← Back to branch summary

~ubuntu-branches/ubuntu/lucid/mysql-dfsg-5.1/lucid-security

« back to all changes in this revision

Viewing changes to storage/innobase/trx/trx0trx.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2012-02-22 22:33:55 UTC
  • mfrom: (1.1.5)
  • Revision ID: package-import@ubuntu.com-20120222223355-or06x1euyk8n0ldi
Tags: 5.1.61-0ubuntu0.10.04.1
https://launchpad.net/bugs/937869
* SECURITY UPDATE: Update to 5.1.61 to fix multiple security issues
  (LP: #937869)
  - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
  - CVE-2011-2262
  - CVE-2012-0075
  - CVE-2012-0112
  - CVE-2012-0113
  - CVE-2012-0114
  - CVE-2012-0115
  - CVE-2012-0116
  - CVE-2012-0117
  - CVE-2012-0118
  - CVE-2012-0119
  - CVE-2012-0120
  - CVE-2012-0484
  - CVE-2012-0485
  - CVE-2012-0486
  - CVE-2012-0487
  - CVE-2012-0488
  - CVE-2012-0489
  - CVE-2012-0490
  - CVE-2012-0491
  - CVE-2012-0492
  - CVE-2012-0493
  - CVE-2012-0494
  - CVE-2012-0495
  - CVE-2012-0496
* Dropped patches unnecessary with 5.1.61:
  - debian/patches/90_mysql_safer_strmov.dpatch
  - debian/patches/51_ssl_test_certs.dpatch
  - debian/patches/52_CVE-2009-4030.dpatch
  - debian/patches/53_CVE-2009-4484.dpatch
  - debian/patches/54_CVE-2008-7247.dpatch
  - debian/patches/55_CVE-2010-1621.dpatch
  - debian/patches/56_CVE-2010-1850.dpatch
  - debian/patches/57_CVE-2010-1849.dpatch
  - debian/patches/58_CVE-2010-1848.dpatch
  - debian/patches/59_CVE-2010-1626.dpatch
  - debian/patches/60_CVE-2010-2008.dpatch
  - debian/patches/60_CVE-2010-3677.dpatch
  - debian/patches/60_CVE-2010-3678.dpatch
  - debian/patches/60_CVE-2010-3679.dpatch
  - debian/patches/60_CVE-2010-3680.dpatch
  - debian/patches/60_CVE-2010-3681.dpatch
  - debian/patches/60_CVE-2010-3682.dpatch
  - debian/patches/60_CVE-2010-3683.dpatch
  - debian/patches/60_CVE-2010-3833.dpatch
  - debian/patches/60_CVE-2010-3834.dpatch
  - debian/patches/60_CVE-2010-3835.dpatch
  - debian/patches/60_CVE-2010-3836.dpatch
  - debian/patches/60_CVE-2010-3837.dpatch
  - debian/patches/60_CVE-2010-3838.dpatch
  - debian/patches/60_CVE-2010-3839.dpatch
  - debian/patches/60_CVE-2010-3840.dpatch
  - debian/patches/61_disable_longfilename_test.dpatch
  - debian/patches/62_alter_table_fix.dpatch
  - debian/patches/63_cherrypick-upstream-49479.dpatch
  - debian/patches/10_readline_build_fix.dpatch
* debian/mysql-client-5.1.docs: removed EXCEPTIONS-CLIENT file
* debian/mysql-server-5.1.docs,debian/libmysqlclient16.docs,
  debian/libmysqlclient-dev.docs: removed, no longer necessary.

Show diffs side-by-side

added added

removed removed

Lines of Context:
storage/innobase/trx/trx0trx.c
41
41
/* Number of transactions currently allocated for MySQL: protected by
42
42
the kernel mutex */
43
43
ulint   trx_n_mysql_transactions = 0;
 
44
/* Number of transactions currently in the XA PREPARED state: protected by
 
45
the kernel mutex */
 
46
ulint   trx_n_prepared = 0;
44
47
 
45
48
/*****************************************************************
46
49
Starts the transaction if it is not yet started. */
131
134
 
132
135
        trx->mysql_thd = NULL;
133
136
        trx->mysql_query_str = NULL;
 
137
        trx->mysql_query_len = NULL;
 
138
 
134
139
        trx->active_trans = 0;
135
140
        trx->duplicates = 0;
136
141
 
478
483
                                        if (srv_force_recovery == 0) {
479
484
 
480
485
                                                trx->conc_state = TRX_PREPARED;
 
486
                                                trx_n_prepared++;
481
487
                                        } else {
482
488
                                                fprintf(stderr,
483
489
                                                        "InnoDB: Since"
556
562
 
557
563
                                                        trx->conc_state
558
564
                                                                = TRX_PREPARED;
 
565
                                                        trx_n_prepared++;
559
566
                                                } else {
560
567
                                                        fprintf(stderr,
561
568
                                                                "InnoDB: Since"
830
837
              || trx->conc_state == TRX_PREPARED);
831
838
        ut_ad(mutex_own(&kernel_mutex));
832
839
 
 
840
        if (UNIV_UNLIKELY(trx->conc_state == TRX_PREPARED)) {
 
841
                ut_a(trx_n_prepared > 0);
 
842
                trx_n_prepared--;
 
843
        }
 
844
 
833
845
        /* The following assignment makes the transaction committed in memory
834
846
        and makes its changes to data visible to other transactions.
835
847
        NOTE that there is a small discrepancy from the strict formal
936
948
        trx->undo_no = ut_dulint_zero;
937
949
        trx->last_sql_stat_start.least_undo_no = ut_dulint_zero;
938
950
        trx->mysql_query_str = NULL;
 
951
        trx->mysql_query_len = NULL;
939
952
 
940
953
        ut_ad(UT_LIST_GET_LEN(trx->wait_thrs) == 0);
941
954
        ut_ad(UT_LIST_GET_LEN(trx->trx_locks) == 0);
1652
1665
 
1653
1666
/**************************************************************************
1654
1667
Prints info about a transaction to the given file. The caller must own the
1655
 
kernel mutex and must have called
1656
 
innobase_mysql_prepare_print_arbitrary_thd(), unless he knows that MySQL
1657
 
or InnoDB cannot meanwhile change the info printed here. */
 
1668
kernel mutex. */
1658
1669
 
1659
1670
void
1660
1671
trx_print(
1826
1837
/*===================*/
1827
1838
        trx_t*  trx)    /* in: transaction */
1828
1839
{
1829
 
        page_t*         update_hdr_page;
1830
1840
        trx_rseg_t*     rseg;
1831
1841
        ibool           must_flush_log  = FALSE;
1832
1842
        dulint          lsn;
1862
1872
                }
1863
1873
 
1864
1874
                if (trx->update_undo) {
1865
 
                        update_hdr_page = trx_undo_set_state_at_prepare(
 
1875
                        trx_undo_set_state_at_prepare(
1866
1876
                                trx, trx->update_undo, &mtr);
1867
1877
                }
1868
1878
 
1882
1892
 
1883
1893
        /*--------------------------------------*/
1884
1894
        trx->conc_state = TRX_PREPARED;
 
1895
        trx_n_prepared++;
1885
1896
        /*--------------------------------------*/
1886
1897
 
1887
1898
        if (must_flush_log) {
2041
2052
trx_t*
2042
2053
trx_get_trx_by_xid(
2043
2054
/*===============*/
2044
 
                        /* out: trx or NULL */
2045
 
        XID*    xid)    /* in: X/Open XA transaction identification */
 
2055
                                /* out: trx or NULL;
 
2056
                                on match, the trx->xid will be invalidated */
 
2057
        const XID*      xid)    /* in: X/Open XA transaction identifier */
2046
2058
{
2047
2059
        trx_t*  trx;
2048
2060
 
2049
2061
        if (xid == NULL) {
2050
2062
 
2051
 
                return (NULL);
 
2063
                return(NULL);
2052
2064
        }
2053
2065
 
2054
2066
        mutex_enter(&kernel_mutex);
2061
2073
                of gtrid_lenght+bqual_length bytes should be
2062
2074
                the same */
2063
2075
 
2064
 
                if (xid->gtrid_length == trx->xid.gtrid_length
 
2076
                if (trx->conc_state == TRX_PREPARED
 
2077
                    && xid->gtrid_length == trx->xid.gtrid_length
2065
2078
                    && xid->bqual_length == trx->xid.bqual_length
2066
2079
                    && memcmp(xid->data, trx->xid.data,
2067
2080
                              xid->gtrid_length + xid->bqual_length) == 0) {
 
2081
 
 
2082
                        /* Invalidate the XID, so that subsequent calls
 
2083
                        will not find it. */
 
2084
                        memset(&trx->xid, 0, sizeof(trx->xid));
 
2085
                        trx->xid.formatID = -1;
2068
2086
                        break;
2069
2087
                }
2070
2088
 
2073
2091
 
2074
2092
        mutex_exit(&kernel_mutex);
2075
2093
 
2076
 
        if (trx) {
2077
 
                if (trx->conc_state != TRX_PREPARED) {
2078
 
 
2079
 
                        return(NULL);
2080
 
                }
2081
 
 
2082
 
                return(trx);
2083
 
        } else {
2084
 
                return(NULL);
2085
 
        }
 
2094
        return(trx);
2086
2095
}