diff -Nru mysql-4.1.18/sql/sql_lex.cc mysql-4.1.18-logsec/sql/sql_lex.cc --- mysql-4.1.18/sql/sql_lex.cc 2006-01-27 17:26:42.000000000 +0100 +++ mysql-4.1.18-logsec/sql/sql_lex.cc 2006-04-07 22:32:51.000000000 +0200 @@ -912,6 +912,9 @@ while (lex->ptr != lex->end_of_query && ((c=yyGet()) != '*' || yyPeek() != '/')) { + if (c == '\0') + return(ABORT_SYM); // NULLs illegal even in comments + if (c == '\n') lex->yylineno++; } diff -Naur -Naur mysql-4.1.14.orig/include/my_sys.h mysql-4.1.14.new/include/my_sys.h --- mysql-4.1.14.orig/include/my_sys.h 2005-08-17 17:06:34.000000000 +0000 +++ mysql-4.1.14.new/include/my_sys.h 2006-04-09 15:59:54.000000000 +0000 @@ -573,6 +573,11 @@ const char *sFile, uint uLine, myf MyFlag); +/* implemented in my_memmem.c */ +extern void *my_memmem(const void *haystack, size_t haystacklen, + const void *needle, size_t needlelen); + + #ifdef __WIN__ extern int my_access(const char *path, int amode); #else diff -Naur -Naur mysql-4.1.14.orig/mysys/Makefile.am mysql-4.1.14.new/mysys/Makefile.am --- mysql-4.1.14.orig/mysys/Makefile.am 2005-08-17 17:06:33.000000000 +0000 +++ mysql-4.1.14.new/mysys/Makefile.am 2006-04-09 15:59:54.000000000 +0000 @@ -54,7 +54,8 @@ my_net.c my_semaphore.c my_port.c my_sleep.c \ charset.c charset-def.c my_bitmap.c my_bit.c md5.c \ my_gethostbyname.c rijndael.c my_aes.c sha1.c \ - my_handler.c my_netware.c my_windac.c my_access.c + my_handler.c my_netware.c \ + my_memmem.c my_windac.c my_access.c EXTRA_DIST = thr_alarm.c thr_lock.c my_pthread.c my_thr_init.c \ thr_mutex.c thr_rwlock.c libmysys_a_LIBADD = @THREAD_LOBJECTS@ diff -Naur -Naur mysql-4.1.14.orig/mysys/mf_iocache2.c mysql-4.1.14.new/mysys/mf_iocache2.c --- mysql-4.1.14.orig/mysys/mf_iocache2.c 2005-08-17 17:06:28.000000000 +0000 +++ mysql-4.1.14.new/mysys/mf_iocache2.c 2006-04-09 15:59:54.000000000 +0000 @@ -245,6 +245,10 @@ uint my_b_vprintf(IO_CACHE *info, const char* fmt, va_list args) { uint out_length=0; + uint minimum_width; /* as yet unimplemented */ + uint minimum_width_sign; + uint precision; /* as yet unimplemented for anything but %b */ + const char* backtrack; for (; *fmt ; fmt++) { @@ -265,17 +269,53 @@ fmt++; /* Found one '%' */ } + backtrack= fmt; + + minimum_width= 0; + precision= 0; + minimum_width_sign= 1; /* Skip if max size is used (to be compatible with printf) */ - while (my_isdigit(&my_charset_latin1, *fmt) || *fmt == '.' || *fmt == '-') + while (*fmt == '-') { fmt++; minimum_width_sign= -1; } + if (*fmt == '*') { + precision= (int) va_arg(args, int); + fmt++; + } else { + while (my_isdigit(&my_charset_latin1, *fmt)) { + minimum_width=(minimum_width * 10) + (*fmt - '0'); + fmt++; + } + } + minimum_width*= minimum_width_sign; + + if (*fmt == '.') { fmt++; + if (*fmt == '*') { + precision= (int) va_arg(args, int); + fmt++; + } else { + while (my_isdigit(&my_charset_latin1, *fmt)) { + precision=(precision * 10) + (*fmt - '0'); + fmt++; + } + } + } + if (*fmt == 's') /* String parameter */ { reg2 char *par = va_arg(args, char *); uint length = (uint) strlen(par); + /* TODO: implement minimum width and precision */ out_length+=length; if (my_b_write(info, par, length)) goto err; } + else if (*fmt == 'b') /* Sized buffer parameter, only precision makes sense */ + { + reg2 char *par = va_arg(args, char *); + out_length+=precision; + if (my_b_write(info, par, precision)) + goto err; + } else if (*fmt == 'd' || *fmt == 'u') /* Integer parameter */ { register int iarg; @@ -313,6 +353,9 @@ if (my_b_write(info, "%", 1)) goto err; out_length++; + if (my_b_write(info, backtrack, fmt-backtrack)) + goto err; + out_length+= fmt-backtrack; } } return out_length; diff -Naur -Naur mysql-4.1.14.orig/mysys/my_memmem.c mysql-4.1.14.new/mysys/my_memmem.c --- mysql-4.1.14.orig/mysys/my_memmem.c 1970-01-01 00:00:00.000000000 +0000 +++ mysql-4.1.14.new/mysys/my_memmem.c 2006-04-09 15:59:54.000000000 +0000 @@ -0,0 +1,23 @@ +#include "my_base.h" + +/* + my_memmem, port of a GNU extension. + + Returns a pointer to the beginning of the substring, needle, or NULL if the + substring is not found in haystack. +*/ +void *my_memmem(const void *haystack, size_t haystacklen, + const void *needle, size_t needlelen) +{ + const void *cursor; + const void *end_of_search_beginning = haystack + haystacklen - needlelen; + + for (cursor = haystack; cursor <= end_of_search_beginning; cursor++) { + if (memcmp(needle, cursor, needlelen) == 0) { + return((void *) cursor); + } + } + return(NULL); +} + + diff -Naur -Naur mysql-4.1.14.orig/sql/sql_parse.cc mysql-4.1.14.new/sql/sql_parse.cc --- mysql-4.1.14.orig/sql/sql_parse.cc 2005-08-17 17:06:28.000000000 +0000 +++ mysql-4.1.14.new/sql/sql_parse.cc 2006-04-09 15:59:54.000000000 +0000 @@ -1495,7 +1495,7 @@ if (alloc_query(thd, packet, packet_length)) break; // fatal error is set char *packet_end= thd->query + thd->query_length; - mysql_log.write(thd,command,"%s",thd->query); + mysql_log.write(thd,command, "%.*b", thd->query_length, thd->query); DBUG_PRINT("query",("%-.4096s",thd->query)); mysql_parse(thd,thd->query, thd->query_length); diff -Naur -Naur mysql-4.1.14.orig/strings/my_vsnprintf.c mysql-4.1.14.new/strings/my_vsnprintf.c --- mysql-4.1.14.orig/strings/my_vsnprintf.c 2005-08-17 17:06:28.000000000 +0000 +++ mysql-4.1.14.new/strings/my_vsnprintf.c 2006-04-09 15:59:54.000000000 +0000 @@ -27,6 +27,7 @@ %#[l]d %#[l]u %#[l]x + %#.#b Local format; note first # is ignored and second is REQUIRED %#.#s Note first # is ignored RETURN @@ -38,9 +39,18 @@ char *start=to, *end=to+n-1; uint length, width, pre_zero, have_long; + const char *backtrack; + /* + For the special case when we discover that we shouldn't have been + interpreting a percent-format. + + This is here so we can be forgiving about our special local formats. + */ + for (; *fmt ; fmt++) { - if (fmt[0] != '%') + backtrack = fmt; + if (*fmt != '%') { if (to == end) /* End of buffer */ break; @@ -80,6 +90,12 @@ to=strnmov(to,par,plen); continue; } + else if (*fmt == 'b') /* Buffer parameter */ + { + reg2 char *par = va_arg(ap, char *); + to=memmove(to, par, abs(width)); + continue; + } else if (*fmt == 'd' || *fmt == 'u'|| *fmt== 'x') /* Integer parameter */ { register long larg;