Imported Upstream version 5.5.46

Docs/INFO_SRC

-commit: 5a44e1a4024f1760021e5c6fd65773584d60513a
-date: 2015-06-09 22:16:26 +0200
-build-date: 2015-06-09 22:25:59 +0200 
-short: 5a44e1a
+commit: 16c4b3c68b06653592a9500050ad977a38f4ebae
+date: 2015-10-09 16:43:59 +0200
+build-date: 2015-10-09 18:51:17 +0200 
+short: 16c4b3c
 branch: HEAD
 
 
-MySQL source 5.5.44
+MySQL source 5.5.46

VERSION

 MYSQL_VERSION_MAJOR=5
 MYSQL_VERSION_MINOR=5
-MYSQL_VERSION_PATCH=44
+MYSQL_VERSION_PATCH=46
 MYSQL_VERSION_EXTRA=

client/CMakeLists.txt

-# Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -47,6 +47,7 @@ MYSQL_ADD_EXECUTABLE(mysqldump mysqldump.c ../sql-common/my_user.c)
 TARGET_LINK_LIBRARIES(mysqldump mysqlclient)
 
 MYSQL_ADD_EXECUTABLE(mysqlimport mysqlimport.c)
+SET_SOURCE_FILES_PROPERTIES(mysqlimport.c PROPERTIES COMPILE_FLAGS "-DTHREADS")
 TARGET_LINK_LIBRARIES(mysqlimport mysqlclient)
 
 MYSQL_ADD_EXECUTABLE(mysql_upgrade mysql_upgrade.c COMPONENT Server)

client/mysql_upgrade.c

@@ -1061,7 +1061,7 @@ int main(int argc, char **argv)
     printf("This installation of MySQL is already upgraded to %s, "
            "use --force if you still need to run mysql_upgrade\n",
            MYSQL_SERVER_VERSION);
-    die(NULL);
+    goto end;
   }
 
   if (opt_version_check && check_version_match())
@@ -1084,6 +1084,7 @@ int main(int argc, char **argv)
   /* Create a file indicating upgrade has been performed */
   create_mysql_upgrade_info_file();
 
+end:
   free_used_memory();
   my_end(my_end_arg);
   exit(0);

client/mysqlbinlog.cc

@@ -66,6 +66,7 @@ ulong server_id = 0;
 ulong bytes_sent = 0L, bytes_received = 0L;
 ulong mysqld_net_retry_count = 10L;
 ulong open_files_limit;
+ulong opt_binlog_rows_event_max_size;
 uint test_flags = 0; 
 static uint opt_protocol= 0;
 static FILE *result_file;
@@ -1432,6 +1433,12 @@ that may lead to an endless loop.",
    "Used to reserve file descriptors for use by this program.",
    &open_files_limit, &open_files_limit, 0, GET_ULONG,
    REQUIRED_ARG, MY_NFILE, 8, OS_FILE_LIMIT, 0, 1, 0},
+  {"binlog-row-event-max-size", 0,
+   "The maximum size of a row-based binary log event in bytes. Rows will be "
+   "grouped into events smaller than this size if possible. "
+   "This value must be a multiple of 256.",
+   &opt_binlog_rows_event_max_size, &opt_binlog_rows_event_max_size, 0,
+   GET_ULONG, REQUIRED_ARG, UINT_MAX,  256, ULONG_MAX,  0, 256,  0},
   {"verify-binlog-checksum", 'c', "Verify checksum binlog events.",
    (uchar**) &opt_verify_binlog_checksum, (uchar**) &opt_verify_binlog_checksum,
    0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},

client/mysqlimport.c

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates.
+   Copyright (c) 2000, 2015, Oracle and/or its affiliates.
+   Copyright (c) 2011, 2015, MariaDB
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -30,19 +31,14 @@
 
 #include "client_priv.h"
 #include "mysql_version.h"
-#ifdef HAVE_LIBPTHREAD
-#include <my_pthread.h>
-#endif
 
 #include <welcome_copyright_notice.h>   /* ORACLE_WELCOME_COPYRIGHT_NOTICE */
 
 
 /* Global Thread counter */
-uint counter;
-#ifdef HAVE_LIBPTHREAD
+uint counter= 0;
 pthread_mutex_t counter_mutex;
 pthread_cond_t count_threshhold;
-#endif
 
 static void db_error_with_table(MYSQL *mysql, char *table);
 static void db_error(MYSQL *mysql);
@@ -486,6 +482,11 @@ static void safe_exit(int error, MYSQL *mysql)
 {
   if (error && ignore_errors)
     return;
+
+  /* in multi-threaded mode protect from concurrent safe_exit's */
+  if (counter)
+    pthread_mutex_lock(&counter_mutex);
+
   if (mysql)
     mysql_close(mysql);
 
@@ -568,7 +569,6 @@ static char *field_escape(char *to,const char *from,uint length)
 
 int exitcode= 0;
 
-#ifdef HAVE_LIBPTHREAD
 pthread_handler_t worker_thread(void *arg)
 {
   int error;
@@ -608,7 +608,6 @@ pthread_handler_t worker_thread(void *arg)
 
   return 0;
 }
-#endif
 
 
 int main(int argc, char **argv)
@@ -628,7 +627,6 @@ int main(int argc, char **argv)
   }
   sf_leaking_memory=0; /* from now on we cleanup properly */
 
-#ifdef HAVE_LIBPTHREAD
   if (opt_use_threads && !lock_tables)
   {
     pthread_t mainthread;            /* Thread descriptor */
@@ -682,7 +680,6 @@ int main(int argc, char **argv)
     pthread_attr_destroy(&attr);
   }
   else
-#endif
   {
     MYSQL *mysql= 0;
     if (!(mysql= db_connect(current_host,current_db,current_user,opt_password)))

client/mysqlslap.c

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates.
+   Copyright (c) 2005, 2015, Oracle and/or its affiliates.
+   Copyright (c) 2010, 2015, MariaDB
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -244,7 +245,7 @@ void print_conclusions_csv(conclusions *con);
 void generate_stats(conclusions *con, option_string *eng, stats *sptr);
 uint parse_comma(const char *string, uint **range);
 uint parse_delimiter(const char *script, statement **stmt, char delm);
-uint parse_option(const char *origin, option_string **stmt, char delm);
+int parse_option(const char *origin, option_string **stmt, char delm);
 static int drop_schema(MYSQL *mysql, const char *db);
 uint get_random_string(char *buf);
 static statement *build_table_string(void);
@@ -1259,7 +1260,13 @@ get_options(int *argc,char ***argv)
   if (num_int_cols_opt)
   {
     option_string *str;
-    parse_option(num_int_cols_opt, &str, ',');
+    if(parse_option(num_int_cols_opt, &str, ',') == -1)
+    {
+      fprintf(stderr, "Invalid value specified for the option "
+              "'number-int-cols'\n");
+      option_cleanup(str);
+      return 1;
+    }
     num_int_cols= atoi(str->string);
     if (str->option)
       num_int_cols_index= atoi(str->option);
@@ -1270,7 +1277,13 @@ get_options(int *argc,char ***argv)
   if (num_char_cols_opt)
   {
     option_string *str;
-    parse_option(num_char_cols_opt, &str, ',');
+    if(parse_option(num_char_cols_opt, &str, ',') == -1)
+    {
+      fprintf(stderr, "Invalid value specified for the option "
+              "'number-char-cols'\n");
+      option_cleanup(str);
+      return 1;
+    }
     num_char_cols= atoi(str->string);
     if (str->option)
       num_char_cols_index= atoi(str->option);
@@ -1507,7 +1520,13 @@ get_options(int *argc,char ***argv)
     printf("Parsing engines to use.\n");
 
   if (default_engine)
-    parse_option(default_engine, &engine_options, ',');
+  {
+    if(parse_option(default_engine, &engine_options, ',') == -1)
+    {
+      fprintf(stderr, "Invalid value specified for the option 'engine'\n");
+      return 1;
+    }
+  }
 
   if (tty_password)
     opt_password= get_tty_password(NullS);
@@ -1984,7 +2003,7 @@ pthread_handler_t run_task(void *p)
   DBUG_RETURN(0);
 }
 
-uint
+int
 parse_option(const char *origin, option_string **stmt, char delm)
 {
   char *retstr;
@@ -2009,6 +2028,13 @@ parse_option(const char *origin, option_string **stmt, char delm)
     char buffer[HUGE_STRING_LENGTH]= "";
     char *buffer_ptr;
 
+    /*
+      Return an error if the length of the any of the comma seprated value
+      exceeds HUGE_STRING_LENGTH.
+    */
+    if ((size_t)(retstr - ptr) > HUGE_STRING_LENGTH)
+      return -1;
+
     count++;
     strncpy(buffer, ptr, (size_t)(retstr - ptr));
     /*
@@ -2048,6 +2074,13 @@ parse_option(const char *origin, option_string **stmt, char delm)
   {
     char *origin_ptr;
 
+    /*
+      Return an error if the length of the any of the comma seprated value
+      exceeds HUGE_STRING_LENGTH.
+    */
+    if (strlen(ptr) > HUGE_STRING_LENGTH)
+      return -1;
+
     if ((origin_ptr= strchr(ptr, ':')))
     {
       char *option_ptr;
@@ -2058,13 +2091,13 @@ parse_option(const char *origin, option_string **stmt, char delm)
       option_ptr= (char *)ptr + 1 + tmp->length;
 
       /* Move past the : and the first string */
-      tmp->option_length= (size_t)((ptr + length) - option_ptr);
+      tmp->option_length= strlen(option_ptr);
       tmp->option= my_strndup(option_ptr, tmp->option_length,
                               MYF(MY_FAE));
     }
     else
     {
-      tmp->length= (size_t)((ptr + length) - ptr);
+      tmp->length= strlen(ptr);
       tmp->string= my_strndup(ptr, tmp->length, MYF(MY_FAE));
     }
 

cmake/os/Windows.cmake

-# Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.
 # 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -50,10 +50,12 @@ IF(CMAKE_C_COMPILER MATCHES "icl")
  SET(MSVC TRUE)
 ENDIF()
 
-ADD_DEFINITIONS("-D_WINDOWS -D__WIN__ -D_CRT_SECURE_NO_DEPRECATE")
-ADD_DEFINITIONS("-D_WIN32_WINNT=0x0501")
+ADD_DEFINITIONS(-D_WINDOWS -D__WIN__ -D_CRT_SECURE_NO_DEPRECATE)
+ADD_DEFINITIONS(-D_WIN32_WINNT=0x0501)
+# We do not want the windows.h macros min/max
+ADD_DEFINITIONS(-DNOMINMAX)
 # Speed up build process excluding unused header files
-ADD_DEFINITIONS("-DWIN32_LEAN_AND_MEAN")
+ADD_DEFINITIONS(-DWIN32_LEAN_AND_MEAN)
   
 # Adjust compiler and linker flags
 IF(MINGW AND CMAKE_SIZEOF_VOID_P EQUAL 4)

extra/yassl/README

@@ -12,6 +12,35 @@ before calling SSL_new();
 
 *** end Note ***
 
+yaSSL Release notes, version 2.3.8 (9/17/2015)
+    This release of yaSSL fixes a high security vulnerability.  All users
+    SHOULD update.  If using yaSSL for TLS on the server side with private
+    RSA keys allowing ephemeral key exchange you MUST update and regenerate
+    the RSA private keys.  This report is detailed in:
+    https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
+    yaSSL now detects RSA signature faults and returns an error.
+
+yaSSL Patch notes, version 2.3.7e (6/26/2015)
+    This release of yaSSL includes a fix for Date less than comparison.
+    Previously yaSSL would return true on less than comparisons if the Dates
+    were equal. Reported by Oracle. No security problem, but if a cert was
+    generated right now, a server started using it in the same second, and a
+    client tried to verify it in the same second it would report not yet valid.
+
+yaSSL Patch notes, version 2.3.7d (6/22/2015)
+    This release of yaSSL includes a fix for input_buffer set_current with
+    index 0.  SSL_peek() at front of waiting data could trigger.  Robert
+    Golebiowski of Oracle identified and suggested a fix, thanks!
+
+yaSSL Patch notes, version 2.3.7c (6/12/2015)
+    This release of yaSSL does certificate DATE comparisons to the second
+    instead of to the minute, helpful when using freshly generated certs.
+    Though keep in mind that time sync differences could still show up.
+
+yaSSL Patch notes, version 2.3.7b (3/18/2015)
+    This release of yaSSL fixes a potential crash with corrupted private keys.
+    Also detects bad keys earlier for user.
+
 yaSSL Release notes, version 2.3.7 (12/10/2014)
     This release of yaSSL fixes the potential to process duplicate handshake
     messages by explicitly marking/checking received handshake messages.

extra/yassl/include/openssl/ssl.h

@@ -35,7 +35,7 @@
 #include "rsa.h"
 
 
-#define YASSL_VERSION "2.3.7"
+#define YASSL_VERSION "2.3.8"
 
 
 #if defined(__cplusplus)

extra/yassl/include/yassl_error.hpp

@@ -53,7 +53,8 @@ enum YasslError {
     compress_error      = 118,
     decompress_error    = 119,
     pms_version_error   = 120,
-    sanityCipher_error  = 121
+    sanityCipher_error  = 121,
+    rsaSignFault_error  = 122
 
     // !!!! add error message to .cpp !!!!
 

extra/yassl/src/buffer.cpp

@@ -165,7 +165,7 @@ void input_buffer::set_error()
 
 void input_buffer::set_current(uint i) 
 {
-    if (error_ == 0 && (i == 0 || check(i - 1, size_) == 0))
+    if (error_ == 0 && check(i ? i - 1 : 0, size_) == 0)
         current_ = i;
     else
         error_ = -1;

extra/yassl/src/handshake.cpp

@@ -1172,6 +1172,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
 
     CertificateVerify  verify;
     verify.Build(ssl);
+    if (ssl.GetError()) return;
+
     RecordLayerHeader  rlHeader;
     HandShakeHeader    hsHeader;
     mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);

extra/yassl/src/ssl.cpp

@@ -37,6 +37,8 @@
 #include "file.hpp"             // for TaoCrypt Source
 #include "coding.hpp"           // HexDecoder
 #include "helpers.hpp"          // for placement new hack
+#include "rsa.hpp"              // for TaoCrypt RSA key decode
+#include "dsa.hpp"              // for TaoCrypt DSA key decode
 #include <stdio.h>
 
 #ifdef _WIN32
@@ -54,6 +56,8 @@ namespace yaSSL {
 
 int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
 {
+    int ret = SSL_SUCCESS;
+
     if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
         return SSL_BAD_FILETYPE;
 
@@ -141,8 +145,31 @@ int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
             }
         }
     }
+
+    if (type == PrivateKey && ctx->privateKey_) {
+        // see if key is valid early
+        TaoCrypt::Source rsaSource(ctx->privateKey_->get_buffer(),
+                                   ctx->privateKey_->get_length());
+        TaoCrypt::RSA_PrivateKey rsaKey;
+        rsaKey.Initialize(rsaSource);
+
+        if (rsaSource.GetError().What()) {
+            // rsa failed see if DSA works
+
+            TaoCrypt::Source dsaSource(ctx->privateKey_->get_buffer(),
+                                       ctx->privateKey_->get_length());
+            TaoCrypt::DSA_PrivateKey dsaKey;
+            dsaKey.Initialize(dsaSource);
+
+            if (rsaSource.GetError().What()) {
+                // neither worked
+                ret = SSL_FAILURE;
+            }
+        }
+    }
+
     fclose(input);
-    return SSL_SUCCESS;
+    return ret;
 }
 
 

extra/yassl/src/yassl_error.cpp

@@ -148,6 +148,10 @@ void SetErrorString(YasslError error, char* buffer)
         strncpy(buffer, "sanity check on cipher text size error", max);
         break;
 
+    case rsaSignFault_error:
+        strncpy(buffer, "rsa signature fault error", max);
+        break;
+
         // openssl errors
     case SSL_ERROR_WANT_READ :
         strncpy(buffer, "the read operation would block", max);

extra/yassl/src/yassl_imp.cpp

@@ -196,9 +196,16 @@ void DH_Server::build(SSL& ssl)
     sha.update(tmp.get_buffer(), tmp.get_size());
     sha.get_digest(&hash[MD5_LEN]);
 
-    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
+    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
         auth->sign(signature_, hash, sizeof(hash),
                    ssl.getCrypto().get_random());
+        // check for rsa signautre fault
+        if (!auth->verify(hash, sizeof(hash), signature_,
+                                              auth->get_signatureLength())) {
+            ssl.SetError(rsaSignFault_error);
+            return;
+        }
+    }
     else {
         auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
                    ssl.getCrypto().get_random());
@@ -2159,6 +2166,12 @@ void CertificateVerify::Build(SSL& ssl)
         memcpy(sig.get(), len, VERIFY_HEADER);
         rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
                  ssl.getCrypto().get_random());
+        // check for rsa signautre fault
+        if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER,
+                                                      rsa.get_cipherLength())) {
+            ssl.SetError(rsaSignFault_error);
+            return;
+        }
     }
     else {  // DSA
         DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);

extra/yassl/taocrypt/src/asn.cpp

@@ -39,7 +39,7 @@ namespace TaoCrypt {
 namespace { // locals
 
 
-// to the minute
+// to the second
 bool operator>(tm& a, tm& b)
 {
     if (a.tm_year > b.tm_year)
@@ -60,13 +60,18 @@ bool operator>(tm& a, tm& b)
         a.tm_min > b.tm_min)
         return true;
 
+    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon &&
+        a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour &&
+        a.tm_min  == b.tm_min  && a.tm_sec > b.tm_sec)
+        return true;
+
     return false;
 }
 
 
 bool operator<(tm& a, tm&b)
 {
-    return !(a>b);
+    return (b>a);
 }
 
 

extra/yassl/taocrypt/src/rsa.cpp

@@ -140,6 +140,10 @@ word32 RSA_BlockType2::UnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
 void RSA_BlockType1::Pad(const byte* input, word32 inputLen, byte* pkcsBlock,
                          word32 pkcsBlockLen, RandomNumberGenerator&) const
 {
+    // sanity checks
+    if (input == NULL || pkcsBlock == NULL)
+        return;
+
     // convert from bit length to byte length
     if (pkcsBlockLen % 8 != 0)
     {

extra/yassl/testsuite/cipher-test.sh

@@ -4,6 +4,7 @@
 # 
 
 
+no_pid=-1
 server_pid=$no_pid
 
 

mysql-test/disabled.def

@@ -11,9 +11,8 @@
 ##############################################################################
 tablespace               : disabled in MariaDB (no TABLESPACE table attribute)
 events_time_zone         : Test is not predictable as it depends on precise timing.
-lowercase_table3         : Bug#11762269 2010-06-30 alik main.lowercase_table3 on Mac OSX
 read_many_rows_innodb    : Bug#11748886 2010-11-15 mattiasj report already exists
-archive-big              : Bug#11817185 2011-03-10 Anitha Disabled since this leads to timeout on Solaris Sparc
 log_tables-big           : Bug#11756699 2010-11-15 mattiasj report already exists
 mysql_embedded           : Bug#12561297 2011-05-14 Anitha Dependent on PB2 changes - eventum#41836
 file_contents            : MDEV-6526 these files are not installed anymore
+lowercase_fs_on          : lower_case_table_names=0 is not an error until 10.1