diff options
author | spamaps-guest <spamaps-guest@bb5a2ed9-75f0-0310-a2b8-e46d7b0922c1> | 2013-03-12 19:18:23 +0000 |
---|---|---|
committer | spamaps-guest <spamaps-guest@bb5a2ed9-75f0-0310-a2b8-e46d7b0922c1> | 2013-03-12 19:18:23 +0000 |
commit | 0636d773f03fcd213d56c26e2c7a93b17a5cbcf6 (patch) | |
tree | 7395b395ad6f26aad71468db48b67a4d7e98a7cf /debian/patches/rpl_mariadb_test.patch | |
parent | 2a4346f0d10ef08fa53716465de590e2a8e1877c (diff) | |
download | mysql-5.5-debian-svn-trunk.tar.gz |
d/p/debian-mdev382-fixup.patch - patch from MariaDB, Thanksdebian-svn-trunk
Kristian Nielsen. resolves CVE-2012-4414 (Closes: #698068)
git-svn-id: svn://svn.debian.org/svn/pkg-mysql/mysql-5.5/branches/unstable@2217 bb5a2ed9-75f0-0310-a2b8-e46d7b0922c1
Diffstat (limited to 'debian/patches/rpl_mariadb_test.patch')
-rw-r--r-- | debian/patches/rpl_mariadb_test.patch | 649 |
1 files changed, 0 insertions, 649 deletions
diff --git a/debian/patches/rpl_mariadb_test.patch b/debian/patches/rpl_mariadb_test.patch deleted file mode 100644 index cd50318..0000000 --- a/debian/patches/rpl_mariadb_test.patch +++ /dev/null @@ -1,649 +0,0 @@ -From: Clint Byrum <spamaps@debian.org> -Description: Add test case for CVE-2012-4414 -Origin: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/3508 -Forwarded: no, upstream will not accept these due to security non-disclosure policies - -Index: mysql-5.5-5.5.30+dfsg/mysql-test/suite/rpl/r/rpl_mdev382.result -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ mysql-5.5-5.5.30+dfsg/mysql-test/suite/rpl/r/rpl_mdev382.result 2013-03-05 06:16:48.508094548 -0800 -@@ -0,0 +1,369 @@ -+include/master-slave.inc -+[connection master] -+create table t1 (a int primary key) engine=innodb; -+create table t2 (a int primary key) engine=myisam; -+begin; -+insert into t1 values (1); -+SET sql_mode = 'ANSI_QUOTES'; -+savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`; -+insert into t1 values (2); -+insert into t2 values (1); -+SET sql_mode = ''; -+rollback to savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`; -+Warnings: -+Warning 1196 Some non-transactional changed tables couldn't be rolled back -+insert into t1 values (3); -+commit; -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # use `test`; create table t1 (a int primary key) engine=innodb -+master-bin.000001 # Query # # use `test`; create table t2 (a int primary key) engine=myisam -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `test`; insert into t2 values (1) -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `test`; insert into t1 values (1) -+master-bin.000001 # Query # # SAVEPOINT "a`; create database couldbebadthingshere; savepoint `dummy" -+master-bin.000001 # Query # # use `test`; insert into t1 values (2) -+master-bin.000001 # Query # # ROLLBACK TO `a``; create database couldbebadthingshere; savepoint ``dummy` -+master-bin.000001 # Query # # use `test`; insert into t1 values (3) -+master-bin.000001 # Xid # # COMMIT /* XID */ -+BEGIN; -+insert into t1 values(10); -+set sql_mode = 'ANSI_QUOTES'; -+set sql_quote_show_create = 1; -+savepoint a; -+insert into t1 values(11); -+savepoint "a""a"; -+insert into t1 values(12); -+set sql_quote_show_create = 0; -+savepoint b; -+insert into t1 values(13); -+savepoint "b""b"; -+insert into t1 values(14); -+set sql_mode = ''; -+set sql_quote_show_create = 1; -+savepoint c; -+insert into t1 values(15); -+savepoint `c``c`; -+insert into t1 values(16); -+set sql_quote_show_create = 0; -+savepoint d; -+insert into t1 values(17); -+savepoint `d``d`; -+insert into t1 values(18); -+COMMIT; -+set sql_quote_show_create = 1; -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `test`; insert into t1 values(10) -+master-bin.000001 # Query # # SAVEPOINT "a" -+master-bin.000001 # Query # # use `test`; insert into t1 values(11) -+master-bin.000001 # Query # # SAVEPOINT "a""a" -+master-bin.000001 # Query # # use `test`; insert into t1 values(12) -+master-bin.000001 # Query # # SAVEPOINT b -+master-bin.000001 # Query # # use `test`; insert into t1 values(13) -+master-bin.000001 # Query # # SAVEPOINT "b""b" -+master-bin.000001 # Query # # use `test`; insert into t1 values(14) -+master-bin.000001 # Query # # SAVEPOINT `c` -+master-bin.000001 # Query # # use `test`; insert into t1 values(15) -+master-bin.000001 # Query # # SAVEPOINT `c``c` -+master-bin.000001 # Query # # use `test`; insert into t1 values(16) -+master-bin.000001 # Query # # SAVEPOINT d -+master-bin.000001 # Query # # use `test`; insert into t1 values(17) -+master-bin.000001 # Query # # SAVEPOINT `d``d` -+master-bin.000001 # Query # # use `test`; insert into t1 values(18) -+master-bin.000001 # Xid # # COMMIT /* XID */ -+*** Test correct USE statement in SHOW BINLOG EVENTS *** -+set sql_mode = 'ANSI_QUOTES'; -+CREATE DATABASE "db1`; SELECT 'oops!'"; -+use "db1`; SELECT 'oops!'"; -+CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM; -+INSERT INTO t1 VALUES (1); -+set sql_mode = ''; -+INSERT INTO t1 VALUES (2); -+set sql_mode = 'ANSI_QUOTES'; -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # CREATE DATABASE "db1`; SELECT 'oops!'" -+master-bin.000001 # Query # # use "db1`; SELECT 'oops!'"; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use "db1`; SELECT 'oops!'"; INSERT INTO t1 VALUES (1) -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use "db1`; SELECT 'oops!'"; INSERT INTO t1 VALUES (2) -+master-bin.000001 # Query # # COMMIT -+set sql_mode = ''; -+set sql_quote_show_create = 0; -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # CREATE DATABASE "db1`; SELECT 'oops!'" -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (1) -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (2) -+master-bin.000001 # Query # # COMMIT -+set sql_quote_show_create = 1; -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # CREATE DATABASE "db1`; SELECT 'oops!'" -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (1) -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (2) -+master-bin.000001 # Query # # COMMIT -+DROP TABLE t1; -+use test; -+***Test LOAD DATA INFILE with various identifiers that need correct quoting *** -+use `db1``; SELECT 'oops!'`; -+set timestamp=1000000000; -+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3), -+`c``3` VARCHAR(7)); -+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f''le.txt' INTO TABLE `t``1` -+ FIELDS TERMINATED BY ',' ESCAPED BY '\\' ENCLOSED BY '''' -+ LINES TERMINATED BY '\n' -+ (`a``1`, @`b```) SET `b``2` = @`b```, `c``3` = concat('|', "b""a'z", "!"); -+SELECT * FROM `t``1`; -+a`1 b`2 c`3 -+fo\o bar |b"a'z! -+truncate `t``1`; -+use test; -+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f''le.txt' -+ INTO TABLE `db1``; SELECT 'oops!'`.`t``1` -+ FIELDS TERMINATED BY ',' ESCAPED BY '\\' ENCLOSED BY '''' -+ LINES TERMINATED BY '\n' -+ (`a``1`, `b``2`) SET `c``3` = concat('|', "b""a'z", "!"); -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+a`1 b`2 c`3 -+fo\o bar |b"a'z! -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3), -+`c``3` VARCHAR(7)) -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Begin_load_query # # ;file_id=#;block_len=# -+master-bin.000001 # Execute_load_query # # use `db1``; SELECT 'oops!'`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f\'le.txt' INTO TABLE `t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, @`b```) SET `b``2`= @`b```, `c``3`= concat('|', "b""a'z", "!") ;file_id=# -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; truncate `t``1` -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Begin_load_query # # ;file_id=#;block_len=# -+master-bin.000001 # Execute_load_query # # use `test`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/f\'le.txt' INTO TABLE `db1``; SELECT 'oops!'`.`t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, `b``2`) SET `c``3`= concat('|', "b""a'z", "!") ;file_id=# -+master-bin.000001 # Query # # COMMIT -+/*!40019 SET @@session.max_insert_delayed_threads=0*/; -+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/; -+DELIMITER /*!*/; -+ROLLBACK/*!*/; -+use `db1``; SELECT 'oops!'`/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+SET @@session.pseudo_thread_id=999999999/*!*/; -+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=0, @@session.unique_checks=1, @@session.autocommit=1/*!*/; -+SET @@session.sql_mode=0/*!*/; -+SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/; -+/*!\C latin1 *//*!*/; -+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/; -+SET @@session.lc_time_names=0/*!*/; -+SET @@session.collation_database=DEFAULT/*!*/; -+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3), -+`c``3` VARCHAR(7)) -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+BEGIN -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+LOAD DATA LOCAL INFILE '<name>' INTO TABLE `t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, @`b```) SET `b``2`= @`b```, `c``3`= concat('|', "b""a'z", "!") -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+COMMIT -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+truncate `t``1` -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+BEGIN -+/*!*/; -+use `test`/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+LOAD DATA LOCAL INFILE '<name>' INTO TABLE `db1``; SELECT 'oops!'`.`t``1` FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a``1`, `b``2`) SET `c``3`= concat('|', "b""a'z", "!") -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+COMMIT -+/*!*/; -+DELIMITER ; -+# End of log file -+ROLLBACK /* added by mysqlbinlog */; -+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/; -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+a`1 b`2 c`3 -+fo\o bar |b"a'z! -+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`; -+drop table t1,t2; -+*** Test truncation of long SET expression in LOAD DATA *** -+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(1000)); -+LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/file.txt' INTO TABLE t1 -+FIELDS TERMINATED BY ',' -+ (a, @b) SET b = CONCAT(@b, '| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|', @b); -+SELECT * FROM t1 ORDER BY a; -+a b -+1 X| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|X -+2 A| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|A -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Begin_load_query # # ;file_id=#;block_len=# -+master-bin.000001 # Execute_load_query # # use `test`; LOAD DATA INFILE 'MYSQLTEST_VARDIR/tmp/file.txt' INTO TABLE `t1` FIELDS TERMINATED BY ',' ENCLOSED BY '' ESCAPED BY '\\' LINES TERMINATED BY '\n' (`a`, @`b`) SET `b`= CONCAT(@b, '| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|', @b) ;file_id=# -+master-bin.000001 # Query # # COMMIT -+SELECT * FROM t1 ORDER BY a; -+a b -+1 X| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|X -+2 A| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|A -+DROP TABLE t1; -+*** Test user variables whose names require correct quoting *** -+use `db1``; SELECT 'oops!'`; -+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100)); -+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100)); -+SELECT @`a``1`:=a1, @`a``2`:=a2, @`a``3`:=a3, @`a``4`:=a4, @`b```:=b, @```c`:=c, @```d```:=d FROM t1; -+@`a``1`:=a1 @`a``2`:=a2 @`a``3`:=a3 @`a``4`:=a4 @`b```:=b @```c`:=c @```d```:=d -+-9223372036854775808 42 9223372036854775807 18446744073709551615 -1.234560123456789e125 -1234501234567890123456789012345678901234567890123456789.0123456789 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98)); -+show binlog events from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100)) -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100)) -+master-bin.000001 # Query # # COMMIT -+master-bin.000001 # Query # # BEGIN -+master-bin.000001 # User var # # @`a``1`=-9223372036854775808 -+master-bin.000001 # User var # # @`a``2`=42 -+master-bin.000001 # User var # # @`a``3`=9223372036854775807 -+master-bin.000001 # User var # # @`a``4`=18446744073709551615 -+master-bin.000001 # User var # # @`b```=-1.234560123456789e125 -+master-bin.000001 # User var # # @```c`=-1234501234567890123456789012345678901234567890123456789.0123456789 -+master-bin.000001 # User var # # @```d```=_latin1 0x78787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878 COLLATE latin1_swedish_ci -+master-bin.000001 # Query # # use `db1``; SELECT 'oops!'`; INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98)) -+master-bin.000001 # Query # # COMMIT -+/*!40019 SET @@session.max_insert_delayed_threads=0*/; -+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/; -+DELIMITER /*!*/; -+ROLLBACK/*!*/; -+use `db1``; SELECT 'oops!'`/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+SET @@session.pseudo_thread_id=999999999/*!*/; -+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=0, @@session.unique_checks=1, @@session.autocommit=1/*!*/; -+SET @@session.sql_mode=0/*!*/; -+SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/; -+/*!\C latin1 *//*!*/; -+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/; -+SET @@session.lc_time_names=0/*!*/; -+SET @@session.collation_database=DEFAULT/*!*/; -+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100)) -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+BEGIN -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100)) -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+COMMIT -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+BEGIN -+/*!*/; -+SET @`a``1`:=-9223372036854775808/*!*/; -+SET @`a``2`:=42/*!*/; -+SET @`a``3`:=9223372036854775807/*!*/; -+SET @`a``4`:=18446744073709551615/*!*/; -+SET @`b```:=-1.2345601234568e+125/*!*/; -+SET @```c`:=-1234501234567890123456789012345678901234567890123456789.0123456789/*!*/; -+SET @```d```:=_latin1 0x78787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878787878 COLLATE `latin1_swedish_ci`/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98)) -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+COMMIT -+/*!*/; -+DELIMITER ; -+# End of log file -+ROLLBACK /* added by mysqlbinlog */; -+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/; -+SELECT * FROM `db1``; SELECT 'oops!'`.t1 ORDER BY a1; -+a1 a2 a3 a4 b c d -+-9223372036854775808 42 9223372036854775807 18446744073709551615 -1.234560123456789e125 -1234501234567890123456789012345678901234567890123456789.0123456789 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -+-9223372036854775807 4200 9223372036854775806 18446744073709551614 -6.172800617283945e124 -1234501234567890123456789012345678901234567890123456789.0123456789 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -+DROP TABLE t1; -+*** Test correct quoting in foreign key error message *** -+use `db1``; SELECT 'oops!'`; -+CREATE TABLE `t``1` ( `a``` INT PRIMARY KEY) ENGINE=innodb; -+CREATE TABLE `t``2` ( `b``` INT PRIMARY KEY, `c``` INT NOT NULL, -+FOREIGN KEY fk (`c```) REFERENCES `t``1`(`a```)) ENGINE=innodb; -+TRUNCATE `t``1`; -+ERROR 42000: Cannot truncate a table referenced in a foreign key constraint (`db1``; SELECT 'oops!'`.`t``2`, CONSTRAINT `INNODB_FOREIGN_KEY_NAME` FOREIGN KEY (`c```) REFERENCES `db1``; SELECT 'oops!'`.`t``1` (`a```)) -+DROP TABLE `t``2`; -+DROP TABLE `t``1`; -+*** Test correct quoting of DELETE FROM statement binlogged for HEAP table that is emptied due to server restart -+include/stop_slave.inc -+CREATE TABLE `db1``; SELECT 'oops!'`.`t``1` (`a``` INT PRIMARY KEY) ENGINE=heap; -+INSERT INTO `db1``; SELECT 'oops!'`.`t``1` VALUES (1), (2), (5); -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1` ORDER BY 1; -+a` -+1 -+2 -+5 -+set timestamp=1000000000; -+# The table should be empty on the master. -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+a` -+# The DELETE statement should be correctly quoted -+show binlog events in 'master-bin.000002' from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000002 # Query # # BEGIN -+master-bin.000002 # Query # # use `test`; DELETE FROM `db1``; SELECT 'oops!'`.`t``1` -+master-bin.000002 # Query # # COMMIT -+include/start_slave.inc -+# The table should be empty on the slave also. -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+a` -+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`; -+use test; -+DROP DATABASE `db1``; SELECT 'oops!'`; -+*** Test correct quoting of mysqlbinlog --rewrite-db option *** -+CREATE TABLE t1 (a INT PRIMARY KEY); -+INSERT INTO t1 VALUES(1); -+show binlog events in 'master-bin.000002' from <binlog_start>; -+Log_name Pos Event_type Server_id End_log_pos Info -+master-bin.000002 # Query # # BEGIN -+master-bin.000002 # Query # # use `test`; INSERT INTO t1 VALUES(1) -+master-bin.000002 # Query # # COMMIT -+/*!40019 SET @@session.max_insert_delayed_threads=0*/; -+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/; -+DELIMITER /*!*/; -+ROLLBACK/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+SET @@session.pseudo_thread_id=999999999/*!*/; -+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=0, @@session.unique_checks=1, @@session.autocommit=1/*!*/; -+SET @@session.sql_mode=0/*!*/; -+SET @@session.auto_increment_increment=1, @@session.auto_increment_offset=1/*!*/; -+/*!\C latin1 *//*!*/; -+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/; -+SET @@session.lc_time_names=0/*!*/; -+SET @@session.collation_database=DEFAULT/*!*/; -+BEGIN -+/*!*/; -+use `ts``et`/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+INSERT INTO t1 VALUES(1) -+/*!*/; -+SET TIMESTAMP=1000000000/*!*/; -+COMMIT -+/*!*/; -+DELIMITER ; -+# End of log file -+ROLLBACK /* added by mysqlbinlog */; -+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/; -+DROP TABLE t1; -+include/rpl_end.inc -Index: mysql-5.5-5.5.30+dfsg/mysql-test/suite/rpl/t/rpl_mdev382.test -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ mysql-5.5-5.5.30+dfsg/mysql-test/suite/rpl/t/rpl_mdev382.test 2013-03-05 06:16:35.908830274 -0800 -@@ -0,0 +1,265 @@ -+--source include/have_innodb.inc -+--source include/have_binlog_format_statement.inc -+--source include/master-slave.inc -+ -+# MDEV-382: multiple SQL injections in replication code. -+ -+# Test previous SQL injection attack against binlog for SAVEPOINT statement. -+# The test would cause syntax error on slave due to improper quoting of -+# the savepoint name. -+connection master; -+create table t1 (a int primary key) engine=innodb; -+create table t2 (a int primary key) engine=myisam; -+ -+begin; -+insert into t1 values (1); -+SET sql_mode = 'ANSI_QUOTES'; -+savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`; -+insert into t1 values (2); -+insert into t2 values (1); -+SET sql_mode = ''; -+rollback to savepoint `a``; create database couldbebadthingshere; savepoint ``dummy`; -+insert into t1 values (3); -+commit; -+ -+--source include/show_binlog_events.inc -+ -+# This failed due to syntax error in query when the bug was not fixed. -+sync_slave_with_master; -+connection slave; -+ -+# Test some more combinations of ANSI_QUOTES and sql_quote_show_create -+connection master; -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+BEGIN; -+insert into t1 values(10); -+set sql_mode = 'ANSI_QUOTES'; -+set sql_quote_show_create = 1; -+savepoint a; -+insert into t1 values(11); -+savepoint "a""a"; -+insert into t1 values(12); -+set sql_quote_show_create = 0; -+savepoint b; -+insert into t1 values(13); -+savepoint "b""b"; -+insert into t1 values(14); -+set sql_mode = ''; -+set sql_quote_show_create = 1; -+savepoint c; -+insert into t1 values(15); -+savepoint `c``c`; -+insert into t1 values(16); -+set sql_quote_show_create = 0; -+savepoint d; -+insert into t1 values(17); -+savepoint `d``d`; -+insert into t1 values(18); -+COMMIT; -+set sql_quote_show_create = 1; -+ -+--source include/show_binlog_events.inc -+ -+--echo *** Test correct USE statement in SHOW BINLOG EVENTS *** -+connection master; -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+set sql_mode = 'ANSI_QUOTES'; -+CREATE DATABASE "db1`; SELECT 'oops!'"; -+use "db1`; SELECT 'oops!'"; -+CREATE TABLE t1 (a INT PRIMARY KEY) engine=MyISAM; -+INSERT INTO t1 VALUES (1); -+set sql_mode = ''; -+INSERT INTO t1 VALUES (2); -+set sql_mode = 'ANSI_QUOTES'; -+--source include/show_binlog_events.inc -+set sql_mode = ''; -+set sql_quote_show_create = 0; -+--source include/show_binlog_events.inc -+set sql_quote_show_create = 1; -+--source include/show_binlog_events.inc -+DROP TABLE t1; -+ -+use test; -+ -+--echo ***Test LOAD DATA INFILE with various identifiers that need correct quoting *** -+ -+--let $load_file= $MYSQLTEST_VARDIR/tmp/f'le.txt -+--write_file $load_file -+'fo\\o','bar' -+EOF -+ -+use `db1``; SELECT 'oops!'`; -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+set timestamp=1000000000; -+CREATE TABLE `t``1` (`a``1` VARCHAR(4) PRIMARY KEY, `b``2` VARCHAR(3), -+ `c``3` VARCHAR(7)); -+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR -+eval LOAD DATA INFILE '$MYSQLTEST_VARDIR/tmp/f''le.txt' INTO TABLE `t``1` -+ FIELDS TERMINATED BY ',' ESCAPED BY '\\\\' ENCLOSED BY '''' -+ LINES TERMINATED BY '\\n' -+ (`a``1`, @`b```) SET `b``2` = @`b```, `c``3` = concat('|', "b""a'z", "!"); -+ -+SELECT * FROM `t``1`; -+# Also test when code prefixes table name with database. -+truncate `t``1`; -+use test; -+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR -+eval LOAD DATA INFILE '$MYSQLTEST_VARDIR/tmp/f''le.txt' -+ INTO TABLE `db1``; SELECT 'oops!'`.`t``1` -+ FIELDS TERMINATED BY ',' ESCAPED BY '\\\\' ENCLOSED BY '''' -+ LINES TERMINATED BY '\\n' -+ (`a``1`, `b``2`) SET `c``3` = concat('|', "b""a'z", "!"); -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+let $pos2= query_get_value(SHOW MASTER STATUS, Position, 1); -+ -+--source include/show_binlog_events.inc -+let $MYSQLD_DATADIR= `select @@datadir`; -+--replace_regex /LOCAL INFILE '.*SQL_LOAD.*' INTO/LOCAL INFILE '<name>' INTO/ -+--exec $MYSQL_BINLOG --short-form --start-position=$binlog_start --stop-position=$pos2 $MYSQLD_DATADIR/master-bin.000001 -+ -+sync_slave_with_master; -+connection slave; -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+connection master; -+ -+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`; -+--remove_file $load_file -+ -+connection master; -+drop table t1,t2; -+ -+ -+--echo *** Test truncation of long SET expression in LOAD DATA *** -+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(1000)); -+--let $load_file= $MYSQLTEST_VARDIR/tmp/file.txt -+--write_file $load_file -+1,X -+2,A -+EOF -+ -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+# The bug was that the SET expression was truncated to 256 bytes, so test with -+# an expression longer than that. -+--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR -+eval LOAD DATA INFILE '$load_file' INTO TABLE t1 -+ FIELDS TERMINATED BY ',' -+ (a, @b) SET b = CONCAT(@b, '| 123456789A123456789B123456789C123456789D123456789E123456789F123456789G123456789H123456789I123456789J123456789K123456789L123456789M123456789N123456789O123456789P123456789Q123456789R123456789123456789T123456789U123456789V123456789W123456789X123456789Y123456789Z123456789|', @b); -+ -+SELECT * FROM t1 ORDER BY a; -+--source include/show_binlog_events.inc -+ -+sync_slave_with_master; -+connection slave; -+SELECT * FROM t1 ORDER BY a; -+ -+connection master; -+--remove_file $load_file -+DROP TABLE t1; -+ -+ -+--echo *** Test user variables whose names require correct quoting *** -+use `db1``; SELECT 'oops!'`; -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+CREATE TABLE t1 (a1 BIGINT PRIMARY KEY, a2 BIGINT, a3 BIGINT, a4 BIGINT UNSIGNED, b DOUBLE, c DECIMAL(65,10), d VARCHAR(100)); -+INSERT INTO t1 VALUES (-9223372036854775808,42,9223372036854775807,18446744073709551615,-1234560123456789e110, -1234501234567890123456789012345678901234567890123456789.0123456789, REPEAT("x", 100)); -+SELECT @`a``1`:=a1, @`a``2`:=a2, @`a``3`:=a3, @`a``4`:=a4, @`b```:=b, @```c`:=c, @```d```:=d FROM t1; -+INSERT INTO t1 VALUES (@`a``1`+1, @`a``2`*100, @`a``3`-1, @`a``4`-1, @`b```/2, @```c`, substr(@```d```, 2, 98)); -+let $pos2= query_get_value(SHOW MASTER STATUS, Position, 1); -+ -+--source include/show_binlog_events.inc -+ -+--exec $MYSQL_BINLOG --short-form --start-position=$binlog_start --stop-position=$pos2 $MYSQLD_DATADIR/master-bin.000001 -+ -+sync_slave_with_master; -+connection slave; -+SELECT * FROM `db1``; SELECT 'oops!'`.t1 ORDER BY a1; -+ -+connection master; -+DROP TABLE t1; -+ -+--echo *** Test correct quoting in foreign key error message *** -+use `db1``; SELECT 'oops!'`; -+CREATE TABLE `t``1` ( `a``` INT PRIMARY KEY) ENGINE=innodb; -+CREATE TABLE `t``2` ( `b``` INT PRIMARY KEY, `c``` INT NOT NULL, -+ FOREIGN KEY fk (`c```) REFERENCES `t``1`(`a```)) ENGINE=innodb; -+--replace_regex /t@[0-9]+_ibfk_[0-9]+/INNODB_FOREIGN_KEY_NAME/ -+--error ER_TRUNCATE_ILLEGAL_FK -+TRUNCATE `t``1`; -+DROP TABLE `t``2`; -+DROP TABLE `t``1`; -+ -+ -+--echo *** Test correct quoting of DELETE FROM statement binlogged for HEAP table that is emptied due to server restart -+ -+# Let's keep the slave stopped during master restart, to avoid any potential -+# races between slave reconnect and master restart. -+connection slave; -+--source include/stop_slave.inc -+ -+connection master; -+CREATE TABLE `db1``; SELECT 'oops!'`.`t``1` (`a``` INT PRIMARY KEY) ENGINE=heap; -+INSERT INTO `db1``; SELECT 'oops!'`.`t``1` VALUES (1), (2), (5); -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1` ORDER BY 1; -+ -+# Restart the master mysqld. -+# This will cause an implicit truncation of the memory-based table, which will -+# cause logging of an explicit DELETE FROM to binlog. -+--write_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect -+wait-rpl_mdev382.test -+EOF -+ -+--shutdown_server 30 -+ -+--remove_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect -+--write_file $MYSQLTEST_VARDIR/tmp/mysqld.1.expect -+restart-rpl_mdev382.test -+EOF -+ -+connection default; -+--enable_reconnect -+--source include/wait_until_connected_again.inc -+# rpl_end.inc needs to use the connection server_1 -+connection server_1; -+--enable_reconnect -+--source include/wait_until_connected_again.inc -+connection master; -+--enable_reconnect -+--source include/wait_until_connected_again.inc -+set timestamp=1000000000; -+ -+--echo # The table should be empty on the master. -+let $binlog_file= master-bin.000002; -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+ -+--echo # The DELETE statement should be correctly quoted -+--source include/show_binlog_events.inc -+ -+connection slave; -+--source include/start_slave.inc -+ -+connection master; -+sync_slave_with_master; -+connection slave; -+--echo # The table should be empty on the slave also. -+SELECT * FROM `db1``; SELECT 'oops!'`.`t``1`; -+ -+connection master; -+DROP TABLE `db1``; SELECT 'oops!'`.`t``1`; -+sync_slave_with_master; -+ -+ -+connection master; -+use test; -+DROP DATABASE `db1``; SELECT 'oops!'`; -+ -+--echo *** Test correct quoting of mysqlbinlog --rewrite-db option *** -+CREATE TABLE t1 (a INT PRIMARY KEY); -+let $binlog_start= query_get_value(SHOW MASTER STATUS, Position, 1); -+INSERT INTO t1 VALUES(1); -+--source include/show_binlog_events.inc -+let $pos2= query_get_value(SHOW MASTER STATUS, Position, 1); -+--exec $MYSQL_BINLOG --short-form --start-position=$binlog_start --stop-position=$pos2 --rewrite-db='test->ts`et' $MYSQLD_DATADIR/master-bin.000002 -+DROP TABLE t1; -+ -+--source include/rpl_end.inc |