← Back to branch summary

~ubuntu-branches/ubuntu/lucid/mysql-dfsg-5.1/lucid-security

« back to all changes in this revision

Viewing changes to sql/sql_analyse.cc

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2012-02-22 22:33:55 UTC
  • mfrom: (1.1.5)
  • Revision ID: package-import@ubuntu.com-20120222223355-or06x1euyk8n0ldi
Tags: 5.1.61-0ubuntu0.10.04.1
https://launchpad.net/bugs/937869
* SECURITY UPDATE: Update to 5.1.61 to fix multiple security issues
  (LP: #937869)
  - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
  - CVE-2011-2262
  - CVE-2012-0075
  - CVE-2012-0112
  - CVE-2012-0113
  - CVE-2012-0114
  - CVE-2012-0115
  - CVE-2012-0116
  - CVE-2012-0117
  - CVE-2012-0118
  - CVE-2012-0119
  - CVE-2012-0120
  - CVE-2012-0484
  - CVE-2012-0485
  - CVE-2012-0486
  - CVE-2012-0487
  - CVE-2012-0488
  - CVE-2012-0489
  - CVE-2012-0490
  - CVE-2012-0491
  - CVE-2012-0492
  - CVE-2012-0493
  - CVE-2012-0494
  - CVE-2012-0495
  - CVE-2012-0496
* Dropped patches unnecessary with 5.1.61:
  - debian/patches/90_mysql_safer_strmov.dpatch
  - debian/patches/51_ssl_test_certs.dpatch
  - debian/patches/52_CVE-2009-4030.dpatch
  - debian/patches/53_CVE-2009-4484.dpatch
  - debian/patches/54_CVE-2008-7247.dpatch
  - debian/patches/55_CVE-2010-1621.dpatch
  - debian/patches/56_CVE-2010-1850.dpatch
  - debian/patches/57_CVE-2010-1849.dpatch
  - debian/patches/58_CVE-2010-1848.dpatch
  - debian/patches/59_CVE-2010-1626.dpatch
  - debian/patches/60_CVE-2010-2008.dpatch
  - debian/patches/60_CVE-2010-3677.dpatch
  - debian/patches/60_CVE-2010-3678.dpatch
  - debian/patches/60_CVE-2010-3679.dpatch
  - debian/patches/60_CVE-2010-3680.dpatch
  - debian/patches/60_CVE-2010-3681.dpatch
  - debian/patches/60_CVE-2010-3682.dpatch
  - debian/patches/60_CVE-2010-3683.dpatch
  - debian/patches/60_CVE-2010-3833.dpatch
  - debian/patches/60_CVE-2010-3834.dpatch
  - debian/patches/60_CVE-2010-3835.dpatch
  - debian/patches/60_CVE-2010-3836.dpatch
  - debian/patches/60_CVE-2010-3837.dpatch
  - debian/patches/60_CVE-2010-3838.dpatch
  - debian/patches/60_CVE-2010-3839.dpatch
  - debian/patches/60_CVE-2010-3840.dpatch
  - debian/patches/61_disable_longfilename_test.dpatch
  - debian/patches/62_alter_table_fix.dpatch
  - debian/patches/63_cherrypick-upstream-49479.dpatch
  - debian/patches/10_readline_build_fix.dpatch
* debian/mysql-client-5.1.docs: removed EXCEPTIONS-CLIENT file
* debian/mysql-server-5.1.docs,debian/libmysqlclient16.docs,
  debian/libmysqlclient-dev.docs: removed, no longer necessary.

Show diffs side-by-side

added added

removed removed

Lines of Context:
sql/sql_analyse.cc
1
 
/* Copyright (C) 2000-2006 MySQL AB
 
1
/*
 
2
   Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
2
3
 
3
4
   This program is free software; you can redistribute it and/or modify
4
5
   it under the terms of the GNU General Public License as published by
11
12
 
12
13
   You should have received a copy of the GNU General Public License
13
14
   along with this program; if not, write to the Free Software
14
 
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */
 
15
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA
 
16
*/
15
17
 
16
18
 
17
19
/* Analyse database */
242
244
      if (str == end)
243
245
      {
244
246
        info->is_float = 1;             // we can't use variable decimals here
245
 
        return 1;
 
247
        DBUG_RETURN(1);
246
248
      }
247
249
      DBUG_RETURN(0);
248
250
    }
408
410
 
409
411
  if ((decs = decimals()) == NOT_FIXED_DEC)
410
412
  {
411
 
    length= my_sprintf(buff, (buff, "%g", num));
 
413
    length= sprintf(buff, "%g", num);
412
414
    if (rint(num) != num)
413
415
      max_notzero_dec_len = 1;
414
416
  }
419
421
    snprintf(buff, sizeof(buff)-1, "%-.*f", (int) decs, num);
420
422
    length = (uint) strlen(buff);
421
423
#else
422
 
    length= my_sprintf(buff, (buff, "%-.*f", (int) decs, num));
 
424
    length= sprintf(buff, "%-.*f", (int) decs, num);
423
425
#endif
424
426
 
425
427
    // We never need to check further than this
1006
1008
  my_decimal_set_zero(&zero);
1007
1009
  my_bool is_unsigned= (my_decimal_cmp(&zero, &min_arg) >= 0);
1008
1010
 
1009
 
  length= my_sprintf(buff, (buff, "DECIMAL(%d, %d)",
1010
 
                            (int) (max_length - (item->decimals ? 1 : 0)),
1011
 
                            item->decimals));
 
1011
  length= my_snprintf(buff, sizeof(buff), "DECIMAL(%d, %d)",
 
1012
                      (int) (max_length - (item->decimals ? 1 : 0)),
 
1013
                      item->decimals);
1012
1014
  if (is_unsigned)
1013
1015
    length= (uint) (strmov(buff+length, " UNSIGNED")- buff);
1014
1016
  answer->append(buff, length);