Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
506c6eb9
Commit
506c6eb9
authored
Sep 21, 2005
by
bell@sanja.is.com.ua
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
postmerge fixes
parent
3f66053a
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
36 additions
and
49 deletions
+36
-49
libmysqld/lib_sql.cc
libmysqld/lib_sql.cc
+1
-1
sql/item_func.cc
sql/item_func.cc
+28
-42
sql/item_func.h
sql/item_func.h
+2
-1
sql/sql_parse.cc
sql/sql_parse.cc
+5
-5
No files found.
libmysqld/lib_sql.cc
View file @
506c6eb9
...
@@ -532,7 +532,7 @@ err:
...
@@ -532,7 +532,7 @@ err:
int
check_embedded_connection
(
MYSQL
*
mysql
)
int
check_embedded_connection
(
MYSQL
*
mysql
)
{
{
THD
*
thd
=
(
THD
*
)
mysql
->
thd
;
THD
*
thd
=
(
THD
*
)
mysql
->
thd
;
st_s
ecurity_context
*
sctx
=
thd
->
security_ctx
;
S
ecurity_context
*
sctx
=
thd
->
security_ctx
;
sctx
->
host_or_ip
=
sctx
->
host
=
(
char
*
)
my_localhost
;
sctx
->
host_or_ip
=
sctx
->
host
=
(
char
*
)
my_localhost
;
sctx
->
priv_user
=
sctx
->
user
=
my_strdup
(
mysql
->
user
,
MYF
(
0
));
sctx
->
priv_user
=
sctx
->
user
=
my_strdup
(
mysql
->
user
,
MYF
(
0
));
return
check_user
(
thd
,
COM_CONNECT
,
NULL
,
0
,
thd
->
db
,
true
);
return
check_user
(
thd
,
COM_CONNECT
,
NULL
,
0
,
thd
->
db
,
true
);
...
...
sql/item_func.cc
View file @
506c6eb9
...
@@ -4711,21 +4711,11 @@ Item_func_sp::execute(Item **itp)
...
@@ -4711,21 +4711,11 @@ Item_func_sp::execute(Item **itp)
THD
*
thd
=
current_thd
;
THD
*
thd
=
current_thd
;
int
res
=
-
1
;
int
res
=
-
1
;
Sub_statement_state
statement_state
;
Sub_statement_state
statement_state
;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
Security_context
*
save_ctx
;
Security_context
*
save_ctx
;
#endif
if
(
!
m_sp
&&
!
(
m_sp
=
sp_find_function
(
thd
,
m_name
,
TRUE
)))
if
(
find_and_check_access
(
thd
,
EXECUTE_ACL
,
&
save_ctx
))
{
my_error
(
ER_SP_DOES_NOT_EXIST
,
MYF
(
0
),
"FUNCTION"
,
m_name
->
m_qname
.
str
);
goto
error
;
goto
error
;
}
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if
(
check_access
(
EXECUTE_ACL
,
0
,
&
save_ctx
))
goto
error
;
#endif
/*
/*
Disable the binlogging if this is not a SELECT statement. If this is a
Disable the binlogging if this is not a SELECT statement. If this is a
SELECT, leave binlogging on, so execute_function() code writes the
SELECT, leave binlogging on, so execute_function() code writes the
...
@@ -4734,7 +4724,7 @@ Item_func_sp::execute(Item **itp)
...
@@ -4734,7 +4724,7 @@ Item_func_sp::execute(Item **itp)
thd
->
reset_sub_statement_state
(
&
statement_state
,
SUB_STMT_FUNCTION
);
thd
->
reset_sub_statement_state
(
&
statement_state
,
SUB_STMT_FUNCTION
);
res
=
m_sp
->
execute_function
(
thd
,
args
,
arg_count
,
itp
);
res
=
m_sp
->
execute_function
(
thd
,
args
,
arg_count
,
itp
);
thd
->
restore_sub_statement_state
(
&
statement_state
);
thd
->
restore_sub_statement_state
(
&
statement_state
);
if
(
res
&&
mysql_bin_log
.
is_open
()
&&
if
(
res
&&
mysql_bin_log
.
is_open
()
&&
(
m_sp
->
m_chistics
->
daccess
==
SP_CONTAINS_SQL
||
(
m_sp
->
m_chistics
->
daccess
==
SP_CONTAINS_SQL
||
m_sp
->
m_chistics
->
daccess
==
SP_MODIFIES_SQL_DATA
))
m_sp
->
m_chistics
->
daccess
==
SP_MODIFIES_SQL_DATA
))
...
@@ -4851,71 +4841,67 @@ Item_func_sp::tmp_table_field(TABLE *t_arg)
...
@@ -4851,71 +4841,67 @@ Item_func_sp::tmp_table_field(TABLE *t_arg)
DBUG_RETURN
(
res
);
DBUG_RETURN
(
res
);
}
}
/*
/*
Check access rigths to
function
Find the function and chack access rigths to the
function
SYNOPSIS
SYNOPSIS
check_access()
find_and_check_access()
thd thread handler
want_access requested access
want_access requested access
report_error whether to set error to thd->net.report_error
backup backup of security context or 0
sp_ctx sp security context for switching
RETURN
RETURN
0
Access granted
FALSE
Access granted
1
Requested access can't be granted or function doesn't exists
TRUE
Requested access can't be granted or function doesn't exists
NOTES
NOTES
Checks if requested access to function can be granted to user.
Checks if requested access to function can be granted to user.
If function isn't found yet, it searches function first.
If function isn't found yet, it searches function first.
If function can't be found or user don't have requested access
If function can't be found or user don't have requested access
and report_error is true
error is raised.
error is raised.
If security context sp_ctx is provided and access can be granted then
If security context sp_ctx is provided and access can be granted then
switch back to previous context isn't performed.
switch back to previous context isn't performed.
In case of access error or if context is not provided then
check_access()
In case of access error or if context is not provided then
switches back to previous security context.
find_and_check_access()
switches back to previous security context.
*/
*/
bool
bool
Item_func_sp
::
check_access
(
ulong
want_access
,
bool
report_error
,
st_sp_security_context
*
sp_ctx
)
Item_func_sp
::
find_and_check_access
(
THD
*
thd
,
ulong
want_access
,
Security_context
**
backup
)
{
{
bool
res
;
bool
res
;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
Security_context
*
local_save
,
THD
*
thd
=
current_thd
;
**
save
=
(
backup
?
backup
:
&
local_save
);
st_sp_security_context
save_ctx
,
*
curr_ctx
=
sp_ctx
?
sp_ctx
:&
save_ctx
;
res
=
TRUE
;
bool
ctx_switched
=
0
;
res
=
1
;
if
(
!
m_sp
&&
!
(
m_sp
=
sp_find_function
(
thd
,
m_name
,
TRUE
)))
if
(
!
m_sp
&&
!
(
m_sp
=
sp_find_function
(
thd
,
m_name
,
TRUE
)))
{
{
my_error
(
ER_SP_DOES_NOT_EXIST
,
MYF
(
0
),
"FUNCTION"
,
m_name
->
m_qname
.
str
);
my_error
(
ER_SP_DOES_NOT_EXIST
,
MYF
(
0
),
"FUNCTION"
,
m_name
->
m_qname
.
str
);
if
(
report_error
)
thd
->
net
.
report_error
=
1
;
goto
error
;
goto
error
;
}
}
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if
(
check_routine_access
(
thd
,
want_access
,
if
(
check_routine_access
(
thd
,
want_access
,
m_sp
->
m_db
.
str
,
m_sp
->
m_name
.
str
,
0
,
0
))
m_sp
->
m_db
.
str
,
m_sp
->
m_name
.
str
,
0
,
FALSE
))
{
{
if
(
report_error
)
thd
->
net
.
report_error
=
1
;
goto
error
;
goto
error
;
}
}
sp_change_security_context
(
thd
,
m_sp
,
curr_ctx
);
sp_change_security_context
(
thd
,
m_sp
,
save
);
ctx_switched
=
curr_ctx
->
changed
;
if
(
*
save
&&
if
(
curr_ctx
->
changed
&&
check_routine_access
(
thd
,
want_access
,
check_routine_access
(
thd
,
want_access
,
m_sp
->
m_db
.
str
,
m_sp
->
m_name
.
str
,
0
,
0
))
m_sp
->
m_db
.
str
,
m_sp
->
m_name
.
str
,
0
,
FALSE
))
{
{
if
(
report_error
)
thd
->
net
.
report_error
=
1
;
goto
error_check_ctx
;
goto
error_check_ctx
;
}
}
res
=
0
;
res
=
FALSE
;
error_check_ctx:
error_check_ctx:
if
(
ctx_switched
&&
(
res
||
!
sp_ctx
))
if
(
*
save
&&
(
res
||
!
backup
))
sp_restore_security_context
(
thd
,
m_sp
,
curr_ctx
);
sp_restore_security_context
(
thd
,
local_save
);
error:
error:
#else
#else
res
=
0
;
res
=
0
;
error:
#endif
#endif
return
res
;
return
res
;
};
};
...
@@ -4926,7 +4912,7 @@ Item_func_sp::fix_fields(THD *thd, Item **ref)
...
@@ -4926,7 +4912,7 @@ Item_func_sp::fix_fields(THD *thd, Item **ref)
bool
res
;
bool
res
;
DBUG_ASSERT
(
fixed
==
0
);
DBUG_ASSERT
(
fixed
==
0
);
res
=
Item_func
::
fix_fields
(
thd
,
ref
);
res
=
Item_func
::
fix_fields
(
thd
,
ref
);
if
(
!
res
&&
check_access
(
EXECUTE_ACL
,
1
,
NULL
))
if
(
!
res
&&
find_and_check_access
(
thd
,
EXECUTE_ACL
,
NULL
))
res
=
1
;
res
=
1
;
return
res
;
return
res
;
}
}
sql/item_func.h
View file @
506c6eb9
...
@@ -1435,7 +1435,8 @@ public:
...
@@ -1435,7 +1435,8 @@ public:
{
context
=
(
Name_resolution_context
*
)
cntx
;
return
FALSE
;
}
{
context
=
(
Name_resolution_context
*
)
cntx
;
return
FALSE
;
}
void
fix_length_and_dec
();
void
fix_length_and_dec
();
bool
check_access
(
ulong
want_access
,
bool
report_error
,
st_sp_security_context
*
sp_ctx
);
bool
find_and_check_access
(
THD
*
thd
,
ulong
want_access
,
Security_context
**
backup
);
virtual
enum
Functype
functype
()
const
{
return
FUNC_SP
;
}
virtual
enum
Functype
functype
()
const
{
return
FUNC_SP
;
}
bool
fix_fields
(
THD
*
thd
,
Item
**
ref
);
bool
fix_fields
(
THD
*
thd
,
Item
**
ref
);
...
...
sql/sql_parse.cc
View file @
506c6eb9
...
@@ -273,7 +273,7 @@ int check_user(THD *thd, enum enum_server_command command,
...
@@ -273,7 +273,7 @@ int check_user(THD *thd, enum enum_server_command command,
DBUG_ENTER
(
"check_user"
);
DBUG_ENTER
(
"check_user"
);
#ifdef NO_EMBEDDED_ACCESS_CHECKS
#ifdef NO_EMBEDDED_ACCESS_CHECKS
thd
->
ain_security_ctx
.
master_access
=
GLOBAL_ACLS
;
// Full rights
thd
->
m
ain_security_ctx
.
master_access
=
GLOBAL_ACLS
;
// Full rights
/* Change database if necessary */
/* Change database if necessary */
if
(
db
&&
db
[
0
])
if
(
db
&&
db
[
0
])
{
{
...
@@ -4490,10 +4490,10 @@ end_with_restore_list:
...
@@ -4490,10 +4490,10 @@ end_with_restore_list:
mysql_bin_log
.
is_open
())
mysql_bin_log
.
is_open
())
{
{
String
buff
;
String
buff
;
LEX_STRING
command
[
3
]
=
const
LEX_STRING
command
[
3
]
=
{{
STRING_WITH_LEN
(
"CREATE "
)},
{{
(
char
*
)
STRING_WITH_LEN
(
"CREATE "
)},
{
STRING_WITH_LEN
(
"ALTER "
)},
{
(
char
*
)
STRING_WITH_LEN
(
"ALTER "
)},
{
STRING_WITH_LEN
(
"CREATE OR REPLACE "
)}};
{
(
char
*
)
STRING_WITH_LEN
(
"CREATE OR REPLACE "
)}};
thd
->
clear_error
();
thd
->
clear_error
();
buff
.
append
(
command
[
thd
->
lex
->
create_view_mode
].
str
,
buff
.
append
(
command
[
thd
->
lex
->
create_view_mode
].
str
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment