Merge pull request #2 from VarunNagaraju/post-EOL-2

PS-9174 Backport bug fixes from MySQL 8.0.37
VarunNagaraju · May 23, 2024 · 2aaaef6 · 2aaaef6
2 parents 1b0992b + 963d3f4
commit 2aaaef6
Show file tree

Hide file tree

Showing 32 changed files with 836 additions and 61 deletions.
diff --git a/VERSION b/VERSION
@@ -1,4 +1,4 @@
 MYSQL_VERSION_MAJOR=5
 MYSQL_VERSION_MINOR=7
 MYSQL_VERSION_PATCH=44
-MYSQL_VERSION_EXTRA=
+MYSQL_VERSION_EXTRA=-post-eol-2
diff --git a/client/mysqldump.c b/client/mysqldump.c
@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2000, 2023, Oracle and/or its affiliates.
+   Copyright (c) 2000, 2024, Oracle and/or its affiliates.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -701,6 +701,39 @@ static void short_usage(void)
   printf("For more options, use %s --help\n", my_progname);
 }
 
+static void get_safe_server_info(char *safe_server_info,
+                                 size_t safe_server_info_len) {
+  const char *server_info = mysql_get_server_info(&mysql_connection);
+  size_t i;
+  if (server_info == NULL) {
+    safe_server_info[0] = 0;
+    return;
+  }
+  DBUG_EXECUTE_IF("server_version_injection_test",
+  {
+    const char *payload= "5.7.0-injection_test\n\\! touch /tmp/xxx";
+    server_info= payload;
+  });
+  for (i = 0; i < safe_server_info_len; ++i) {
+    // End of string.
+    if (server_info[i] == 0)
+    {
+      safe_server_info[i]= 0;
+      return;
+    }
+    // Version may include only alphanumeric and punctuation characters.
+    // Cut off the rest of the string if incorrect character found.
+    if (!(my_isalnum(charset_info, server_info[i]) || my_ispunct(charset_info, server_info[i])))
+    {
+      safe_server_info[i] = 0;
+      fprintf(stderr,
+              "-- Warning: version string returned by server is incorrect.\n");
+      return;
+    }
+    safe_server_info[i]= server_info[i];
+  }
+  safe_server_info[safe_server_info_len - 1] = 0;
+}
 
 static void write_header(FILE *sql_file, char *db_name)
 {
@@ -721,6 +754,8 @@ static void write_header(FILE *sql_file, char *db_name)
   {
     my_bool freemem= FALSE;
     char const* text= fix_identifier_with_newline(db_name, &freemem);
+    char safe_server_info[SERVER_VERSION_LENGTH];
+    get_safe_server_info(safe_server_info, SERVER_VERSION_LENGTH);
 
     print_comment(sql_file, 0,
                   "-- MySQL dump %s  Distrib %s, for %s (%s)\n--\n",
@@ -736,8 +771,7 @@ static void write_header(FILE *sql_file, char *db_name)
     print_comment(sql_file, 0,
                   "-- ------------------------------------------------------\n"
                  );
-    print_comment(sql_file, 0, "-- Server version\t%s\n",
-                  mysql_get_server_info(&mysql_connection));
+    print_comment(sql_file, 0, "-- Server version\t%s\n", safe_server_info);
 
     if (opt_set_charset)
       fprintf(sql_file,

diff --git a/mysql-test/r/mysqldump_debug_bugs.result b/mysql-test/r/mysqldump_debug_bugs.result
@@ -0,0 +1,14 @@
+#
+# Bug#36248967: Security issue in mysqldump (mysql dump utility)
+#
+CREATE DATABASE test_bug36248967;
+-- Run mysqldump with payload injected to server version.
+A warning must be issued.
+-- Warning: version string returned by server is incorrect.
+The test version must be found:
+Pattern found.
+The test injected string must not be found:
+Pattern not found.
+-- Run mysqldump with correct server version.
+A warning must not be issued.
+DROP DATABASE test_bug36248967;
diff --git a/mysql-test/r/select_distinct_debug.result b/mysql-test/r/select_distinct_debug.result
@@ -0,0 +1,74 @@
+#
+# Bug #35854362: INCORRECT RESULTS WHEN USING GROUP BY LOOSE
+#                INDEX SCAN
+#
+CREATE TABLE t1 (
+a1 CHAR(64),
+a2 CHAR(64),
+b CHAR(16),
+c CHAR(16) NOT NULL,
+d CHAR(16),
+dummy CHAR(248) DEFAULT ' '
+  );
+INSERT INTO t1 (a1, a2, b, c, d) VALUES
+('a','a','a','a111','xy1'),('a','a','a','b111','xy2'),('a','a','a','c111','xy3'),('a','a','a','d111','xy4'),
+('a','a','b','e112','xy1'),('a','a','b','f112','xy2'),('a','a','b','g112','xy3'),('a','a','b','h112','xy4'),
+('a','b','a','i121','xy1'),('a','b','a','j121','xy2'),('a','b','a','k121','xy3'),('a','b','a','l121','xy4'),
+('a','b','b','m122','xy1'),('a','b','b','n122','xy2'),('a','b','b','o122','xy3'),('a','b','b','p122','xy4'),
+('b','a','a','a211','xy1'),('b','a','a','b211','xy2'),('b','a','a','c211','xy3'),('b','a','a','d211','xy4'),
+('b','a','b','e212','xy1'),('b','a','b','f212','xy2'),('b','a','b','g212','xy3'),('b','a','b','h212','xy4'),
+('b','b','a','i221','xy1'),('b','b','a','j221','xy2'),('b','b','a','k221','xy3'),('b','b','a','l221','xy4'),
+('b','b','b','m222','xy1'),('b','b','b','n222','xy2'),('b','b','b','o222','xy3'),('b','b','b','p222','xy4'),
+('c','a','a','a311','xy1'),('c','a','a','b311','xy2'),('c','a','a','c311','xy3'),('c','a','a','d311','xy4'),
+('c','a','b','e312','xy1'),('c','a','b','f312','xy2'),('c','a','b','g312','xy3'),('c','a','b','h312','xy4'),
+('c','b','a','i321','xy1'),('c','b','a','j321','xy2'),('c','b','a','k321','xy3'),('c','b','a','l321','xy4'),
+('c','b','b','m322','xy1'),('c','b','b','n322','xy2'),('c','b','b','o322','xy3'),('c','b','b','p322','xy4'),
+('d','a','a','a411','xy1'),('d','a','a','b411','xy2'),('d','a','a','c411','xy3'),('d','a','a','d411','xy4'),
+('d','a','b','e412','xy1'),('d','a','b','f412','xy2'),('d','a','b','g412','xy3'),('d','a','b','h412','xy4'),
+('d','b','a','i421','xy1'),('d','b','a','j421','xy2'),('d','b','a','k421','xy3'),('d','b','a','l421','xy4'),
+('d','b','b','m422','xy1'),('d','b','b','n422','xy2'),('d','b','b','o422','xy3'),('d','b','b','p422','xy4'),
+('a','a','a','a111','xy1'),('a','a','a','b111','xy2'),('a','a','a','c111','xy3'),('a','a','a','d111','xy4'),
+('a','a','b','e112','xy1'),('a','a','b','f112','xy2'),('a','a','b','g112','xy3'),('a','a','b','h112','xy4'),
+('a','b','a','i121','xy1'),('a','b','a','j121','xy2'),('a','b','a','k121','xy3'),('a','b','a','l121','xy4'),
+('a','b','b','m122','xy1'),('a','b','b','n122','xy2'),('a','b','b','o122','xy3'),('a','b','b','p122','xy4'),
+('b','a','a','a211','xy1'),('b','a','a','b211','xy2'),('b','a','a','c211','xy3'),('b','a','a','d211','xy4'),
+('b','a','b','e212','xy1'),('b','a','b','f212','xy2'),('b','a','b','g212','xy3'),('b','a','b','h212','xy4'),
+('b','b','a','i221','xy1'),('b','b','a','j221','xy2'),('b','b','a','k221','xy3'),('b','b','a','l221','xy4'),
+('b','b','b','m222','xy1'),('b','b','b','n222','xy2'),('b','b','b','o222','xy3'),('b','b','b','p222','xy4'),
+('c','a','a','a311','xy1'),('c','a','a','b311','xy2'),('c','a','a','c311','xy3'),('c','a','a','d311','xy4'),
+('c','a','b','e312','xy1'),('c','a','b','f312','xy2'),('c','a','b','g312','xy3'),('c','a','b','h312','xy4'),
+('c','b','a','i321','xy1'),('c','b','a','j321','xy2'),('c','b','a','k321','xy3'),('c','b','a','l321','xy4'),
+('c','b','b','m322','xy1'),('c','b','b','n322','xy2'),('c','b','b','o322','xy3'),('c','b','b','p322','xy4'),
+('d','a','a','a411','xy1'),('d','a','a','b411','xy2'),('d','a','a','c411','xy3'),('d','a','a','d411','xy4'),
+('d','a','b','e412','xy1'),('d','a','b','f412','xy2'),('d','a','b','g412','xy3'),('d','a','b','h412','xy4'),
+('d','b','a','i421','xy1'),('d','b','a','j421','xy2'),('d','b','a','k421','xy3'),('d','b','a','l421','xy4'),
+('d','b','b','m422','xy1'),('d','b','b','n422','xy2'),('d','b','b','o422','xy3'),('d','b','b','p422','xy4');
+CREATE INDEX idx_t1_0 ON t1 (a1);
+CREATE INDEX idx_t1_1 ON t1 (a1,a2,b,c);
+CREATE INDEX idx_t1_2 on t1 (a1,a2,b);
+CREATE PROCEDURE insert_multiple_rows(IN num_rows INT)
+BEGIN
+DECLARE counter INT DEFAULT 0;
+WHILE counter < num_rows DO
+INSERT INTO t1 (a1, a2, b, c, d, dummy)
+VALUES ('b', 'a', 'a', 'a211', 'xy1', '');
+SET counter = counter + 1;
+END WHILE;
+END $$
+CALL insert_multiple_rows(1000);
+SELECT @@innodb_purge_stop_now INTO @old_val;
+SET GLOBAL innodb_purge_stop_now = 1;
+DELETE FROM t1 WHERE a1 = 'b';
+SET SESSION DEBUG="+d,force_lis_for_group_by";
+SELECT DISTINCT a1
+FROM t1
+WHERE a1 IN ('a', 'd')
+AND a2 = 'b';
+a1
+a
+d
+SET SESSION DEBUG="-d,force_lis_for_group_by";
+SET GLOBAL innodb_purge_stop_now = @old_val;
+SET GLOBAL innodb_purge_run_now=1;
+DROP PROCEDURE insert_multiple_rows;
+DROP TABLE t1;
diff --git a/mysql-test/suite/binlog/r/binlog_gtid_recovery.result b/mysql-test/suite/binlog/r/binlog_gtid_recovery.result
@@ -0,0 +1,22 @@
+RESET MASTER;
+CREATE TABLE t1 (c1 INT NOT NULL PRIMARY KEY) ENGINE=InnoDB;
+SHOW BINARY LOGS;
+Log_name	File_size
+master-bin.000001	352
+SELECT * FROM mysql.gtid_executed;
+source_uuid	interval_start	interval_end
+Kill the server
+# Kill the server
+Restart the server only to kill it before GTID is saved during recovery process
+Start the server again to see if server recovers GTIDs from binlogs and updates @@global.gtid_executed and mysql.gtid_executed table.
+# restart
+SELECT interval_start, interval_end from mysql.gtid_executed;
+interval_start	interval_end
+1	1
+SHOW BINARY LOGS;
+Log_name	File_size
+master-bin.000001	352
+master-bin.000002	123
+master-bin.000003	194
+include/assert.inc [GTID should be properly updated]
+DROP TABLE t1;
diff --git a/mysql-test/suite/binlog/t/binlog_gtid_recovery-master.opt b/mysql-test/suite/binlog/t/binlog_gtid_recovery-master.opt
@@ -0,0 +1 @@
+--enforce-gtid-consistency --gtid-mode=ON
diff --git a/mysql-test/suite/binlog/t/binlog_gtid_recovery.test b/mysql-test/suite/binlog/t/binlog_gtid_recovery.test
@@ -0,0 +1,40 @@
+# PS-9132 mysql.gtid_executed persistent GTID info lost when MySQL crash in Gtid_state::save
+#
+--source include/have_debug.inc
+--source include/have_log_bin.inc
+--source include/have_gtid.inc
+
+RESET MASTER;
+CREATE TABLE t1 (c1 INT NOT NULL PRIMARY KEY) ENGINE=InnoDB;
+
+SHOW BINARY LOGS;
+SELECT * FROM mysql.gtid_executed;
+
+--echo Kill the server
+--source include/kill_mysqld.inc
+
+--echo Restart the server only to kill it before GTID is saved during recovery process
+--error 137
+--exec $MYSQLD_CMD --debug="d,crash_before_gtid_persist"
+
+--echo Start the server again to see if server recovers GTIDs from binlogs and updates @@global.gtid_executed and mysql.gtid_executed table.
+--source include/start_mysqld.inc
+
+SELECT interval_start, interval_end from mysql.gtid_executed;
+SHOW BINARY LOGS;
+
+# Verify if GTID_EXECUTED is updated with the Previous_gtids properly
+--let $prev_gtid = query_get_value(SHOW BINLOG EVENTS in 'master-bin.000003', Info, 2)
+--let $gtid_executed = `SELECT @@GLOBAL.GTID_EXECUTED`
+if($prev_gtid == '') {
+    die "Could not find Previous_gtid_log_event in the last binary log parsed by the server";
+}
+if($gtid_executed == '') {
+    die "Server could not recover GTIDs from binary logs during recovery";
+}
+--let $assert_text = GTID should be properly updated
+--let $assert_cond = "$prev_gtid" = "$gtid_executed"
+--source include/assert.inc
+
+#Cleanup
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/percona_bug_ps9092.result b/mysql-test/suite/innodb/r/percona_bug_ps9092.result
@@ -0,0 +1,89 @@
+#
+# PS-9092: Data inconsistencies when high rate of pages split/merge
+#
+CREATE TABLE testTable (`key` INT UNSIGNED, version BIGINT UNSIGNED, rowmarker CHAR(3) NOT NULL DEFAULT 'aaa', value MEDIUMBLOB, PRIMARY KEY (`key`, version)) ENGINE=InnoDB;
+CREATE TABLE stopper (i INT);
+INSERT INTO stopper VALUES (1);
+CREATE PROCEDURE lft() BEGIN
+DECLARE rnd VARBINARY(1024);
+SET rnd = RANDOM_BYTES(1024);
+INSERT INTO testTable (`key`, version, value) VALUES (0, 18446744073709551615, LEFT(rnd, 1));
+WHILE (SELECT COUNT(*) FROM stopper) DO
+UPDATE testTable SET value = LEFT(rnd, RAND()*1023+1) WHERE `key` = 0;
+END WHILE;
+END |
+CREATE PROCEDURE rght() BEGIN
+DECLARE rnd VARBINARY(1024);
+SET rnd = RANDOM_BYTES(1024);
+INSERT INTO testTable (`key`, version, value) VALUES (2, 18446744073709551615, LEFT(rnd, 1));
+WHILE (SELECT COUNT(*) FROM stopper) DO
+UPDATE testTable SET value = LEFT(rnd, RAND()*1023+1) WHERE `key` = 2;
+END WHILE;
+END |
+CREATE PROCEDURE mdl() BEGIN
+DECLARE rnd VARBINARY(1024);
+DECLARE v BIGINT UNSIGNED DEFAULT 0;
+SET rnd = RANDOM_BYTES(1024);
+WHILE (SELECT COUNT(*) FROM stopper) DO
+SET v = v + 1;
+INSERT INTO testTable (`key`, version, value) VALUES (1, 18446744073709551615 - v, LEFT(rnd, RAND()*1023+1));
+IF RAND() <= 0.05 THEN
+DELETE from testTable WHERE `key`=1 AND version > 18446744073709551615 - v;
+END IF;
+END WHILE;
+END|
+CREATE PROCEDURE ck() BEGIN
+DECLARE global_max_seen BIGINT UNSIGNED DEFAULT 0;
+foo: WHILE global_max_seen < 5000 DO
+BEGIN
+DECLARE done INT DEFAULT 0;
+DECLARE local_max_seen BIGINT UNSIGNED DEFAULT 0;
+DECLARE k INT;
+DECLARE u BIGINT UNSIGNED;
+DECLARE v BIGINT UNSIGNED;
+DECLARE c1 CURSOR FOR select `key`, version FROM testTable WHERE `key` >= 1  AND `key` <= 1 ORDER BY `key` DESC;
+DECLARE CONTINUE HANDLER FOR SQLSTATE '02000' SET done = 1;
+OPEN c1;
+REPEAT
+FETCH c1 INTO k, v;
+SET u = 18446744073709551615 - v;
+IF u > local_max_seen THEN
+SET local_max_seen = u;
+END IF;
+UNTIL done END REPEAT;
+CLOSE c1;
+IF local_max_seen < global_max_seen THEN
+SELECT "ERROR! local_max_seen < global_max_seen!" AS msg, local_max_seen, global_max_seen;
+LEAVE foo;
+END IF;
+SET global_max_seen = local_max_seen;
+END;
+END WHILE;
+END|
+connect  con1,localhost,root,,;
+CALL lft();
+connect  con2,localhost,root,,;
+CALL mdl();
+connect  con3,localhost,root,,;
+CALL rght();
+connect  con4,localhost,root,,;
+#
+# Check procedure is not supposed to return ERROR.
+CALL ck();
+#
+# Stop activity in other connections
+DELETE FROM stopper;
+disconnect con4;
+connection con1;
+disconnect con1;
+connection con2;
+disconnect con2;
+connection con3;
+disconnect con3;
+connection default;
+DROP TABLE stopper;
+DROP TABLE testTable;
+DROP PROCEDURE lft;
+DROP PROCEDURE mdl;
+DROP PROCEDURE rght;
+DROP PROCEDURE ck;