Merge branch '11.4' into 11.8

Author: sanja-byelkin

CONTRIBUTING.md

@@ -8,15 +8,15 @@ MariaDB Server has a vibrant community contributing in a wide range of areas. Th
 -   [maria-developers mailing list](https://lists.mariadb.org/postorius/lists/developers.lists.mariadb.org/)
 -   [maria-discuss mailing list](https://lists.mariadb.org/postorius/lists/discuss.lists.mariadb.org/)
 -   [maria-docs mailing list](https://lists.mariadb.org/postorius/lists/docs.lists.mariadb.org/)
--   The MariaDB Foundation and MariaDB Corporation have a presence on Reddit, Twitter and Facebook. See the  [social media page](https://mariadb.com/docs/general-resources/community/joining-the-community).
+-   The MariaDB Foundation and MariaDB Corporation have a presence on Reddit, Twitter and Facebook. See the [social media page](https://mariadb.com/docs/general-resources/community/joining-the-community).
 
 ### Help document MariaDB
-----
--   Contribute towards [documenting MariaDB Server](https://mariadb.com/docs/general-resources/about/readme/contributing-documentation)  and its ecosystem by adding new content or improving existing content.
--   [Translate](https://mariadb.com/docs/general-resources/about/readme/contributing-documentation)  existing documentation.
+---
+-   Contribute towards [documenting MariaDB Server](https://mariadb.com/docs/general-resources/about/readme/contributing-documentation) and its ecosystem by adding new content or improving existing content.
+-   [Translate](https://mariadb.com/docs/general-resources/about/readme/contributing-documentation) existing documentation.
 
 ### Help develop MariaDB
------
+---
 -   Fix bugs or develop new features
 -   Review code contributions
 -   Test bug fixes and features
@@ -34,10 +34,10 @@ You’re very welcome to support MariaDB Server as an individual, or talk your c
 ---
 -   Attend an event
     -   [Events and Conferences page](https://mariadb.org/events/)
-    -   [mariadb.meetup.com](http://mariadb.meetup.com/)
+    -   [mariadb.meetup.com](https://mariadb.meetup.com/)
 
 ### Live Q&A for beginner contributors
-----
+---
 MariaDB has a dedicated time each week when we answer new contributor questions live on Zulip.
 From 8:00 to 10:00 UTC on Mondays, and 10:00 to 12:00 UTC on Thursdays, anyone can ask any questions they’d like,
 and a live developer will be available to assist.

client/mysql.cc

@@ -1166,8 +1166,9 @@ static void print_tab_data(MYSQL_RES *result);
 static void print_table_data_vertically(MYSQL_RES *result);
 static void print_warnings(void);
 static void print_last_query_cost(void);
-static void end_timer(ulonglong start_time, char *buff);
-static void nice_time(double sec,char *buff,bool part_second);
+static void end_timer(ulonglong start_time, char *buff, size_t buff_size);
+static void nice_time(double sec, char *buff, size_t buff_size,
+                      bool part_second);
 extern "C" sig_handler mysql_end(int sig) __attribute__ ((noreturn));
 extern "C" sig_handler handle_sigint(int sig);
 #if defined(HAVE_TERMIOS_H) && defined(GWINSZ_IN_SYS_IOCTL)
@@ -1425,18 +1426,20 @@ int main(int argc,char *argv[])
       histfile=my_strdup(PSI_NOT_INSTRUMENTED, histfile, MYF(MY_WME));
     else if ((home= getenv("HOME")))
     {
+      size_t histfile_size=
+        strlen(home) + strlen("/.mysql_history") + 2;
       histfile=(char*) my_malloc(PSI_NOT_INSTRUMENTED,
-            strlen(home) + strlen("/.mariadb_history")+2, MYF(MY_WME));
+            histfile_size, MYF(MY_WME));
       if (histfile)
       {
-        sprintf(histfile,"%s/.mariadb_history", home);
+        snprintf(histfile, histfile_size, "%s/.mariadb_history", home);
         if (my_access(histfile, F_OK))
         {
           /* no .mariadb_history, look for historical name and use if present */
-          sprintf(histfile,"%s/.mysql_history", home);
+          snprintf(histfile, histfile_size, "%s/.mysql_history", home);
           /* and go back to original if not found */
           if (my_access(histfile, F_OK))
-            sprintf(histfile,"%s/.mariadb_history", home);
+            snprintf(histfile, histfile_size, "%s/.mariadb_history", home);
         }
         char link_name[FN_REFLEN];
         if (my_readlink(link_name, histfile, 0) == 0 &&
@@ -3673,7 +3676,7 @@ static int com_go(String *buffer, char *)
 
     report_progress_end();
     if (verbose >= 3 || !opt_silent)
-      end_timer(timer, time_buff);
+      end_timer(timer, time_buff, sizeof(time_buff));
     else
       time_buff[0]= '\0';
 
@@ -3709,9 +3712,9 @@ static int com_go(String *buffer, char *)
 	  print_tab_data(result);
 	else
 	  print_table_data(result);
-	snprintf(buff, sizeof(buff), "%ld %s in set",
-		(long) mysql_num_rows(result),
-		(long) mysql_num_rows(result) == 1 ? "row" : "rows");
+	snprintf(buff, sizeof(buff), "%llu %s in set",
+		(unsigned long long) mysql_num_rows(result),
+		mysql_num_rows(result) == 1 ? "row" : "rows");
 	end_pager();
         if (mysql_errno(&mysql))
         {
@@ -3725,7 +3728,7 @@ static int com_go(String *buffer, char *)
       strmov(buff,"Query OK");
     else
       snprintf(buff, sizeof(buff), "Query OK, %llu %s affected",
-	      mysql_affected_rows(&mysql),
+	      (unsigned long long) mysql_affected_rows(&mysql),
 	      mysql_affected_rows(&mysql) == 1 ? "row" : "rows");
 
     pos=strend(buff);
@@ -3904,7 +3907,7 @@ static char *fieldflags2str(uint f) {
   ff2s_check_flag(ON_UPDATE_NOW);
 #undef ff2s_check_flag
   if (f)
-    snprintf(s, sizeof(buf), " unknows=0x%04x", f);
+    snprintf(s, sizeof(buf) - (size_t)(s - buf), " unknown=0x%04x", f);
   return buf;
 }
 
@@ -4655,8 +4658,10 @@ com_edit(String *buffer,char *)
   strxmov(buff,editor," ",filename,NullS);
   if ((error= system(buff)))
   {
-    char errmsg[100];
-    snprintf(errmsg, sizeof(errmsg), "Command '%.40s' failed", buff);
+#define EDITOR_FAIL_MSG "Command '%.40s' failed"
+    char errmsg[sizeof(EDITOR_FAIL_MSG) - 1 + 40];
+    snprintf(errmsg, sizeof(errmsg), EDITOR_FAIL_MSG, buff);
+#undef EDITOR_FAIL_MSG
     put_info(errmsg, INFO_ERROR, 0, NullS);
     goto err;
   }
@@ -5352,7 +5357,7 @@ static int com_status(String *, char *)
     tee_fprintf(stdout, "%.*s\t\t\t", (int) (pos-status_str), status_str);
     if ((status_str= str2int(pos,10,0,LONG_MAX,(long*) &sec)))
     {
-      nice_time((double) sec,buff,0);
+      nice_time((double) sec,buff, sizeof(buff),0);
       tee_puts(buff, stdout);			/* print nice time */
       while (*status_str == ' ')
         status_str++;  /* to next info */
@@ -5571,8 +5576,10 @@ void tee_putc(int c, FILE *file)
 
   len("4294967296 days, 23 hours, 59 minutes, 60.000 seconds")  ->  53
 */
-static void nice_time(double sec, char *buff, bool part_second)
+static void nice_time(double sec, char *buff, size_t buff_size,
+                      bool part_second)
 {
+  char *buff_end= buff + buff_size;
   ulong tmp;
   if (sec >= 3600.0*24)
   {
@@ -5596,21 +5603,23 @@ static void nice_time(double sec, char *buff, bool part_second)
     buff=strmov(buff," min ");
   }
   if (part_second)
-    sprintf(buff,"%.3f sec",sec);
+    snprintf(buff, buff_end - buff, "%.3f sec", sec);
   else
-    sprintf(buff,"%d sec",(int) sec);
+    snprintf(buff, buff_end - buff, "%d sec", (int) sec);
 }
 
 
-static void end_timer(ulonglong start_time, char *buff)
+static void end_timer(ulonglong start_time, char *buff, size_t buff_size)
 {
   double sec;
 
+  if (buff_size < 4)
+    return;
   buff[0]=' ';
   buff[1]='(';
   sec= (microsecond_interval_timer() - start_time) / (double) (1000 * 1000);
-  nice_time(sec, buff + 2, 1);
-  strmov(strend(buff),")");
+  nice_time(sec, buff + 2, buff_size - 2, 1);
+  snprintf(strend(buff), buff_size - (strend(buff) - buff), ")");
 }
 
 static const char *construct_prompt()

client/mysql_upgrade.c

@@ -511,7 +511,7 @@ static int run_tool(char *tool_path, DYNAMIC_STRING *ds_res, ...)
 static void find_tool(char *tool_executable_name, const char *tool_name, 
                       const char *self_name)
 {
-  char *last_fn_libchar;
+  const char *last_fn_libchar;
   DYNAMIC_STRING ds_tmp;
   DBUG_ENTER("find_tool");
   DBUG_PRINT("enter", ("progname: %s", my_progname));

client/mysqladmin.cc

@@ -725,7 +725,7 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv)
 
       if (opt_shutdown_wait_for_slaves)
       {
-        sprintf(buff, "SHUTDOWN WAIT FOR ALL SLAVES");
+        snprintf(buff, sizeof(buff), "SHUTDOWN WAIT FOR ALL SLAVES");
         if (mysql_query(mysql, buff))
         {
           my_printf_error(0, "%s failed; error: '%-.200s'",

client/mysqlbinlog.cc

@@ -313,13 +313,14 @@ class Load_log_processor
     @retval -1 Error (can't find new filename).
     @retval >=0 Found file.
   */
-  File create_unique_file(char *filename, char *file_name_end)
+  File create_unique_file(char *filename, char *file_name_end,
+                          size_t buf_remaining)
     {
       File res;
       /* If we have to try more than 1000 times, something is seriously wrong */
       for (uint version= 0; version<1000; version++)
       {
-	sprintf(file_name_end,"-%x",version);
+	snprintf(file_name_end, buf_remaining, "-%x", version);
 	if ((res= my_create(filename,0,
 			    O_CREAT|O_EXCL|O_BINARY|O_WRONLY,MYF(0)))!=-1)
 	  return res;
@@ -445,7 +446,8 @@ Exit_status Load_log_processor::process_first_event(const char *bname,
   //so the rest of fname has size full_len - target_dir_name_len
   ptr+= snprintf(ptr, full_len - target_dir_name_len, "-%x", file_id);
 
-  if ((file= create_unique_file(fname,ptr)) < 0)
+  if ((file= create_unique_file(fname, ptr,
+                                full_len - (size_t) (ptr - fname))) < 0)
   {
     error("Could not construct local filename %s%s.",
           target_dir_name,bname);
@@ -1227,7 +1229,6 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev,
             exit(1);
           }
 
-          memset(tmp_sql, 0, sizeof(tmp_sql));
           snprintf(tmp_sql, sizeof(tmp_sql), " "
                   "SELECT Group_concat(cols) "
                   "FROM   (SELECT 'op_type char(1)' cols "
@@ -1274,11 +1275,9 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev,
             }
             else
             {
-              memset(tmp_sql, 0, sizeof(tmp_sql));
               snprintf(tmp_sql, sizeof(tmp_sql), "__%s", map->get_table_name());
               ev->set_flashback_review_tablename(tmp_sql);
             }
-            memset(tmp_sql, 0, sizeof(tmp_sql));
             tmp_sql_offset= snprintf(tmp_sql, sizeof(tmp_sql), "CREATE TABLE IF NOT EXISTS");
             tmp_sql_offset+= snprintf(tmp_sql + tmp_sql_offset, sizeof(tmp_sql) - (uint) tmp_sql_offset, " `%s`.`%s` (%s) %s",
                                      ev->get_flashback_review_dbname(),
@@ -1304,7 +1303,7 @@ Exit_status process_event(PRINT_EVENT_INFO *print_event_info, Log_event *ev,
           else
           {
             memset(tmp_str, 0, sizeof(tmp_str));
-            snprintf(tmp_str, sizeof(tmp_sql), "__%s", map->get_table_name());
+            snprintf(tmp_str, sizeof(tmp_str), "__%s", map->get_table_name());
             ev->set_flashback_review_tablename(tmp_str);
           }
         }
@@ -2549,9 +2548,9 @@ static Exit_status check_master_version()
       char buf[256];
       rpl_gtid *start_gtid= &start_gtids[gtid_idx];
 
-      sprintf(buf, "%u-%u-%llu",
-              start_gtid->domain_id, start_gtid->server_id,
-              start_gtid->seq_no);
+      snprintf(buf, sizeof(buf), "%u-%u-%llu",
+               start_gtid->domain_id, start_gtid->server_id,
+               start_gtid->seq_no);
       query_str.append(buf, strlen(buf));
       if (gtid_idx < n_start_gtids - 1)
         query_str.append(',');