New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix unit tests for different MySQL and MariaDB versions #87

Merged
merged 15 commits into from Jan 23, 2017

Conversation

Projects
None yet
2 participants
@pali
Contributor

pali commented Jan 21, 2017

Tests were fixed to correctly check for server or client versions (what is needed). Function MinimumVersion or attribute SQL_DBMS_VER do not work correctly as those returns strings which include also database server name (e.g. MariaDB vs MySQL).

Some tests are completely skipped if they depends on features not available in current tested MySQL server. And some tests were fixes to work with older and also newer MySQL and MariaDB versions as some function names was deprecated/renamed/removed.

With these changes all unit tests tested against MySQL and MariaDB versions in #85 are passing.

pali added some commits Jan 21, 2017

Fix checking for warning in test t/55utf8.t
Some MySQL versions can returns warning 'Data truncated' instead
'Incorrect string value: %s'.
Fix tests t/40bindparam.t and t/41int_min_max.t so they correctly ski…
…p plan

plan skip_all was called two times and so second was ignored.
Fix test t/rt50304-column_info_parentheses.t so it does not use tempo…
…rary table

In some MySQL versions (including 8.0.0) DESCRIBE did not function with
temporary tables. And DESCRIBE is used by method column_info() so test
should not use temporary tables.
Fix usage of eval in tests t/55utf8mb4.t and t/rt75353-innodb-lock-ti…
…meout.t

Temporary also turn off printing fatal errors as plan skip_all is suppose
to do that.
Fix test t/50chopblanks.t
Do not use VARCHAR when chopping blanks as MySQL can be configured to
automatically trim whitespaces for VARCHAR type. Instead use TEXT type
which is not modified by MySQL server and so storage does not trim
whitespaces.
Skip test t/76multi_statement.t when MySQL server has deadlock bug 16581
That bug caused test freeze. Client was waiting for busy server until
connection was lost.

@mbeijen mbeijen merged commit 150faf1 into perl5-dbi:master Jan 23, 2017

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@mbeijen

This comment has been minimized.

Show comment
Hide comment
@mbeijen

mbeijen Jan 23, 2017

Contributor

👍 Great work!

Contributor

mbeijen commented Jan 23, 2017

👍 Great work!

netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jul 10, 2017

wen
Update to 4.043
Upstream changes:
2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043)

YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041
This version is the same as 4.041 with all its bugs and
limitations. In version 4.042 there were some changes to Unicode handling
that turned out to be causing issues with existing implementations.
While it is possible to argue that the old behaviour was wrong and buggy,
lots of applications and scripts were depending on this behaviour so it
is NOT a good idea to change this.

There were lots of commits since 4.041, we'll add those back bit by bit
in a future release, excluding the ones which cause problems.


2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01)
* Use Devel::CheckLib 1.09 or newer, fixes
   perl5-dbi/DBD-mysql#109
* Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali)
* Specify bigint as test dependency.

2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042)
* Full release to include development releases 4.041_2 and 4.041_1.

2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2)
* Statement handle now also has mysql_sock attribute, just as database handle.
  (by Pali)
* Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and
  Giovanni Bechis, fix by Pali.
    https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html
    perl5-dbi/DBD-mysql#78
* Fix UTF8-encoding of table names, field names, warnings and error messages.
  Reported by Tanabe Yoshinori, fix by Pali.
    https://rt.cpan.org/Public/Bug/Display.html?id=120141
* Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by
  Vladimir Marek.
    perl5-dbi/DBD-mysql#95
* Improve regex for removing database from dsn (pali)
    https://rt.cpan.org/Public/Bug/Display.html?id=118837
* Locate MySQL libs using Devel::CheckLib (pali)
* Support async on Windows (pali)

* Fix test suite on range of older and newer MySQL and MariaDB versions
   (perl5-dbi/DBD-mysql#87)
* Fix compilation on MySQL 4.1 (pali)
* Do not leak dangling pointer to mysql result (pali)
* Fix logic when assigning to variable bind_comment_placeholders (pali)
* mysql_fd() still returned file descriptor after closing connection.
  Reported by Larry Leszczynski, fixed by Pali Roh獺r.
   (https://rt.cpan.org/Public/Bug/Display.html?id=110983)
* Fix parsing configure libs from mysql_config --libs output in Makefile.PL
  Libraries in mysql_config --libs output can be specified by library name
  with the -l prefix or by absolute path to library name without any prefix.
  Parameters must start with a hyphen, so treat all options without leading
  hyphen in mysql_config --libs output as libraries with full path.
  Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898
  Fix by Pali Roh獺r.
* Fix support for magic scalars (pali)
   (perl5-dbi/DBD-mysql#76)

2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1)
* Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4,
  previous versions of DBD::mysql did not properly encode input statements
  to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the
  column charset.
  Fix by Pali Roh獺r.
  Reported and feedback on fix by Marc Lehmann
  (https://rt.cpan.org/Public/Bug/Display.html?id=87428)
  Also, the UTF-8 flag was not set for decoded data:
  (https://rt.cpan.org/Public/Bug/Display.html?id=53130)
* Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Roh獺r.
  (https://rt.cpan.org/Public/Bug/Display.html?id=118977)

derekstraka pushed a commit to derekstraka/meta-openembedded that referenced this pull request Jan 26, 2018

libdbd-mysql-perl: upgrade 4.036 -> 4.043
Changes:

2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043)

YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041
This version is the same as 4.041 with all its bugs and
limitations. In version 4.042 there were some changes to Unicode handling
that turned out to be causing issues with existing implementations.
While it is possible to argue that the old behaviour was wrong and buggy,
lots of applications and scripts were depending on this behaviour so it
is NOT a good idea to change this.

There were lots of commits since 4.041, we'll add those back bit by bit
in a future release, excluding the ones which cause problems.

2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01)
* Use Devel::CheckLib 1.09 or newer, fixes
   perl5-dbi/DBD-mysql#109
* Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali)
* Specify bigint as test dependency.

2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042)
* Full release to include development releases 4.041_2 and 4.041_1.

2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2)
* Statement handle now also has mysql_sock attribute, just as database handle.
  (by Pali)
* Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and
  Giovanni Bechis, fix by Pali.
    https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html
    perl5-dbi/DBD-mysql#78
* Fix UTF8-encoding of table names, field names, warnings and error messages.
  Reported by Tanabe Yoshinori, fix by Pali.
    https://rt.cpan.org/Public/Bug/Display.html?id=120141
* Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by
  Vladimir Marek.
    perl5-dbi/DBD-mysql#95
* Improve regex for removing database from dsn (pali)
    https://rt.cpan.org/Public/Bug/Display.html?id=118837
* Locate MySQL libs using Devel::CheckLib (pali)
* Support async on Windows (pali)

* Fix test suite on range of older and newer MySQL and MariaDB versions
   (perl5-dbi/DBD-mysql#87)
* Fix compilation on MySQL 4.1 (pali)
* Do not leak dangling pointer to mysql result (pali)
* Fix logic when assigning to variable bind_comment_placeholders (pali)
* mysql_fd() still returned file descriptor after closing connection.
  Reported by Larry Leszczynski, fixed by Pali Rohár.
   (https://rt.cpan.org/Public/Bug/Display.html?id=110983)
* Fix parsing configure libs from mysql_config --libs output in Makefile.PL
  Libraries in mysql_config --libs output can be specified by library name
  with the -l prefix or by absolute path to library name without any prefix.
  Parameters must start with a hyphen, so treat all options without leading
  hyphen in mysql_config --libs output as libraries with full path.
  Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898
  Fix by Pali Rohár.
* Fix support for magic scalars (pali)
   (perl5-dbi/DBD-mysql#76)

2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1)
* Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4,
  previous versions of DBD::mysql did not properly encode input statements
  to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the
  column charset.
  Fix by Pali Rohár.
  Reported and feedback on fix by Marc Lehmann
  (https://rt.cpan.org/Public/Bug/Display.html?id=87428)
  Also, the UTF-8 flag was not set for decoded data:
  (https://rt.cpan.org/Public/Bug/Display.html?id=53130)
* Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár.
  (https://rt.cpan.org/Public/Bug/Display.html?id=118977)

2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041)
* Fix use-after-free for repeated fetchrow_arrayref calls when
  mysql_server_prepare=1

  Function dbd_st_fetch() via Renew() can reallocate output buffer for
  mysql_stmt_fetch() call. But it does not update pointer to that buffer in
  imp_sth->stmt structure initialized by mysql_stmt_bind_result() function.
  That leads to use-after-free in any mysql function which access
  imp_sth->stmt structure (e.g. mysql_stmt_fetch()).

  This patch fix this problem and properly updates pointer in imp_sth->stmt
  structure after Renew() call.
  This is a medium level security issue to which the Debian security team
  assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár.

* auto_reconnect now also matches  CR_SERVER_LOST, previously this only
  matched CR_SERVER_GONE.
  Fixes http://bugs.mysql.com/bug.php?id=27613
  Fix suggested by Wouter de Jong.
* Fix compilation fixes (Pali Rohár).

2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040)
* Since 4.038 we had problems compiling on big-endian architectures, such
  as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project
  (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538)
  and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835)
  for reporting the issues. Fix by Pali Rohár.

  Fix integer types when server side prepare statements are enabled
  Fixed problems:
  * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead
    64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow
  * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit
    and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit
  * All unsigned types were handled as signed, so all high positive values
    were treated as negative
  * Numeric conversions in perl which led to overflow/underflow was ignored
    even when mysql strict mode was enabled
  * Test t/41int_min_max.t was running only for normal non-prepared statements
  * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers

2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039)
* Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali)

2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01)
* Fix compilation of embedded server (pali)
  (perl5-dbi/DBD-mysql#68)
* Fix compilation against libmariadbclient. First version by
  H.Merijn Brand, improved by Bernt Johnsen @ Oracle.
* For efficiency use newSVpvn() instead newSVpv() where possible (pali)
* Correctly coerce fetched scalar values when mysql_server_prepare is
  not used (pali)
* Add support for fetching columns of BIT type with
  mysql_server_prepare = 1 (pali)
  Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006
* Use correct format in printf instead of casting variable types (pali)
* Include errno.h for MYSQL_ASYNC because it uses errno variable (pali)
* Travis: also test on perl 5.22 and 5.24.

2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038)
* Version 4.037_1 had fixes for MySQL 8.0 provided
  Bernt Johnsen @ Oracle that were not in the Changelogs
  (perl5-dbi/DBD-mysql#56)
* Fixes for compiling against newer libmysqlclient on Windows (kmx)
* Fix unit test for 40server_prepare_crash on Windows (pali)
* Perl's IV in scalar can store 64bit integer when perl was compiled
  with 64 bit support (default on 64bit linux with gcc). Use this
  feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings
  when possible. (pali, perl5-dbi/DBD-mysql#57)

2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01)
* Newest versions of libmysqlclient and the MariaDB C connector no longer
  export the __WIN__ macro. If this macro is not present we would not
  compile in the poll.h-based async-support. Changed to use the _WIN32
  macro instead. Thanks to Sergei Golubchik for suggesting the fix.
* Fix from Pali Rohár for use-after-free in prepared statements,
  changes to bind logic, and added test 40server_prepare_crash.

2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037)
* Security release to patch possible buffer overflow in unsafe sprintf with
  variable length. Reported and fixed by Pali Rohár. This vulnerability
  is present in all releases at least back to versions 3.0 of the
  driver, which were released in 2005.
  The CVE identifier for this vulnerability is CVE-2016-1246.

Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

halstead pushed a commit to openembedded/meta-openembedded that referenced this pull request Jan 27, 2018

libdbd-mysql-perl: upgrade 4.036 -> 4.043
Changes:

2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043)

YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041
This version is the same as 4.041 with all its bugs and
limitations. In version 4.042 there were some changes to Unicode handling
that turned out to be causing issues with existing implementations.
While it is possible to argue that the old behaviour was wrong and buggy,
lots of applications and scripts were depending on this behaviour so it
is NOT a good idea to change this.

There were lots of commits since 4.041, we'll add those back bit by bit
in a future release, excluding the ones which cause problems.

2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01)
* Use Devel::CheckLib 1.09 or newer, fixes
   perl5-dbi/DBD-mysql#109
* Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali)
* Specify bigint as test dependency.

2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042)
* Full release to include development releases 4.041_2 and 4.041_1.

2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2)
* Statement handle now also has mysql_sock attribute, just as database handle.
  (by Pali)
* Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and
  Giovanni Bechis, fix by Pali.
    https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html
    perl5-dbi/DBD-mysql#78
* Fix UTF8-encoding of table names, field names, warnings and error messages.
  Reported by Tanabe Yoshinori, fix by Pali.
    https://rt.cpan.org/Public/Bug/Display.html?id=120141
* Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by
  Vladimir Marek.
    perl5-dbi/DBD-mysql#95
* Improve regex for removing database from dsn (pali)
    https://rt.cpan.org/Public/Bug/Display.html?id=118837
* Locate MySQL libs using Devel::CheckLib (pali)
* Support async on Windows (pali)

* Fix test suite on range of older and newer MySQL and MariaDB versions
   (perl5-dbi/DBD-mysql#87)
* Fix compilation on MySQL 4.1 (pali)
* Do not leak dangling pointer to mysql result (pali)
* Fix logic when assigning to variable bind_comment_placeholders (pali)
* mysql_fd() still returned file descriptor after closing connection.
  Reported by Larry Leszczynski, fixed by Pali Rohár.
   (https://rt.cpan.org/Public/Bug/Display.html?id=110983)
* Fix parsing configure libs from mysql_config --libs output in Makefile.PL
  Libraries in mysql_config --libs output can be specified by library name
  with the -l prefix or by absolute path to library name without any prefix.
  Parameters must start with a hyphen, so treat all options without leading
  hyphen in mysql_config --libs output as libraries with full path.
  Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898
  Fix by Pali Rohár.
* Fix support for magic scalars (pali)
   (perl5-dbi/DBD-mysql#76)

2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1)
* Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4,
  previous versions of DBD::mysql did not properly encode input statements
  to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the
  column charset.
  Fix by Pali Rohár.
  Reported and feedback on fix by Marc Lehmann
  (https://rt.cpan.org/Public/Bug/Display.html?id=87428)
  Also, the UTF-8 flag was not set for decoded data:
  (https://rt.cpan.org/Public/Bug/Display.html?id=53130)
* Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár.
  (https://rt.cpan.org/Public/Bug/Display.html?id=118977)

2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041)
* Fix use-after-free for repeated fetchrow_arrayref calls when
  mysql_server_prepare=1

  Function dbd_st_fetch() via Renew() can reallocate output buffer for
  mysql_stmt_fetch() call. But it does not update pointer to that buffer in
  imp_sth->stmt structure initialized by mysql_stmt_bind_result() function.
  That leads to use-after-free in any mysql function which access
  imp_sth->stmt structure (e.g. mysql_stmt_fetch()).

  This patch fix this problem and properly updates pointer in imp_sth->stmt
  structure after Renew() call.
  This is a medium level security issue to which the Debian security team
  assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár.

* auto_reconnect now also matches  CR_SERVER_LOST, previously this only
  matched CR_SERVER_GONE.
  Fixes http://bugs.mysql.com/bug.php?id=27613
  Fix suggested by Wouter de Jong.
* Fix compilation fixes (Pali Rohár).

2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040)
* Since 4.038 we had problems compiling on big-endian architectures, such
  as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project
  (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538)
  and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835)
  for reporting the issues. Fix by Pali Rohár.

  Fix integer types when server side prepare statements are enabled
  Fixed problems:
  * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead
    64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow
  * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit
    and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit
  * All unsigned types were handled as signed, so all high positive values
    were treated as negative
  * Numeric conversions in perl which led to overflow/underflow was ignored
    even when mysql strict mode was enabled
  * Test t/41int_min_max.t was running only for normal non-prepared statements
  * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers

2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039)
* Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali)

2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01)
* Fix compilation of embedded server (pali)
  (perl5-dbi/DBD-mysql#68)
* Fix compilation against libmariadbclient. First version by
  H.Merijn Brand, improved by Bernt Johnsen @ Oracle.
* For efficiency use newSVpvn() instead newSVpv() where possible (pali)
* Correctly coerce fetched scalar values when mysql_server_prepare is
  not used (pali)
* Add support for fetching columns of BIT type with
  mysql_server_prepare = 1 (pali)
  Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006
* Use correct format in printf instead of casting variable types (pali)
* Include errno.h for MYSQL_ASYNC because it uses errno variable (pali)
* Travis: also test on perl 5.22 and 5.24.

2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038)
* Version 4.037_1 had fixes for MySQL 8.0 provided
  Bernt Johnsen @ Oracle that were not in the Changelogs
  (perl5-dbi/DBD-mysql#56)
* Fixes for compiling against newer libmysqlclient on Windows (kmx)
* Fix unit test for 40server_prepare_crash on Windows (pali)
* Perl's IV in scalar can store 64bit integer when perl was compiled
  with 64 bit support (default on 64bit linux with gcc). Use this
  feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings
  when possible. (pali, perl5-dbi/DBD-mysql#57)

2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01)
* Newest versions of libmysqlclient and the MariaDB C connector no longer
  export the __WIN__ macro. If this macro is not present we would not
  compile in the poll.h-based async-support. Changed to use the _WIN32
  macro instead. Thanks to Sergei Golubchik for suggesting the fix.
* Fix from Pali Rohár for use-after-free in prepared statements,
  changes to bind logic, and added test 40server_prepare_crash.

2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037)
* Security release to patch possible buffer overflow in unsafe sprintf with
  variable length. Reported and fixed by Pali Rohár. This vulnerability
  is present in all releases at least back to versions 3.0 of the
  driver, which were released in 2005.
  The CVE identifier for this vulnerability is CVE-2016-1246.

Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment