[mysql/f16] Update to MySQL 5.5.22
Tom Lane
tgl at fedoraproject.org
Sat Mar 24 05:17:06 UTC 2012
commit 3c290f50f882f1094c7a95d8b6eff2c965e627c2
Author: Tom Lane <tgl at redhat.com>
Date: Sat Mar 24 01:13:51 2012 -0400
Update to MySQL 5.5.22
.gitignore | 2 +-
mysql-cipherspec.patch | 115 ++++++++++++++++++++
mysql-default-cipher.patch | 246 -------------------------------------------
mysql-logrotate.patch | 60 +++++++++--
mysql-plugin-test.patch | 132 +++++++++---------------
mysql-string-overflow.patch | 55 ++++++++++
mysql.spec | 26 ++++-
mysqld.service | 6 +
sources | 2 +-
9 files changed, 300 insertions(+), 344 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 6039a2e..c15416c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-/mysql-5.5.21-nodocs.tar.gz
+/mysql-5.5.22-nodocs.tar.gz
diff --git a/mysql-cipherspec.patch b/mysql-cipherspec.patch
new file mode 100644
index 0000000..b9180f2
--- /dev/null
+++ b/mysql-cipherspec.patch
@@ -0,0 +1,115 @@
+Some test items assume the default SSL cipher is DHE-RSA-AES256-SHA,
+which is no longer the case as of openssl 1.0.1.
+This patch enhances connect command by an option to specify a cipher
+and tests are adjusted to specify the expected cipher explicitly.
+Upstream bug report: http://bugs.mysql.com/bug.php?id=64461
+
+diff -up mysql-5.5.21/client/mysqltest.cc.cipherspec mysql-5.5.21/client/mysqltest.cc
+--- mysql-5.5.21/client/mysqltest.cc.cipherspec 2012-01-31 12:28:16.000000000 +0100
++++ mysql-5.5.21/client/mysqltest.cc 2012-03-09 14:38:37.083890817 +0100
+@@ -5458,6 +5458,7 @@ void do_connect(struct st_command *comma
+ my_bool con_ssl= 0, con_compress= 0;
+ my_bool con_pipe= 0, con_shm= 0;
+ struct st_connection* con_slot;
++ char *con_cipher=NULL;
+
+ static DYNAMIC_STRING ds_connection_name;
+ static DYNAMIC_STRING ds_host;
+@@ -5546,6 +5547,8 @@ void do_connect(struct st_command *comma
+ con_pipe= 1;
+ else if (!strncmp(con_options, "SHM", 3))
+ con_shm= 1;
++ else if (!strncmp(con_options, "CIPHER:", 7))
++ con_cipher = con_options + 7;
+ else
+ die("Illegal option to connect: %.*s",
+ (int) (end - con_options), con_options);
+@@ -5593,8 +5596,11 @@ void do_connect(struct st_command *comma
+ if (con_ssl)
+ {
+ #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
++ /* default cipher */
++ if (con_cipher == NULL && opt_ssl_cipher != NULL)
++ con_cipher = opt_ssl_cipher;
+ mysql_ssl_set(&con_slot->mysql, opt_ssl_key, opt_ssl_cert, opt_ssl_ca,
+- opt_ssl_capath, opt_ssl_cipher);
++ opt_ssl_capath, con_cipher);
+ #if MYSQL_VERSION_ID >= 50000
+ /* Turn on ssl_verify_server_cert only if host is "localhost" */
+ opt_ssl_verify_server_cert= !strcmp(ds_host.str, "localhost");
+diff -up mysql-5.5.21/mysql-test/t/openssl_1.test.cipherspec mysql-5.5.21/mysql-test/t/openssl_1.test
+--- mysql-5.5.21/mysql-test/t/openssl_1.test.cipherspec 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/openssl_1.test 2012-03-09 14:59:52.305752562 +0100
+@@ -20,13 +20,13 @@ grant select on test.* to ssl_user4 at loca
+ grant select on test.* to ssl_user5 at localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx";
+ flush privileges;
+
+-connect (con1,localhost,ssl_user1,,,,,SSL);
+-connect (con2,localhost,ssl_user2,,,,,SSL);
+-connect (con3,localhost,ssl_user3,,,,,SSL);
+-connect (con4,localhost,ssl_user4,,,,,SSL);
++connect (con1,localhost,ssl_user1,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
++connect (con2,localhost,ssl_user2,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
++connect (con3,localhost,ssl_user3,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
++connect (con4,localhost,ssl_user4,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
+ --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+ --error ER_ACCESS_DENIED_ERROR
+-connect (con5,localhost,ssl_user5,,,,,SSL);
++connect (con5,localhost,ssl_user5,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
+
+ connection con1;
+ # Check ssl turned on
+@@ -119,7 +119,7 @@ drop table t1;
+ # verification of servers certificate by setting both ca certificate
+ # and ca path to NULL
+ #
+---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
++--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
+ --echo End of 5.0 tests
+
+ #
+@@ -244,7 +244,7 @@ select 'is still running; no cipher requ
+
+ GRANT SELECT ON test.* TO bug42158 at localhost REQUIRE X509;
+ FLUSH PRIVILEGES;
+-connect(con1,localhost,bug42158,,,,,SSL);
++connect(con1,localhost,bug42158,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
+ SHOW STATUS LIKE 'Ssl_cipher';
+ disconnect con1;
+ connection default;
+diff -up mysql-5.5.21/mysql-test/t/ssl_8k_key.test.cipherspec mysql-5.5.21/mysql-test/t/ssl_8k_key.test
+--- mysql-5.5.21/mysql-test/t/ssl_8k_key.test.cipherspec 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/ssl_8k_key.test 2012-03-09 14:38:37.084890702 +0100
+@@ -2,7 +2,7 @@
+ #
+ # Bug#29784 YaSSL assertion failure when reading 8k key.
+ #
+---exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
++--exec $MYSQL --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem --ssl-cipher=DHE-RSA-AES256-SHA -e "SHOW STATUS LIKE 'ssl_Cipher'" 2>&1
+
+ ## This test file is for testing encrypted communication only, not other
+ ## encryption routines that the SSL library happens to provide!
+diff -up mysql-5.5.21/mysql-test/t/ssl_compress.test.cipherspec mysql-5.5.21/mysql-test/t/ssl_compress.test
+--- mysql-5.5.21/mysql-test/t/ssl_compress.test.cipherspec 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/ssl_compress.test 2012-03-09 14:38:37.085890587 +0100
+@@ -7,7 +7,7 @@
+ # Save the initial number of concurrent sessions
+ --source include/count_sessions.inc
+
+-connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS);
++connect (ssl_compress_con,localhost,root,,,,,SSL COMPRESS CIPHER:DHE-RSA-AES256-SHA);
+
+ # Check ssl turned on
+ SHOW STATUS LIKE 'Ssl_cipher';
+diff -up mysql-5.5.21/mysql-test/t/ssl.test.cipherspec mysql-5.5.21/mysql-test/t/ssl.test
+--- mysql-5.5.21/mysql-test/t/ssl.test.cipherspec 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/ssl.test 2012-03-09 14:38:37.086890472 +0100
+@@ -6,7 +6,7 @@
+ # Save the initial number of concurrent sessions
+ --source include/count_sessions.inc
+
+-connect (ssl_con,localhost,root,,,,,SSL);
++connect (ssl_con,localhost,root,,,,,SSL CIPHER:DHE-RSA-AES256-SHA);
+
+ # Check ssl turned on
+ SHOW STATUS LIKE 'Ssl_cipher';
diff --git a/mysql-logrotate.patch b/mysql-logrotate.patch
index dd8742a..8ad9d2c 100644
--- a/mysql-logrotate.patch
+++ b/mysql-logrotate.patch
@@ -1,10 +1,21 @@
-Adjust the mysql-log-rotate script to contain the correct log file
-name for Red Hat installations.
+Adjust the mysql-log-rotate script in several ways:
+* Use the correct log file pathname for Red Hat installations.
+* Enable creation of the log file by logrotate (needed since
+ /var/log/ isn't writable by mysql user).
+* Comment out the actual rotation commands, so that user must edit
+ the file to enable rotation. This is unfortunate, but the fact
+ that the script will probably fail without manual configuration
+ (to set a root password) means that we can't really have it turned
+ on by default. Fortunately, in most configurations the log file
+ is low-volume and so rotation is not critical functionality.
-diff -Naur mysql-5.5.20.orig/support-files/mysql-log-rotate.sh mysql-5.5.20/support-files/mysql-log-rotate.sh
---- mysql-5.5.20.orig/support-files/mysql-log-rotate.sh 2011-12-16 14:52:06.000000000 -0500
-+++ mysql-5.5.20/support-files/mysql-log-rotate.sh 2012-01-26 23:24:54.402676177 -0500
+See discussions at RH bugs 799735, 547007
+
+
+diff -Naur mysql-5.5.22.orig/support-files/mysql-log-rotate.sh mysql-5.5.22/support-files/mysql-log-rotate.sh
+--- mysql-5.5.22.orig/support-files/mysql-log-rotate.sh 2012-03-02 14:44:46.000000000 -0500
++++ mysql-5.5.22/support-files/mysql-log-rotate.sh 2012-03-23 22:33:29.092043705 -0400
@@ -3,7 +3,7 @@
# in the [safe_mysqld] section as follows:
#
@@ -14,12 +25,41 @@ diff -Naur mysql-5.5.20.orig/support-files/mysql-log-rotate.sh mysql-5.5.20/supp
#
# If the root user has a password you have to create a
# /root/.my.cnf configuration file with the following
-@@ -18,7 +18,7 @@
+@@ -18,19 +18,21 @@
# ATTENTION: This /root/.my.cnf should be readable ONLY
# for root !
- at localstatedir@/mysqld.log {
-+/var/log/mysqld.log {
- # create 600 mysql mysql
- notifempty
- daily
+- # create 600 mysql mysql
+- notifempty
+- daily
+- rotate 3
+- missingok
+- compress
+- postrotate
+- # just if mysqld is really running
+- if test -x @bindir@/mysqladmin && \
+- @bindir@/mysqladmin ping &>/dev/null
+- then
+- @bindir@/mysqladmin flush-logs
+- fi
+- endscript
+-}
++# Then, un-comment the following lines to enable rotation of mysql's log file:
++
++#/var/log/mysqld.log {
++# create 600 mysql mysql
++# notifempty
++# daily
++# rotate 3
++# missingok
++# compress
++# postrotate
++# # just if mysqld is really running
++# if test -x @bindir@/mysqladmin && \
++# @bindir@/mysqladmin ping &>/dev/null
++# then
++# @bindir@/mysqladmin flush-logs
++# fi
++# endscript
++#}
diff --git a/mysql-plugin-test.patch b/mysql-plugin-test.patch
index c2fbd0c..5d08c32 100644
--- a/mysql-plugin-test.patch
+++ b/mysql-plugin-test.patch
@@ -1,44 +1,48 @@
mysql_plugin.test fails when run in mysql-test RPM, though the build-time
regression test is OK. This patch is from the pre-existing upstream bug
-report, except we also remove the part that tries to scribble on the
-read-only-to-us plugin directory. (That's not a terribly satisfactory
-solution, of course, but I'll leave it to upstream to find a better one.)
+report, except we also fix the part that tries to scribble on the
+read-only-to-us plugin directory.
rhbz #789530, upstream at http://bugs.mysql.com/bug.php?id=62907
-diff -Naur mysql-5.5.21.orig/mysql-test/r/mysql_plugin.result mysql-5.5.21/mysql-test/r/mysql_plugin.result
---- mysql-5.5.21.orig/mysql-test/r/mysql_plugin.result 2012-01-31 06:28:16.000000000 -0500
-+++ mysql-5.5.21/mysql-test/r/mysql_plugin.result 2012-02-26 21:45:40.940840973 -0500
-@@ -29,15 +29,6 @@
- name dl
- daemon_example libdaemon_example.so
- #
--# Ensure the plugin is replaced.
--#
--SELECT * FROM mysql.plugin WHERE dl like '%libdaemon%' ORDER BY name;
--name dl
--daemon_example liblibdaemon_example.so
--#
--# Disable the plugin...
--#
--#
- # Ensure the plugin isn't loaded.
- #
- SELECT * FROM mysql.plugin WHERE dl like '%libdaemon%' ORDER BY name;
-diff -Naur mysql-5.5.21.orig/mysql-test/t/mysql_plugin.test mysql-5.5.21/mysql-test/t/mysql_plugin.test
---- mysql-5.5.21.orig/mysql-test/t/mysql_plugin.test 2012-01-31 06:28:15.000000000 -0500
-+++ mysql-5.5.21/mysql-test/t/mysql_plugin.test 2012-02-26 21:50:43.973450081 -0500
-@@ -24,7 +24,7 @@
-
+diff -up mysql-5.5.21/mysql-test/t/mysql_plugin-master.opt.plugin mysql-5.5.21/mysql-test/t/mysql_plugin-master.opt
+--- mysql-5.5.21/mysql-test/t/mysql_plugin-master.opt.plugin 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/mysql_plugin-master.opt 2012-03-14 16:54:19.060951822 +0100
+@@ -1 +1 @@
+---plugin-dir=$DAEMONEXAMPLE_DIR
++--plugin-dir=$MYSQLTEST_VARDIR/plugin
+diff -up mysql-5.5.21/mysql-test/t/mysql_plugin.test.plugin mysql-5.5.21/mysql-test/t/mysql_plugin.test
+--- mysql-5.5.21/mysql-test/t/mysql_plugin.test.plugin 2012-01-31 12:28:15.000000000 +0100
++++ mysql-5.5.21/mysql-test/t/mysql_plugin.test 2012-03-14 17:11:40.769295981 +0100
+@@ -25,8 +25,10 @@
# Add the datadir, basedir, plugin_dir to the bootstrap command
let $MYSQLD_DATADIR= `select @@datadir`;
--let $MYSQL_BASEDIR= `select @@basedir`;
+ let $MYSQL_BASEDIR= `select @@basedir`;
+let $MYSQLD_TMP_BASEDIR= $MYSQLTEST_VARDIR/tmp;
let $MYSQL_ERRMSG_BASEDIR=`select @@lc_messages_dir`;
let $PLUGIN_DIR=`select @@plugin_dir`;
++let $PLUGIN_BASEDIR=$DAEMONEXAMPLE_DIR;
+
+ --disable_abort_on_error
+
+@@ -51,10 +53,11 @@ use File::Basename;
+ {
+ print FILE "let \$DAEMONEXAMPLE_DIR= $not_found;\n";
+ }
+- if ((!-e $plugindir_ini) || (!-r $plugindir_ini))
+- {
+- print FILE "let \$PLUGIN_DIR= $not_found;\n";
+- }
++# This test doesn't work because $ENV{PLUGIN_DIR} is empty
++# if ((!-e $plugindir_ini) || (!-r $plugindir_ini))
++# {
++# print FILE "let \$PLUGIN_DIR= $not_found;\n";
++# }
+ close FILE;
+ EOF
-@@ -66,10 +66,10 @@
+@@ -66,10 +69,14 @@ remove_file $MYSQL_TMP_DIR/mysqld.inc;
# mysql version, so errmsg.sys will be copied to "basedir/share", we create
# and remove this structure.
@@ -48,12 +52,16 @@ diff -Naur mysql-5.5.21.orig/mysql-test/t/mysql_plugin.test mysql-5.5.21/mysql-t
---copy_file $MYSQL_ERRMSG_BASEDIR/english/errmsg.sys $MYSQLD_BASEDIR/share/mysql/errmsg.sys
+--mkdir $MYSQLD_TMP_BASEDIR/share
+--mkdir $MYSQLD_TMP_BASEDIR/share/mysql
++--mkdir $PLUGIN_DIR
+--copy_file $MYSQL_ERRMSG_BASEDIR/english/errmsg.sys $MYSQLD_TMP_BASEDIR/share/errmsg.sys
+--copy_file $MYSQL_ERRMSG_BASEDIR/english/errmsg.sys $MYSQLD_TMP_BASEDIR/share/mysql/errmsg.sys
++--copy_file $PLUGIN_BASEDIR/libdaemon_example.so $PLUGIN_DIR/libdaemon_example.so
++--copy_file $PLUGIN_BASEDIR/daemon_example.ini $PLUGIN_DIR/daemon_example.ini
++
# The mysql_plugin tool now accepts --my-print-defaults which points to the
# executable my_print_defaults.exe we can get this path from the variable
-@@ -100,7 +100,7 @@
+@@ -100,7 +107,7 @@ if ($PLUGIN_DIR == '')
# Build client command for reuse.
@@ -62,70 +70,26 @@ diff -Naur mysql-5.5.21.orig/mysql-test/t/mysql_plugin.test mysql-5.5.21/mysql-t
--echo #
--echo # Ensure the plugin isn't loaded.
-@@ -198,52 +198,10 @@
- --shutdown_server 10
- --source include/wait_until_disconnected.inc
+@@ -202,7 +209,7 @@ EOF
+ # we must copy the example daemon to a new location renaming it.
--# To test the case where the same plugin is reloaded with a different soname,
--# we must copy the example daemon to a new location renaming it.
--
--let $DAEMON_RELOAD = lib$DAEMONEXAMPLE;
+ let $DAEMON_RELOAD = lib$DAEMONEXAMPLE;
---copy_file $PLUGIN_DIR/$DAEMONEXAMPLE $PLUGIN_DIR/$DAEMON_RELOAD
----copy_file include/libdaemon_example.ini $PLUGIN_DIR/libdaemon_example.ini
--
--# Now reload it and see that it is a different name.
----exec $MYSQL_PLUGIN_CMD ENABLE libdaemon_example
--
--#
--# Restart the server
--#
----append_file $expect_file
--restart
--EOF
----enable_reconnect
----source include/wait_until_connected_again.inc
--
----echo #
----echo # Ensure the plugin is replaced.
----echo #
----replace_regex /\.dll/.so/
--SELECT * FROM mysql.plugin WHERE dl like '%libdaemon%' ORDER BY name;
--
----echo #
----echo # Disable the plugin...
----echo #
--# MTR will remove this file later, but this might be too late.
----error 0,1
----remove_file $expect_file
----write_file $expect_file
--wait
--EOF
----shutdown_server 10
----source include/wait_until_disconnected.inc
--
- #
- # Disable the plugin
- #
----exec $MYSQL_PLUGIN_CMD DISABLE libdaemon_example
--
--# Remove files for last test case.
--
----remove_file $PLUGIN_DIR/$DAEMON_RELOAD
----remove_file $DAEMONEXAMPLE_DIR/libdaemon_example.ini
-+--exec $MYSQL_PLUGIN_CMD DISABLE daemon_example
++--copy_file $PLUGIN_BASEDIR/$DAEMONEXAMPLE $PLUGIN_DIR/$DAEMON_RELOAD
+ --copy_file include/libdaemon_example.ini $PLUGIN_DIR/libdaemon_example.ini
- #
- # Restart the server
-@@ -395,8 +353,10 @@
+ # Now reload it and see that it is a different name.
+@@ -395,8 +402,11 @@ EOF
--remove_file $expect_file
# Cleanup the share folder in the binary path.
---remove_file $MYSQLD_BASEDIR/share/errmsg.sys
---rmdir $MYSQLD_BASEDIR/share/mysql
---rmdir $MYSQLD_BASEDIR/share
++--remove_file $PLUGIN_DIR/daemon_example.ini
++--remove_file $PLUGIN_DIR/libdaemon_example.so
++--rmdir $PLUGIN_DIR
+--remove_file $MYSQLD_TMP_BASEDIR/share/errmsg.sys
-+--remove_file $MYSQLD_TMP_BASEDIR/share/mysql/errmsg.sys
-+
+--rmdir $MYSQLD_TMP_BASEDIR/share/mysql
+--rmdir $MYSQLD_TMP_BASEDIR/share
diff --git a/mysql-string-overflow.patch b/mysql-string-overflow.patch
new file mode 100644
index 0000000..f86d3b9
--- /dev/null
+++ b/mysql-string-overflow.patch
@@ -0,0 +1,55 @@
+These issues were found by Coverity static analysis tool, for more info
+see messages by particular fixes (messages belong to 5.1.61).
+
+Filed upstream at http://bugs.mysql.com/bug.php?id=64631
+
+
+Error: BUFFER_SIZE_WARNING:
+/builddir/build/BUILD/mysql-5.1.61/sql/sql_prepare.cc:2749: buffer_size_warning: Calling strncpy with a maximum size argument of 512 bytes on destination array "this->stmt->last_error" of size 512 bytes might leave the destination string unterminated.
+
+diff -up mysql-5.5.21/sql/sql_prepare.cc.coverity mysql-5.5.21/sql/sql_prepare.cc
+--- mysql-5.5.21/sql/sql_prepare.cc.coverity 2012-03-13 17:24:40.493658626 +0100
++++ mysql-5.5.21/sql/sql_prepare.cc 2012-03-13 17:25:14.574338307 +0100
+@@ -2863,7 +2863,7 @@ void mysql_stmt_get_longdata(THD *thd, c
+ {
+ stmt->state= Query_arena::STMT_ERROR;
+ stmt->last_errno= thd->stmt_da->sql_errno();
+- strncpy(stmt->last_error, thd->stmt_da->message(), MYSQL_ERRMSG_SIZE);
++ strncpy(stmt->last_error, thd->stmt_da->message(), sizeof(stmt->last_error)-1);
+ }
+ thd->stmt_da= save_stmt_da;
+ thd->warning_info= save_warinig_info;
+
+
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/mysql-5.1.61/sql/sql_trigger.cc:2194: fixed_size_dest: You might overrun the 512 byte fixed-size string "this->m_parse_error_message" by copying "error_message" without checking the length.
+/builddir/build/BUILD/mysql-5.1.61/sql/sql_trigger.cc:2194: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
+diff -up mysql-5.5.21/sql/sql_trigger.cc.coverity mysql-5.5.21/sql/sql_trigger.cc
+--- mysql-5.5.21/sql/sql_trigger.cc.coverity 2012-03-13 17:25:50.781985493 +0100
++++ mysql-5.5.21/sql/sql_trigger.cc 2012-03-13 17:27:04.589225626 +0100
+@@ -2260,7 +2260,7 @@ void Table_triggers_list::mark_fields_us
+ void Table_triggers_list::set_parse_error_message(char *error_message)
+ {
+ m_has_unparseable_trigger= true;
+- strcpy(m_parse_error_message, error_message);
++ strncpy(m_parse_error_message, error_message, sizeof(m_parse_error_message)-1);
+ }
+
+
+Error: STRING_OVERFLOW:
+/builddir/build/BUILD/mysql-5.1.61/storage/innodb_plugin/handler/ha_innodb.cc:6544: fixed_size_dest: You might overrun the 512 byte fixed-size string "name2" by copying "name" without checking the length.
+/builddir/build/BUILD/mysql-5.1.61/storage/innodb_plugin/handler/ha_innodb.cc:6544: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.
+
+diff -up mysql-5.5.21/storage/innobase/handler/ha_innodb.cc.coverity mysql-5.5.21/storage/innobase/handler/ha_innodb.cc
+--- mysql-5.5.21/storage/innobase/handler/ha_innodb.cc.coverity 2012-03-13 17:28:52.982738150 +0100
++++ mysql-5.5.21/storage/innobase/handler/ha_innodb.cc 2012-03-13 17:29:14.952427553 +0100
+@@ -6926,7 +6926,7 @@ ha_innobase::create(
+ DBUG_RETURN(HA_ERR_TO_BIG_ROW);
+ }
+
+- strcpy(name2, name);
++ strncpy(name2, name, sizeof(name2)-1);
+
+ normalize_table_name(norm_name, name2);
+
diff --git a/mysql.spec b/mysql.spec
index 9a8fe0e..bc831dd 100644
--- a/mysql.spec
+++ b/mysql.spec
@@ -1,5 +1,5 @@
Name: mysql
-Version: 5.5.21
+Version: 5.5.22
Release: 1%{?dist}
Summary: MySQL client programs and shared libraries
@@ -54,8 +54,9 @@ Patch14: mysql-va-list.patch
Patch15: mysql-netdevname.patch
Patch16: mysql-logrotate.patch
Patch17: mysql-plugin-test.patch
-Patch18: mysql-default-cipher.patch
+Patch18: mysql-cipherspec.patch
Patch19: mysql-file-contents.patch
+Patch20: mysql-string-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: perl, readline-devel, openssl-devel
@@ -211,6 +212,7 @@ the MySQL sources.
%patch17 -p1
%patch18 -p1
%patch19 -p1
+%patch20 -p1
# workaround for upstream bug #56342
rm -f mysql-test/t/ssl_8k_key-master.opt
@@ -691,6 +693,26 @@ fi
%{_mandir}/man1/mysql_client_test.1*
%changelog
+* Sat Mar 24 2012 Tom Lane <tgl at redhat.com> 5.5.22-1
+- Update to MySQL 5.5.22, for various fixes described at
+ http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
+- Turn on PrivateTmp in service file
+Resolves: #782513
+- Comment out the contents of /etc/logrotate.d/mysqld, so that manual
+ action is needed to enable log rotation. Given the multiple ways in
+ which the rotation script can fail, it seems imprudent to try to make
+ it run by default.
+Resolves: #799735
+
+* Tue Mar 20 2012 Honza Horak <hhorak at redhat.com> 5.5.21-3
+- Revise mysql_plugin test patch so it moves plugin files to
+ a temporary directory (better solution to #789530)
+
+* Tue Mar 13 2012 Honza Horak <hhorak at redhat.com> 5.5.21-2
+- Fix ssl-related tests to specify expected cipher explicitly
+Related: #789600
+- Fix several strcpy calls to check destination size
+
* Mon Feb 27 2012 Tom Lane <tgl at redhat.com> 5.5.21-1
- Update to MySQL 5.5.21, for various fixes described at
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html
diff --git a/mysqld.service b/mysqld.service
index b7fa095..7289f9d 100644
--- a/mysqld.service
+++ b/mysqld.service
@@ -14,6 +14,9 @@
# [Service]
# LimitNOFILE=10000
+# Note: in F-17 and beyond, /usr/lib/... is recommended in the .include line
+# though /lib/... will still work.
+
[Unit]
Description=MySQL database server
After=syslog.target
@@ -36,5 +39,8 @@ TimeoutSec=300
# We rely on systemd, not mysqld_safe, to restart mysqld if it dies
Restart=always
+# Place temp files in a secure directory, not /tmp
+PrivateTmp=true
+
[Install]
WantedBy=multi-user.target
diff --git a/sources b/sources
index 2250902..7be9ec4 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-fe73067444e4cc8cdf95b0f32a92363b mysql-5.5.21-nodocs.tar.gz
+897d8ac3e1880de4ad9c27c4a20f887f mysql-5.5.22-nodocs.tar.gz
More information about the scm-commits
mailing list