr); + storedSeizeAttrinbufrecErrorLab(signal, regOperPtr, ZSTORED_SEIZE_ATTRINBUFREC_ERROR); return false; }//if @@ -211,7 +216,8 @@ bool Dbtup::storedProcedureAttrInfo(Sign }//Dbtup::storedProcedureAttrInfo() void Dbtup::storedSeizeAttrinbufrecErrorLab(Signal* signal, - Operationrec* regOperPtr) + Operationrec* regOperPtr, + Uint32 errorCode) { StoredProcPtr storedPtr; c_storedProcPool.getPtr(storedPtr, (Uint32)regOperPtr->pageOffset); @@ -222,7 +228,7 @@ void Dbtup::storedSeizeAttrinbufrecError regOperPtr->lastAttrinbufrec = RNIL; regOperPtr->transstate = ERROR_WAIT_STORED_PROCREQ; signal->theData[0] = regOperPtr->userpointer; - signal->theData[1] = ZSTORED_SEIZE_ATTRINBUFREC_ERROR; + signal->theData[1] = errorCode; signal->theData[2] = regOperPtr->pageOffset; sendSignal(regOperPtr->userblockref, GSN_STORED_PROCREF, signal, 3, JBB); }//Dbtup::storedSeizeAttrinbufrecErrorLab() diff -Nrup a/ndb/src/ndbapi/ndberror.c b/ndb/src/ndbapi/ndberror.c --- a/ndb/src/ndbapi/ndberror.c 2007-12-06 17:15:10 +01:00 +++ b/ndb/src/ndbapi/ndberror.c 2008-01-31 13:55:02 +01:00 @@ -291,6 +291,7 @@ ErrorBundle ErrorCodes[] = { { 242, AE, "Zero concurrency in scan"}, { 244, AE, "Too high concurrency in scan"}, { 269, AE, "No condition and attributes to read in scan"}, + { 874, AE, "Too much attrinfo (e.g. scan filter) for scan in tuple manager" }, { 4600, AE, "Transaction is already started"}, { 4601, AE, "Transaction is not started"}, { 4602, AE, "You must call getNdbOperation before executeScan" },