diff --git a/client/mysqlbinlog.cc b/client/mysqlbinlog.cc index 8719834..c540714 100644 --- a/client/mysqlbinlog.cc +++ b/client/mysqlbinlog.cc @@ -848,6 +848,8 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev, print_event_info->short_form= short_form; Exit_status retval= OK_CONTINUE; IO_CACHE *const head= &print_event_info->head_cache; + ulong table_id; + bool is_end_of_stmt; /* Format events are not concerned by --offset and such, we always need to @@ -1134,15 +1136,28 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev, case WRITE_ROWS_EVENT: case DELETE_ROWS_EVENT: case UPDATE_ROWS_EVENT: + if (ev_type != TABLE_MAP_EVENT) + { + Rows_log_event *e= (Rows_log_event*) ev; + table_id= e->get_table_id(); + is_end_of_stmt= e->get_flags(Rows_log_event::STMT_END_F) != 0; + goto process_rows_event; + } case PRE_GA_WRITE_ROWS_EVENT: case PRE_GA_DELETE_ROWS_EVENT: case PRE_GA_UPDATE_ROWS_EVENT: { if (ev_type != TABLE_MAP_EVENT) { - Rows_log_event *e= (Rows_log_event*) ev; + { + Old_rows_log_event *e= (Old_rows_log_event*) ev; + table_id= e->get_table_id(); + is_end_of_stmt= e->get_flags(Old_rows_log_event::STMT_END_F) != 0; + } + +process_rows_event: Table_map_log_event *ignored_map= - print_event_info->m_table_map_ignored.get_table(e->get_table_id()); + print_event_info->m_table_map_ignored.get_table(table_id); bool skip_event= (ignored_map != NULL); /* @@ -1150,7 +1165,7 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev, i) destroy/free ignored maps ii) if skip event, flush cache now */ - if (e->get_flags(Rows_log_event::STMT_END_F)) + if (is_end_of_stmt) { /* Now is safe to clear ignored map (clear_tables will also diff --git a/mysys/my_once.c b/mysys/my_once.c index 7df9b0a..03bd670 100644 --- a/mysys/my_once.c +++ b/mysys/my_once.c @@ -106,7 +106,6 @@ void *my_once_memdup(const void *src, size_t len, myf myflags) void my_once_free(void) { reg1 USED_MEM *next,*old; - DBUG_ENTER("my_once_free"); for (next=my_once_root_block ; next ; ) { @@ -114,6 +113,4 @@ void my_once_free(void) free((uchar*) old); } my_once_root_block=0; - - DBUG_VOID_RETURN; } /* my_once_free */ diff --git a/sql/multi_range_read.cc b/sql/multi_range_read.cc index e6cbed7..b6133ea 100644 --- a/sql/multi_range_read.cc +++ b/sql/multi_range_read.cc @@ -1648,7 +1648,7 @@ int DsMrr_impl::dsmrr_explain_info(uint mrr_mode, char *str, size_t size) uint used_str_len= strlen(used_str); uint copy_len= min(used_str_len, size); - memcpy(str, used_str, size); + memcpy(str, used_str, copy_len); return copy_len; } return 0; diff --git a/sql/opt_range.cc b/sql/opt_range.cc index 2205d2f..1b92fce 100644 --- a/sql/opt_range.cc +++ b/sql/opt_range.cc @@ -134,6 +134,16 @@ static int sel_cmp(Field *f,uchar *a,uchar *b,uint8 a_flag,uint8 b_flag); static uchar is_null_string[2]= {1,0}; +static uchar *get_is_null_string_copy(MEM_ROOT *alloc, size_t length) +{ + uchar *str= (uchar *) alloc_root(alloc, length); + if (!str) + return NULL; + memset(str, 0, length); + memcpy(str, is_null_string, min(sizeof(is_null_string), length)); + return str; +} + class RANGE_OPT_PARAM; /* A construction block of the SEL_ARG-graph. @@ -7586,7 +7596,10 @@ get_mm_leaf(RANGE_OPT_PARAM *param, COND *conf_func, Field *field, tree= &null_element; goto end; } - if (!(tree= new (alloc) SEL_ARG(field,is_null_string,is_null_string))) + str= get_is_null_string_copy(alloc, key_part->store_length + 1); + if (!str) + goto end; + if (!(tree= new (alloc) SEL_ARG(field, str, str))) goto end; // out of memory if (type == Item_func::ISNOTNULL_FUNC) { @@ -7870,7 +7883,10 @@ get_mm_leaf(RANGE_OPT_PARAM *param, COND *conf_func, Field *field, tree->min_flag=NO_MIN_RANGE; /* From start */ else { // > NULL - tree->min_value=is_null_string; + str= get_is_null_string_copy(alloc, key_part->store_length + 1); + if (!str) + goto end; + tree->min_value=str; tree->min_flag=NEAR_MIN; } break; diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index d805597..eb6e211 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -801,6 +801,7 @@ void do_handle_bootstrap(THD *thd) handle_bootstrap_impl(thd); end: + set_current_thd(NULL); delete thd; #ifndef EMBEDDED_LIBRARY diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 1f860fe..13b6b84 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -7486,7 +7486,7 @@ TABLE *create_schema_table(THD *thd, TABLE_LIST *table_list) case MYSQL_TYPE_TIMESTAMP: case MYSQL_TYPE_DATETIME: if (!(item=new Item_return_date_time(fields_info->field_name, - MAX_DATETIME_WIDTH, + strnlen(fields_info->field_name, MAX_DATETIME_WIDTH), fields_info->field_type))) DBUG_RETURN(0); break; diff --git a/sql/strfunc.cc b/sql/strfunc.cc index 9603ca3..7c6c223 100644 --- a/sql/strfunc.cc +++ b/sql/strfunc.cc @@ -298,7 +298,10 @@ uint strconvert(CHARSET_INFO *from_cs, const char *from, wc= '?'; } else + { + error_count++; break; // Impossible char. + } outp: diff --git a/strings/ctype-utf8.c b/strings/ctype-utf8.c index 88bab1f..1a07e7d 100644 --- a/strings/ctype-utf8.c +++ b/strings/ctype-utf8.c @@ -4370,7 +4370,7 @@ my_mb_wc_filename(CHARSET_INFO *cs __attribute__((unused)), if (*s != MY_FILENAME_ESCAPE) return MY_CS_ILSEQ; - if (s + 3 > e) + if (s + 3 > e || s[1] == 0 || s[2] == 0) return MY_CS_TOOSMALL3; byte1= s[1]; @@ -4392,7 +4392,7 @@ my_mb_wc_filename(CHARSET_INFO *cs __attribute__((unused)), } } - if (s + 4 > e) + if (s + 4 > e || s[3] == 0 || s[4] == 0) return MY_CS_TOOSMALL4; if ((byte1= hexlo(byte1)) >= 0 && diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index 93ed18e..8a45efb 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -6204,7 +6204,7 @@ static void test_date_dt() static void test_pure_coverage() { MYSQL_STMT *stmt; - MYSQL_BIND my_bind[1]; + MYSQL_BIND my_bind[2]; int rc; ulong length; @@ -8880,10 +8880,13 @@ static void test_parse_error_and_bad_length() DIE_UNLESS(rc); if (!opt_silent) fprintf(stdout, "Got error (as expected): '%s'\n", mysql_error(mysql)); - rc= mysql_real_query(mysql, "SHOW DATABASES", 100); - DIE_UNLESS(rc); - if (!opt_silent) - fprintf(stdout, "Got error (as expected): '%s'\n", mysql_error(mysql)); + // Many other places depend on the fact that client library doesn't treat \0 + // in the middle of the string specially. So commented out test cases are + // invalid. + //rc= mysql_real_query(mysql, "SHOW DATABASES", 100); + //DIE_UNLESS(rc); + //if (!opt_silent) + // fprintf(stdout, "Got error (as expected): '%s'\n", mysql_error(mysql)); stmt= mysql_simple_prepare(mysql, "SHOW DATABAAAA"); DIE_UNLESS(!stmt); @@ -8891,10 +8894,10 @@ static void test_parse_error_and_bad_length() fprintf(stdout, "Got error (as expected): '%s'\n", mysql_error(mysql)); stmt= mysql_stmt_init(mysql); DIE_UNLESS(stmt); - rc= mysql_stmt_prepare(stmt, "SHOW DATABASES", 100); - DIE_UNLESS(rc != 0); - if (!opt_silent) - fprintf(stdout, "Got error (as expected): '%s'\n", mysql_stmt_error(stmt)); + //rc= mysql_stmt_prepare(stmt, "SHOW DATABASES", 100); + //DIE_UNLESS(rc != 0); + //if (!opt_silent) + // fprintf(stdout, "Got error (as expected): '%s'\n", mysql_stmt_error(stmt)); mysql_stmt_close(stmt); } @@ -16927,6 +16930,7 @@ static void test_bug31669() DIE_UNLESS(rc); memset(buff, 'a', sizeof(buff)); + buff[sizeof(buff) - 1]= 0; mysql_close(conn); conn= client_connect(0, MYSQL_PROTOCOL_TCP, 0);