5.6$ bzr log -n0 -m 16241992
------------------------------------------------------------
revno: 5104
committer: Georgi Kodinov <email address hidden>
branch nick: mysql-5.6
timestamp: Fri 2013-05-10 11:19:05 +0300
message:
Addendum 2 to BUG#16241992
Re-introduced the allocation handling calls around change_user to fix valgrind failures.
------------------------------------------------------------
revno: 5103
committer: Georgi Kodinov <email address hidden>
branch nick: mysql-5.6
timestamp: Fri 2013-05-10 10:25:32 +0300
message:
Addendum 2 to BUG#16241992
Re-added missing free() calls after a successful change user.
------------------------------------------------------------
revno: 5101
committer: Georgi Kodinov <email address hidden>
branch nick: B16241992-5.6
timestamp: Thu 2013-05-09 12:07:07 +0300
message: Bug #16241992
A COM_CHANGE_USER failure costs very little and
is not a subject to the same accounting a login failure
is. This creates an unfair advantage over the ordinary
login process.
Fixed by making COM_CHANGE_USER failing to login
poison the connection (using an unique error number)
and cause disptatch_command() to exit with an error
instead of reverting back to the previous credentials.
Test cases updated.
Upstream fix revisions in 5.6:
5.6$ bzr log -n0 -m 16241992 ------- ------- ------- ------- ------- ------- ------- ---- ------- ------- ------- ------- ------- ------- ------- ---- ------- ------- ------- ------- ------- ------- ------- ----
-------
revno: 5104
committer: Georgi Kodinov <email address hidden>
branch nick: mysql-5.6
timestamp: Fri 2013-05-10 11:19:05 +0300
message:
Addendum 2 to BUG#16241992
Re-introduced the allocation handling calls around change_user to fix valgrind failures.
-------
revno: 5103
committer: Georgi Kodinov <email address hidden>
branch nick: mysql-5.6
timestamp: Fri 2013-05-10 10:25:32 +0300
message:
Addendum 2 to BUG#16241992
Re-added missing free() calls after a successful change user.
-------
revno: 5101
committer: Georgi Kodinov <email address hidden>
branch nick: B16241992-5.6
timestamp: Thu 2013-05-09 12:07:07 +0300
message:
Bug #16241992
A COM_CHANGE_USER failure costs very little and
is not a subject to the same accounting a login failure
is. This creates an unfair advantage over the ordinary
login process.
Fixed by making COM_CHANGE_USER failing to login
poison the connection (using an unique error number)
and cause disptatch_command() to exit with an error
instead of reverting back to the previous credentials.
Test cases updated.