From f06c34f66ca0c8afa97980f34f462809cb531470 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Wed, 27 Sep 2017 10:28:01 +0300 Subject: [PATCH 1/4] MXS-1456: Fix crash on empty script value If a script variable resolves to an empty string, the replacement attempt will fail with an out-of-memory error. The following realloc call will fail as it requires a positive value for the new size. --- server/core/externcmd.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/server/core/externcmd.c b/server/core/externcmd.c index 874a41570..664c2d9a0 100644 --- a/server/core/externcmd.c +++ b/server/core/externcmd.c @@ -220,10 +220,12 @@ bool externcmd_substitute_arg(EXTERNCMD* cmd, const char* match, const char* rep size_t size_orig = strlen(cmd->argv[i]); size_t size_replace = strlen(replace); size_t size = MXS_MAX(size_orig, size_replace); - char* dest = MXS_MALLOC(size); - if (dest) + char* dest; + + if (size && (dest = MXS_MALLOC(size))) { mxs_pcre2_result_t rc = mxs_pcre2_substitute(re, cmd->argv[i], replace, &dest, &size); + switch (rc) { case MXS_PCRE2_ERROR: From c1a70084798746b5856735bdd39403779341c9ce Mon Sep 17 00:00:00 2001 From: Johan Wikman Date: Wed, 27 Sep 2017 12:33:50 +0300 Subject: [PATCH 2/4] MXS-1449 Sort case statements Faster to later check for something specific. --- server/modules/filter/dbfwfilter/dbfwfilter.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/server/modules/filter/dbfwfilter/dbfwfilter.c b/server/modules/filter/dbfwfilter/dbfwfilter.c index 274b7a834..5625e25f3 100644 --- a/server/modules/filter/dbfwfilter/dbfwfilter.c +++ b/server/modules/filter/dbfwfilter/dbfwfilter.c @@ -2308,13 +2308,13 @@ static bool command_is_mandatory(const GWBUF *buffer) { switch (MYSQL_GET_COMMAND((uint8_t*)GWBUF_DATA(buffer))) { - case MYSQL_COM_QUIT: - case MYSQL_COM_PING: case MYSQL_COM_CHANGE_USER: - case MYSQL_COM_SET_OPTION: case MYSQL_COM_FIELD_LIST: - case MYSQL_COM_PROCESS_KILL: + case MYSQL_COM_PING: case MYSQL_COM_PROCESS_INFO: + case MYSQL_COM_PROCESS_KILL: + case MYSQL_COM_QUIT: + case MYSQL_COM_SET_OPTION: return true; default: From 23fb0bf92824d098ad89d7f2372e2f6e2913703c Mon Sep 17 00:00:00 2001 From: Johan Wikman Date: Wed, 27 Sep 2017 12:45:54 +0300 Subject: [PATCH 3/4] MXS-1449 Firewall: Allow 'USE ' When the database firewall filter is used in white-list mode, 'USE ' should be allowed. When connecting, it is always possible to specify the database anyway so restricting 'USE ' serves no purpose. --- Documentation/Filters/Database-Firewall-Filter.md | 9 +++++---- server/modules/filter/dbfwfilter/dbfwfilter.c | 1 + 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Documentation/Filters/Database-Firewall-Filter.md b/Documentation/Filters/Database-Firewall-Filter.md index 412fe0c93..0105aa05d 100644 --- a/Documentation/Filters/Database-Firewall-Filter.md +++ b/Documentation/Filters/Database-Firewall-Filter.md @@ -51,13 +51,14 @@ all matching queries, or `ignore` which allows all queries to proceed. The following statement types will always be allowed through when `action` is set to `allow`: - - COM_QUIT: Client closes connection - - COM_PING: Server is pinged - COM_CHANGE_USER: The user is changed for an active connection - - COM_SET_OPTION: Client multi-statements are being configured - COM_FIELD_LIST: Alias for the `SHOW TABLES;` query - - COM_PROCESS_KILL: Alias for `KILL ;` query + - COM_INIT_DB: Alias for `USE ;` + - COM_PING: Server is pinged - COM_PROCESS_INFO: Alias for `SHOW PROCESSLIST;` + - COM_PROCESS_KILL: Alias for `KILL ;` query + - COM_QUIT: Client closes connection + - COM_SET_OPTION: Client multi-statements are being configured You can have both blacklist and whitelist functionality by configuring one filter with `action=allow` and another one with `action=block`. You can then use diff --git a/server/modules/filter/dbfwfilter/dbfwfilter.c b/server/modules/filter/dbfwfilter/dbfwfilter.c index 5625e25f3..c5cd6a40b 100644 --- a/server/modules/filter/dbfwfilter/dbfwfilter.c +++ b/server/modules/filter/dbfwfilter/dbfwfilter.c @@ -2310,6 +2310,7 @@ static bool command_is_mandatory(const GWBUF *buffer) { case MYSQL_COM_CHANGE_USER: case MYSQL_COM_FIELD_LIST: + case MYSQL_COM_INIT_DB: case MYSQL_COM_PING: case MYSQL_COM_PROCESS_INFO: case MYSQL_COM_PROCESS_KILL: From e97f26f170b9348d7c8508d20e6ca5f1e8346660 Mon Sep 17 00:00:00 2001 From: Johan Wikman Date: Wed, 27 Sep 2017 12:52:57 +0300 Subject: [PATCH 4/4] Add MaxScale 2.1.10 release notes Update change log and upgrading as well. --- Documentation/Changelog.md | 1 + .../MaxScale-2.1.10-Release-Notes.md | 47 +++++++++++++++++++ .../Upgrading/Upgrading-To-MaxScale-2.1.md | 21 +++++---- 3 files changed, 59 insertions(+), 10 deletions(-) create mode 100644 Documentation/Release-Notes/MaxScale-2.1.10-Release-Notes.md diff --git a/Documentation/Changelog.md b/Documentation/Changelog.md index 9ad2c4348..faa61c742 100644 --- a/Documentation/Changelog.md +++ b/Documentation/Changelog.md @@ -21,6 +21,7 @@ * MaxScale now supports IPv6 For more details, please refer to: +* [MariaDB MaxScale 2.1.10 Release Notes](Release-Notes/MaxScale-2.1.10-Release-Notes.md) * [MariaDB MaxScale 2.1.9 Release Notes](Release-Notes/MaxScale-2.1.9-Release-Notes.md) * [MariaDB MaxScale 2.1.8 Release Notes](Release-Notes/MaxScale-2.1.8-Release-Notes.md) * [MariaDB MaxScale 2.1.7 Release Notes](Release-Notes/MaxScale-2.1.7-Release-Notes.md) diff --git a/Documentation/Release-Notes/MaxScale-2.1.10-Release-Notes.md b/Documentation/Release-Notes/MaxScale-2.1.10-Release-Notes.md new file mode 100644 index 000000000..49f3c4660 --- /dev/null +++ b/Documentation/Release-Notes/MaxScale-2.1.10-Release-Notes.md @@ -0,0 +1,47 @@ +# MariaDB MaxScale 2.1.10 Release Notes + +Release 2.1.10 is a GA release. + +This document describes the changes in release 2.1.10, when compared +to release [2.1.9](MaxScale-2.1.9-Release-Notes.md). + +If you are upgrading from release 2.0, please also read the following +release notes: + +* [2.1.9](./MaxScale-2.1.9-Release-Notes.md) +* [2.1.8](./MaxScale-2.1.8-Release-Notes.md) +* [2.1.7](./MaxScale-2.1.7-Release-Notes.md) +* [2.1.6](./MaxScale-2.1.6-Release-Notes.md) +* [2.1.5](./MaxScale-2.1.5-Release-Notes.md) +* [2.1.4](./MaxScale-2.1.4-Release-Notes.md) +* [2.1.3](./MaxScale-2.1.3-Release-Notes.md) +* [2.1.2](./MaxScale-2.1.2-Release-Notes.md) +* [2.1.1](./MaxScale-2.1.1-Release-Notes.md) +* [2.1.0](./MaxScale-2.1.0-Release-Notes.md) + +For any problems you encounter, please consider submitting a bug report at +[Jira](https://jira.mariadb.org). + +## Bug fixes + +[Here is a list of bugs fixed in MaxScale 2.1.10.](https://jira.mariadb.org/issues/?jql=project%20%3D%20MXS%20AND%20issuetype%20%3D%20Bug%20AND%20status%20%3D%20Closed%20AND%20fixVersion%20%3D%202.1.10) + +* [MXS-1456](https://jira.mariadb.org/browse/MXS-1456) OOM when script variable is empty +* [MXS-1451](https://jira.mariadb.org/browse/MXS-1451) Password is not stored with skip_authentication=true +* [MXS-1450](https://jira.mariadb.org/browse/MXS-1450) Maxadmin commands with a leading space are silently ignored +* [MXS-1449](https://jira.mariadb.org/browse/MXS-1449) Database change not allowed + +## Packaging + +RPM and Debian packages are provided for the Linux distributions supported by +MariaDB Enterprise. + +Packages can be downloaded [here](https://mariadb.com/resources/downloads). + +## Source Code + +The source code of MaxScale is tagged at GitHub with a tag, which is identical +with the version of MaxScale. For instance, the tag of version X.Y.Z of MaxScale +is maxscale-X.Y.Z. + +The source code is available [here](https://github.com/mariadb-corporation/MaxScale). diff --git a/Documentation/Upgrading/Upgrading-To-MaxScale-2.1.md b/Documentation/Upgrading/Upgrading-To-MaxScale-2.1.md index a8095ec1f..e311e047e 100644 --- a/Documentation/Upgrading/Upgrading-To-MaxScale-2.1.md +++ b/Documentation/Upgrading/Upgrading-To-MaxScale-2.1.md @@ -7,16 +7,17 @@ For more information about MariaDB MaxScale 2.1, please refer to the [ChangeLog](../Changelog.md). For a complete list of changes in MaxScale 2.1, refer to the -[MaxScale 2.1.9 Release Notes](../Release-Notes/MaxScale-2.1.9-Release-Notes.md). -[MaxScale 2.1.8 Release Notes](../Release-Notes/MaxScale-2.1.8-Release-Notes.md). -[MaxScale 2.1.7 Release Notes](../Release-Notes/MaxScale-2.1.7-Release-Notes.md). -[MaxScale 2.1.6 Release Notes](../Release-Notes/MaxScale-2.1.6-Release-Notes.md). -[MaxScale 2.1.5 Release Notes](../Release-Notes/MaxScale-2.1.5-Release-Notes.md). -[MaxScale 2.1.4 Release Notes](../Release-Notes/MaxScale-2.1.4-Release-Notes.md). -[MaxScale 2.1.3 Release Notes](../Release-Notes/MaxScale-2.1.3-Release-Notes.md). -[MaxScale 2.1.2 Release Notes](../Release-Notes/MaxScale-2.1.2-Release-Notes.md). -[MaxScale 2.1.1 Release Notes](../Release-Notes/MaxScale-2.1.1-Release-Notes.md). -[MaxScale 2.1.0 Release Notes](../Release-Notes/MaxScale-2.1.0-Release-Notes.md). +* [MaxScale 2.1.10 Release Notes](../Release-Notes/MaxScale-2.1.10-Release-Notes.md) +* [MaxScale 2.1.9 Release Notes](../Release-Notes/MaxScale-2.1.9-Release-Notes.md). +* [MaxScale 2.1.8 Release Notes](../Release-Notes/MaxScale-2.1.8-Release-Notes.md). +* [MaxScale 2.1.7 Release Notes](../Release-Notes/MaxScale-2.1.7-Release-Notes.md). +* [MaxScale 2.1.6 Release Notes](../Release-Notes/MaxScale-2.1.6-Release-Notes.md). +* [MaxScale 2.1.5 Release Notes](../Release-Notes/MaxScale-2.1.5-Release-Notes.md). +* [MaxScale 2.1.4 Release Notes](../Release-Notes/MaxScale-2.1.4-Release-Notes.md). +* [MaxScale 2.1.3 Release Notes](../Release-Notes/MaxScale-2.1.3-Release-Notes.md). +* [MaxScale 2.1.2 Release Notes](../Release-Notes/MaxScale-2.1.2-Release-Notes.md). +* [MaxScale 2.1.1 Release Notes](../Release-Notes/MaxScale-2.1.1-Release-Notes.md). +* [MaxScale 2.1.0 Release Notes](../Release-Notes/MaxScale-2.1.0-Release-Notes.md). ## Installation