• unknown's avatar
    Bug#28846 Use of undocumented Prepared Statements crashes server · 099be801
    unknown authored
    ALTER VIEW is currently not supported as a prepared statement
    and should be disabled as such as they otherwise could cause server crashes.
    
    ALTER VIEW is currently not supported when called from stored
    procedures or functions for related reasons and should also be disabled.
    
    This patch disables these DDL statements and adjusts the appropriate test
    cases accordingly.
    
    Additional tests has been added to reflect on the fact that we do support
    CREATE/ALTER/DROP TABLE for Prepared Statements (PS), Stored Procedures (SP)
    and PS within SP.
    
    
    mysql-test/r/ps_1general.result:
      - Updated test to reflect on the new policy to disallow ALTER VIEW within SP.
    mysql-test/r/sp-dynamic.result:
      - Added PS ALTER TABLE test from within SP-context to demonstrate that CREATE/ALTER/DROP
      TABLE statements is working.
      - Added PS CREATE/ALTER/DROP VIEW tests from within SP-context to show that
      ALTER VIEW is not supported, CREATE VIEW/DROP VIEW are supported.
    mysql-test/r/sp-error.result:
      - Updated test to reflect on the new policy to disallow VIEW DDL within SP.
    mysql-test/t/ps_1general.test:
      - Updated test to reflect on the new policy to disallow VIEW DDL within SP.
    mysql-test/t/sp-dynamic.test:
      - Add PS ALTER TABLE test from within SP to demonstrate that CREATE/ALTER/DROP
      TABLE statements are supported.
    mysql-test/t/sp-error.test:
      - Updated test to reflect on the new policy to disallow ALTER VIEW
      within SP-context.
      - Changed error code 1314 to the more abstract ER_SP_BADSTATEMENT.
    sql/sql_class.h:
      - Added comment for clarity
    sql/sql_parse.cc:
      - Added comment for clarity
    sql/sql_prepare.cc:
      - Disallow ALTER VIEW as prepared statements until they are
        properly supported. Note that SQLCOM_CREATE_VIEW also handles ALTER VIEW
        statements.
    sql/sql_view.cc:
      - converted to doxygen comments
      - Added comment for clarity
    sql/sql_yacc.yy:
      - Disallow ALTER VIEW statements within a SP.
      If the parser is operating within the SP context, this is shown
      on the sp->sphead pointer. If this flag is set for view DDL operations
      we stop parsing with the error 'ER_SP_BAD_STATEMENT'.
    099be801
sql_prepare.cc 84.8 KB