Commit 3a37745c authored by Arun Kuruvila's avatar Arun Kuruvila

No commit message

No commit message
parent 07fb5cff
/* /*
Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -372,7 +372,7 @@ void Proc_table_intact::report_error(uint code, const char *fmt, ...) ...@@ -372,7 +372,7 @@ void Proc_table_intact::report_error(uint code, const char *fmt, ...)
my_vsnprintf(buf, sizeof(buf), fmt, args); my_vsnprintf(buf, sizeof(buf), fmt, args);
va_end(args); va_end(args);
if (code) if (code == ER_COL_COUNT_DOESNT_MATCH_CORRUPTED)
my_message(code, buf, MYF(0)); my_message(code, buf, MYF(0));
else else
my_error(ER_CANNOT_LOAD_FROM_TABLE, MYF(0), "proc"); my_error(ER_CANNOT_LOAD_FROM_TABLE, MYF(0), "proc");
......
...@@ -168,9 +168,411 @@ TABLE_FIELD_TYPE mysql_db_table_fields[MYSQL_DB_FIELD_COUNT] = { ...@@ -168,9 +168,411 @@ TABLE_FIELD_TYPE mysql_db_table_fields[MYSQL_DB_FIELD_COUNT] = {
} }
}; };
static const
TABLE_FIELD_TYPE mysql_user_table_fields[MYSQL_USER_FIELD_COUNT] = {
{
{ C_STRING_WITH_LEN("Host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("User") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Password") },
{ C_STRING_WITH_LEN("char(41)") },
{ C_STRING_WITH_LEN("latin1") }
},
{
{ C_STRING_WITH_LEN("Select_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Insert_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Update_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Delete_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Drop_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Reload_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Shutdown_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Process_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("File_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Grant_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("References_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Index_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Alter_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Show_db_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Super_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_tmp_table_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Lock_tables_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Execute_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Repl_slave_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Repl_client_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_view_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Show_view_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_routine_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Alter_routine_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_user_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Event_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Trigger_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Create_tablespace_priv") },
{ C_STRING_WITH_LEN("enum('N','Y')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("ssl_type") },
{ C_STRING_WITH_LEN("enum('','ANY','X509','SPECIFIED')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("ssl_cipher") },
{ C_STRING_WITH_LEN("blob") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("x509_issuer") },
{ C_STRING_WITH_LEN("blob") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("x509_subject") },
{ C_STRING_WITH_LEN("blob") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("max_questions") },
{ C_STRING_WITH_LEN("int(11)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("max_updates") },
{ C_STRING_WITH_LEN("int(11)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("max_connections") },
{ C_STRING_WITH_LEN("int(11)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("max_user_connections") },
{ C_STRING_WITH_LEN("int(11)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("plugin") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("authentication_string") },
{ C_STRING_WITH_LEN("text") },
{NULL, 0}
}
};
static const
TABLE_FIELD_TYPE mysql_proxies_priv_table_fields[MYSQL_PROXIES_PRIV_FIELD_COUNT] = {
{
{ C_STRING_WITH_LEN("Host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("User") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Proxied_host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Proxied_user") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("With_grant") },
{ C_STRING_WITH_LEN("tinyint(1)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Grantor") },
{ C_STRING_WITH_LEN("char(77)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Timestamp") },
{ C_STRING_WITH_LEN("timestamp") },
{NULL, 0}
}
};
static const
TABLE_FIELD_TYPE mysql_procs_priv_table_fields[MYSQL_PROCS_PRIV_FIELD_COUNT] = {
{
{ C_STRING_WITH_LEN("Host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Db") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("User") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Routine_name") },
{ C_STRING_WITH_LEN("char(64)") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Routine_type") },
{ C_STRING_WITH_LEN("enum('FUNCTION','PROCEDURE')") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Grantor") },
{ C_STRING_WITH_LEN("char(77)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Proc_priv") },
{ C_STRING_WITH_LEN("set('Execute','Alter Routine','Grant')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Timestamp") },
{ C_STRING_WITH_LEN("timestamp") },
{NULL, 0}
}
};
static const
TABLE_FIELD_TYPE mysql_columns_priv_table_fields[MYSQL_COLUMNS_PRIV_FIELD_COUNT] = {
{
{ C_STRING_WITH_LEN("Host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Db") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("User") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Table_name") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Column_name") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Timestamp") },
{ C_STRING_WITH_LEN("timestamp") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Column_priv") },
{ C_STRING_WITH_LEN("set('Select','Insert','Update','References')") },
{ C_STRING_WITH_LEN("utf8") }
}
};
static const
TABLE_FIELD_TYPE mysql_tables_priv_table_fields[MYSQL_TABLES_PRIV_FIELD_COUNT] = {
{
{ C_STRING_WITH_LEN("Host") },
{ C_STRING_WITH_LEN("char(60)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Db") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("User") },
{ C_STRING_WITH_LEN("char(16)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Table_name") },
{ C_STRING_WITH_LEN("char(64)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Grantor") },
{ C_STRING_WITH_LEN("char(77)") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Timestamp") },
{ C_STRING_WITH_LEN("timestamp") },
{NULL, 0}
},
{
{ C_STRING_WITH_LEN("Table_priv") },
{ C_STRING_WITH_LEN("set('Select','Insert','Update','Delete','Create',"
"'Drop','Grant','References','Index','Alter',"
"'Create View','Show view','Trigger')") },
{ C_STRING_WITH_LEN("utf8") }
},
{
{ C_STRING_WITH_LEN("Column_priv") },
{ C_STRING_WITH_LEN("set('Select','Insert','Update','References')") },
{ C_STRING_WITH_LEN("utf8") }
}
};
const TABLE_FIELD_DEF const TABLE_FIELD_DEF
mysql_db_table_def= {MYSQL_DB_FIELD_COUNT, mysql_db_table_fields}; mysql_db_table_def= {MYSQL_DB_FIELD_COUNT, mysql_db_table_fields};
const TABLE_FIELD_DEF
mysql_user_table_def= {MYSQL_USER_FIELD_COUNT, mysql_user_table_fields};
const TABLE_FIELD_DEF
mysql_proxies_priv_table_def= {MYSQL_PROXIES_PRIV_FIELD_COUNT,
mysql_proxies_priv_table_fields};
const TABLE_FIELD_DEF
mysql_procs_priv_table_def= {MYSQL_PROCS_PRIV_FIELD_COUNT,
mysql_procs_priv_table_fields};
const TABLE_FIELD_DEF
mysql_columns_priv_table_def= {MYSQL_COLUMNS_PRIV_FIELD_COUNT,
mysql_columns_priv_table_fields};
const TABLE_FIELD_DEF
mysql_tables_priv_table_def= {MYSQL_TABLES_PRIV_FIELD_COUNT,
mysql_tables_priv_table_fields};
static LEX_STRING native_password_plugin_name= { static LEX_STRING native_password_plugin_name= {
C_STRING_WITH_LEN("mysql_native_password") C_STRING_WITH_LEN("mysql_native_password")
}; };
...@@ -519,6 +921,36 @@ static uchar* acl_entry_get_key(acl_entry *entry, size_t *length, ...@@ -519,6 +921,36 @@ static uchar* acl_entry_get_key(acl_entry *entry, size_t *length,
return (uchar*) entry->key; return (uchar*) entry->key;
} }
/**
Class to validate the flawlessness of ACL table
before performing ACL operations.
*/
class Acl_table_intact : public Table_check_intact
{
protected:
void report_error(uint code, const char *fmt, ...)
{
va_list args;
va_start(args, fmt);
error_log_print(ERROR_LEVEL, fmt, args);
va_end(args);
if (code)
{
va_start(args, fmt);
if (code == ER_CANNOT_LOAD_FROM_TABLE)
{
char *table_name;
va_arg(args, char *);
table_name= va_arg(args, char *);
my_error(code, MYF(0), table_name);
}
else
my_printv_error(code, ER(code), MYF(0), args);
va_end(args);
}
}
};
#define IP_ADDR_STRLEN (3 + 1 + 3 + 1 + 3 + 1 + 3) #define IP_ADDR_STRLEN (3 + 1 + 3 + 1 + 3 + 1 + 3)
#define ACL_KEY_LENGTH (IP_ADDR_STRLEN + 1 + NAME_LEN + \ #define ACL_KEY_LENGTH (IP_ADDR_STRLEN + 1 + NAME_LEN + \
1 + USERNAME_LENGTH + 1) 1 + USERNAME_LENGTH + 1)
...@@ -548,6 +980,7 @@ static bool update_user_table(THD *thd, TABLE *table, ...@@ -548,6 +980,7 @@ static bool update_user_table(THD *thd, TABLE *table,
static my_bool acl_load(THD *thd, TABLE_LIST *tables); static my_bool acl_load(THD *thd, TABLE_LIST *tables);
static my_bool grant_load(THD *thd, TABLE_LIST *tables); static my_bool grant_load(THD *thd, TABLE_LIST *tables);
static inline void get_grantor(THD *thd, char* grantor); static inline void get_grantor(THD *thd, char* grantor);
/* /*
Enumeration of various ACL's and Hashes used in handle_grant_struct() Enumeration of various ACL's and Hashes used in handle_grant_struct()
*/ */
...@@ -1871,6 +2304,7 @@ bool change_password(THD *thd, const char *host, const char *user, ...@@ -1871,6 +2304,7 @@ bool change_password(THD *thd, const char *host, const char *user,
{ {
TABLE_LIST tables; TABLE_LIST tables;
TABLE *table; TABLE *table;
Acl_table_intact table_intact;
/* Buffer should be extended when password length is extended. */ /* Buffer should be extended when password length is extended. */
char buff[512]; char buff[512];
ulong query_length; ulong query_length;
...@@ -1907,6 +2341,9 @@ bool change_password(THD *thd, const char *host, const char *user, ...@@ -1907,6 +2341,9 @@ bool change_password(THD *thd, const char *host, const char *user,
if (!(table= open_ltable(thd, &tables, TL_WRITE, MYSQL_LOCK_IGNORE_TIMEOUT))) if (!(table= open_ltable(thd, &tables, TL_WRITE, MYSQL_LOCK_IGNORE_TIMEOUT)))
DBUG_RETURN(1); DBUG_RETURN(1);
if (table_intact.check(table, &mysql_user_table_def))
DBUG_RETURN(1);
/* /*
This statement will be replicated as a statement, even when using This statement will be replicated as a statement, even when using
row-based replication. The flag will be reset at the end of the row-based replication. The flag will be reset at the end of the
...@@ -2267,10 +2704,14 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, ...@@ -2267,10 +2704,14 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo,
char what= (revoke_grant) ? 'N' : 'Y'; char what= (revoke_grant) ? 'N' : 'Y';
uchar user_key[MAX_KEY_LENGTH]; uchar user_key[MAX_KEY_LENGTH];
LEX *lex= thd->lex; LEX *lex= thd->lex;
Acl_table_intact table_intact;
DBUG_ENTER("replace_user_table"); DBUG_ENTER("replace_user_table");
mysql_mutex_assert_owner(&acl_cache->lock); mysql_mutex_assert_owner(&acl_cache->lock);
if (table_intact.check(table, &mysql_user_table_def))
goto end;
if (combo.password.str && combo.password.str[0]) if (combo.password.str && combo.password.str[0])
{ {
if (combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH && if (combo.password.length != SCRAMBLED_PASSWORD_CHAR_LENGTH &&
...@@ -2530,6 +2971,7 @@ static int replace_db_table(TABLE *table, const char *db, ...@@ -2530,6 +2971,7 @@ static int replace_db_table(TABLE *table, const char *db,
int error; int error;
char what= (revoke_grant) ? 'N' : 'Y'; char what= (revoke_grant) ? 'N' : 'Y';
uchar user_key[MAX_KEY_LENGTH]; uchar user_key[MAX_KEY_LENGTH];
Acl_table_intact table_intact;
DBUG_ENTER("replace_db_table"); DBUG_ENTER("replace_db_table");
if (!initialized) if (!initialized)
...@@ -2538,6 +2980,9 @@ static int replace_db_table(TABLE *table, const char *db, ...@@ -2538,6 +2980,9 @@ static int replace_db_table(TABLE *table, const char *db,
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
if (table_intact.check(table, &mysql_db_table_def))
DBUG_RETURN(-1);
/* Check if there is such a user in user table in memory? */ /* Check if there is such a user in user table in memory? */
if (!find_acl_user(combo.host.str,combo.user.str, FALSE)) if (!find_acl_user(combo.host.str,combo.user.str, FALSE))
{ {
...@@ -2678,6 +3123,7 @@ replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user, ...@@ -2678,6 +3123,7 @@ replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user,
uchar user_key[MAX_KEY_LENGTH]; uchar user_key[MAX_KEY_LENGTH];
ACL_PROXY_USER new_grant; ACL_PROXY_USER new_grant;
char grantor[USER_HOST_BUFF_SIZE]; char grantor[USER_HOST_BUFF_SIZE];
Acl_table_intact table_intact;
DBUG_ENTER("replace_proxies_priv_table"); DBUG_ENTER("replace_proxies_priv_table");
...@@ -2687,6 +3133,9 @@ replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user, ...@@ -2687,6 +3133,9 @@ replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user,
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
if (table_intact.check(table, &mysql_proxies_priv_table_def))
DBUG_RETURN(-1);
/* Check if there is such a user in user table in memory? */ /* Check if there is such a user in user table in memory? */
if (!find_acl_user(user->host.str,user->user.str, FALSE)) if (!find_acl_user(user->host.str,user->user.str, FALSE))
{ {
...@@ -3090,9 +3539,13 @@ static int replace_column_table(GRANT_TABLE *g_t, ...@@ -3090,9 +3539,13 @@ static int replace_column_table(GRANT_TABLE *g_t,
int result=0; int result=0;
uchar key[MAX_KEY_LENGTH]; uchar key[MAX_KEY_LENGTH];
uint key_prefix_length; uint key_prefix_length;
KEY_PART_INFO *key_part= table->key_info->key_part; KEY_PART_INFO *key_part;
Acl_table_intact table_intact;
DBUG_ENTER("replace_column_table"); DBUG_ENTER("replace_column_table");
if (table_intact.check(table, &mysql_columns_priv_table_def))
DBUG_RETURN(-1);
table->use_all_columns(); table->use_all_columns();
table->field[0]->store(combo.host.str,combo.host.length, table->field[0]->store(combo.host.str,combo.host.length,
system_charset_info); system_charset_info);
...@@ -3104,6 +3557,7 @@ static int replace_column_table(GRANT_TABLE *g_t, ...@@ -3104,6 +3557,7 @@ static int replace_column_table(GRANT_TABLE *g_t,
system_charset_info); system_charset_info);
/* Get length of 4 first key parts */ /* Get length of 4 first key parts */
key_part= table->key_info->key_part;
key_prefix_length= (key_part[0].store_length + key_part[1].store_length + key_prefix_length= (key_part[0].store_length + key_part[1].store_length +
key_part[2].store_length + key_part[3].store_length); key_part[2].store_length + key_part[3].store_length);
key_copy(key, table->record[0], table->key_info, key_prefix_length); key_copy(key, table->record[0], table->key_info, key_prefix_length);
...@@ -3305,8 +3759,12 @@ static int replace_table_table(THD *thd, GRANT_TABLE *grant_table, ...@@ -3305,8 +3759,12 @@ static int replace_table_table(THD *thd, GRANT_TABLE *grant_table,
int error=0; int error=0;
ulong store_table_rights, store_col_rights; ulong store_table_rights, store_col_rights;
uchar user_key[MAX_KEY_LENGTH]; uchar user_key[MAX_KEY_LENGTH];
Acl_table_intact table_intact;
DBUG_ENTER("replace_table_table"); DBUG_ENTER("replace_table_table");
if (table_intact.check(table, &mysql_tables_priv_table_def))
DBUG_RETURN(-1);
get_grantor(thd, grantor); get_grantor(thd, grantor);
/* /*
The following should always succeed as new users are created before The following should always succeed as new users are created before
...@@ -3429,6 +3887,7 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name, ...@@ -3429,6 +3887,7 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name,
int old_row_exists= 1; int old_row_exists= 1;
int error=0; int error=0;
ulong store_proc_rights; ulong store_proc_rights;
Acl_table_intact table_intact;
DBUG_ENTER("replace_routine_table"); DBUG_ENTER("replace_routine_table");
if (!initialized) if (!initialized)
...@@ -3437,6 +3896,9 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name, ...@@ -3437,6 +3896,9 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name,
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
if (table_intact.check(table, &mysql_procs_priv_table_def))
DBUG_RETURN(-1);
get_grantor(thd, grantor); get_grantor(thd, grantor);
/* /*
New users are created before this function is called. New users are created before this function is called.
...@@ -6366,9 +6828,16 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6366,9 +6828,16 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
int result= 0; int result= 0;
int found; int found;
int ret; int ret;
Acl_table_intact table_intact;
DBUG_ENTER("handle_grant_data"); DBUG_ENTER("handle_grant_data");
/* Handle user table. */ /* Handle user table. */
if (table_intact.check(tables[0].table, &mysql_user_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 0, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 0, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch the in-memory array. */ /* Handle of table failed, don't touch the in-memory array. */
...@@ -6393,6 +6862,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6393,6 +6862,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
} }
/* Handle db table. */ /* Handle db table. */
if (table_intact.check(tables[1].table, &mysql_db_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 1, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 1, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch the in-memory array. */ /* Handle of table failed, don't touch the in-memory array. */
...@@ -6417,6 +6892,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6417,6 +6892,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
} }
/* Handle stored routines table. */ /* Handle stored routines table. */
if (table_intact.check(tables[4].table, &mysql_procs_priv_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 4, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 4, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch in-memory array. */ /* Handle of table failed, don't touch in-memory array. */
...@@ -6457,6 +6938,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6457,6 +6938,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
} }
/* Handle tables table. */ /* Handle tables table. */
if (table_intact.check(tables[2].table, &mysql_tables_priv_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 2, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 2, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch columns and in-memory array. */ /* Handle of table failed, don't touch columns and in-memory array. */
...@@ -6473,6 +6960,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6473,6 +6960,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
} }
/* Handle columns table. */ /* Handle columns table. */
if (table_intact.check(tables[3].table, &mysql_columns_priv_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 3, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 3, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch the in-memory array. */ /* Handle of table failed, don't touch the in-memory array. */
...@@ -6493,6 +6986,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, ...@@ -6493,6 +6986,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop,
/* Handle proxies_priv table. */ /* Handle proxies_priv table. */
if (tables[5].table) if (tables[5].table)
{ {
if (table_intact.check(tables[5].table, &mysql_proxies_priv_table_def))
{
result= -1;
goto end;
}
if ((found= handle_grant_table(tables, 5, drop, user_from, user_to)) < 0) if ((found= handle_grant_table(tables, 5, drop, user_from, user_to)) < 0)
{ {
/* Handle of table failed, don't touch the in-memory array. */ /* Handle of table failed, don't touch the in-memory array. */
......
#ifndef SQL_ACL_INCLUDED #ifndef SQL_ACL_INCLUDED
#define SQL_ACL_INCLUDED #define SQL_ACL_INCLUDED
/* Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. /* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -143,6 +143,53 @@ ...@@ -143,6 +143,53 @@
(((A) & ALTER_PROC_ACL) >> 23) | \ (((A) & ALTER_PROC_ACL) >> 23) | \
(((A) & GRANT_ACL) >> 8)) (((A) & GRANT_ACL) >> 8))
enum mysql_user_table_field
{
MYSQL_USER_FIELD_HOST = 0,
MYSQL_USER_FIELD_USER,
MYSQL_USER_FIELD_PASSWORD,
MYSQL_USER_FIELD_SELECT_PRIV,
MYSQL_USER_FIELD_INSERT_PRIV,
MYSQL_USER_FIELD_UPDATE_PRIV,
MYSQL_USER_FIELD_DELETE_PRIV,
MYSQL_USER_FIELD_CREATE_PRIV,
MYSQL_USER_FIELD_DROP_PRIV,
MYSQL_USER_FIELD_RELOAD_PRIV,
MYSQL_USER_FIELD_SHUTDOWN_PRIV,
MYSQL_USER_FIELD_PROCESS_PRIV,
MYSQL_USER_FIELD_FILE_PRIV,
MYSQL_USER_FIELD_GRANT_PRIV,
MYSQL_USER_FIELD_REFERENCES_PRIV,
MYSQL_USER_FIELD_INDEX_PRIV,
MYSQL_USER_FIELD_ALTER_PRIV,
MYSQL_USER_FIELD_SHOW_DB_PRIV,
MYSQL_USER_FIELD_SUPER_PRIV,
MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV,
MYSQL_USER_FIELD_LOCK_TABLES_PRIV,
MYSQL_USER_FIELD_EXECUTE_PRIV,
MYSQL_USER_FIELD_REPL_SLAVE_PRIV,
MYSQL_USER_FIELD_REPL_CLIENT_PRIV,
MYSQL_USER_FIELD_CREATE_VIEW_PRIV,
MYSQL_USER_FIELD_SHOW_VIEW_PRIV,
MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV,
MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV,
MYSQL_USER_FIELD_CREATE_USER_PRIV,
MYSQL_USER_FIELD_EVENT_PRIV,
MYSQL_USER_FIELD_TRIGGER_PRIV,
MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV,
MYSQL_USER_FIELD_SSL_TYPE,
MYSQL_USER_FIELD_SSL_CIPHER,
MYSQL_USER_FIELD_X509_ISSUER,
MYSQL_USER_FIELD_X509_SUBJECT,
MYSQL_USER_FIELD_MAX_QUESTIONS,
MYSQL_USER_FIELD_MAX_UPDATES,
MYSQL_USER_FIELD_MAX_CONNECTIONS,
MYSQL_USER_FIELD_MAX_USER_CONNECTIONS,
MYSQL_USER_FIELD_PLUGIN,
MYSQL_USER_FIELD_AUTHENTICATION_STRING,
MYSQL_USER_FIELD_COUNT
};
enum mysql_db_table_field enum mysql_db_table_field
{ {
MYSQL_DB_FIELD_HOST = 0, MYSQL_DB_FIELD_HOST = 0,
...@@ -170,6 +217,56 @@ enum mysql_db_table_field ...@@ -170,6 +217,56 @@ enum mysql_db_table_field
MYSQL_DB_FIELD_COUNT MYSQL_DB_FIELD_COUNT
}; };
enum mysql_proxies_priv_table_feild
{
MYSQL_PROXIES_PRIV_FIELD_HOST = 0,
MYSQL_PROXIES_PRIV_FIELD_USER,
MYSQL_PROXIES_PRIV_FIELD_PROXIED_HOST,
MYSQL_PROXIES_PRIV_FIELD_PROXIED_USER,
MYSQL_PROXIES_PRIV_FIELD_WITH_GRANT,
MYSQL_PROXIES_PRIV_FIELD_GRANTOR,
MYSQL_PROXIES_PRIV_FIELD_TIMESTAMP,
MYSQL_PROXIES_PRIV_FIELD_COUNT
};
enum mysql_procs_priv_table_field
{
MYSQL_PROCS_PRIV_FIELD_HOST = 0,
MYSQL_PROCS_PRIV_FIELD_DB,
MYSQL_PROCS_PRIV_FIELD_USER,
MYSQL_PROCS_PRIV_FIELD_ROUTINE_NAME,
MYSQL_PROCS_PRIV_FIELD_ROUTINE_TYPE,
MYSQL_PROCS_PRIV_FIELD_GRANTOR,
MYSQL_PROCS_PRIV_FIELD_PROC_PRIV,
MYSQL_PROCS_PRIV_FIELD_TIMESTAMP,
MYSQL_PROCS_PRIV_FIELD_COUNT
};
enum mysql_columns_priv_table_field
{
MYSQL_COLUMNS_PRIV_FIELD_HOST = 0,
MYSQL_COLUMNS_PRIV_FIELD_DB,
MYSQL_COLUMNS_PRIV_FIELD_USER,
MYSQL_COLUMNS_PRIV_FIELD_TABLE_NAME,
MYSQL_COLUMNS_PRIV_FIELD_COLUMN_NAME,
MYSQL_COLUMNS_PRIV_FIELD_TIMESTAMP,
MYSQL_COLUMNS_PRIV_FIELD_COLUMN_PRIV,
MYSQL_COLUMNS_PRIV_FIELD_COUNT
};
enum mysql_tables_priv_table_field
{
MYSQL_TABLES_PRIV_FIELD_HOST = 0,
MYSQL_TABLES_PRIV_FIELD_DB,
MYSQL_TABLES_PRIV_FIELD_USER,
MYSQL_TABLES_PRIV_FIELD_TABLE_NAME,
MYSQL_TABLES_PRIV_FIELD_GRANTOR,
MYSQL_TABLES_PRIV_FIELD_TIMESTAMP,
MYSQL_TABLES_PRIV_FIELD_TABLE_PRIV,
MYSQL_TABLES_PRIV_FIELD_COLUMN_PRIV,
MYSQL_TABLES_PRIV_FIELD_COUNT
};
extern const TABLE_FIELD_DEF mysql_db_table_def; extern const TABLE_FIELD_DEF mysql_db_table_def;
extern bool mysql_user_table_is_in_short_password_format; extern bool mysql_user_table_is_in_short_password_format;
......
/* /*
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
...@@ -2998,11 +2998,7 @@ bool check_column_name(const char *name) ...@@ -2998,11 +2998,7 @@ bool check_column_name(const char *name)
and type) and type)
@retval FALSE OK @retval FALSE OK
@retval TRUE There was an error. An error message is output @retval TRUE There was an error.
to the error log. We do not push an error
message into the error stack because this
function is currently only called at start up,
and such errors never reach the user.
*/ */
bool bool
...@@ -3091,28 +3087,28 @@ Table_check_intact::check(TABLE *table, const TABLE_FIELD_DEF *table_def) ...@@ -3091,28 +3087,28 @@ Table_check_intact::check(TABLE *table, const TABLE_FIELD_DEF *table_def)
if (strncmp(sql_type.c_ptr_safe(), field_def->type.str, if (strncmp(sql_type.c_ptr_safe(), field_def->type.str,
field_def->type.length - 1)) field_def->type.length - 1))
{ {
report_error(0, "Incorrect definition of table %s.%s: " report_error(ER_CANNOT_LOAD_FROM_TABLE, "Incorrect definition of "
"expected column '%s' at position %d to have type " "table %s.%s: expected column '%s' at position %d to "
"%s, found type %s.", table->s->db.str, table->alias, "have type %s, found type %s.", table->s->db.str,
field_def->name.str, i, field_def->type.str, table->alias, field_def->name.str, i, field_def->type.str,
sql_type.c_ptr_safe()); sql_type.c_ptr_safe());
error= TRUE; error= TRUE;
} }
else if (field_def->cset.str && !field->has_charset()) else if (field_def->cset.str && !field->has_charset())
{ {
report_error(0, "Incorrect definition of table %s.%s: " report_error(ER_CANNOT_LOAD_FROM_TABLE, "Incorrect definition of "
"expected the type of column '%s' at position %d " "table %s.%s: expected the type of column '%s' at "
"to have character set '%s' but the type has no " "position %d to have character set '%s' but the type "
"character set.", table->s->db.str, table->alias, "has no character set.", table->s->db.str, table->alias,
field_def->name.str, i, field_def->cset.str); field_def->name.str, i, field_def->cset.str);
error= TRUE; error= TRUE;
} }
else if (field_def->cset.str && else if (field_def->cset.str &&
strcmp(field->charset()->csname, field_def->cset.str)) strcmp(field->charset()->csname, field_def->cset.str))
{ {
report_error(0, "Incorrect definition of table %s.%s: " report_error(ER_CANNOT_LOAD_FROM_TABLE, "Incorrect definition of "
"expected the type of column '%s' at position %d " "table %s.%s: expected the type of column '%s' at "
"to have character set '%s' but found " "position %d to have character set '%s' but found "
"character set '%s'.", table->s->db.str, table->alias, "character set '%s'.", table->s->db.str, table->alias,
field_def->name.str, i, field_def->cset.str, field_def->name.str, i, field_def->cset.str,
field->charset()->csname); field->charset()->csname);
...@@ -3121,11 +3117,11 @@ Table_check_intact::check(TABLE *table, const TABLE_FIELD_DEF *table_def) ...@@ -3121,11 +3117,11 @@ Table_check_intact::check(TABLE *table, const TABLE_FIELD_DEF *table_def)
} }
else else
{ {
report_error(0, "Incorrect definition of table %s.%s: " report_error(ER_CANNOT_LOAD_FROM_TABLE, "Incorrect definition of "
"expected column '%s' at position %d to have type %s " "table %s.%s: expected column '%s' at position %d to "
" but the column is not found.", "have type %s but the column is not found.",
table->s->db.str, table->alias, table->s->db.str, table->alias, field_def->name.str, i,
field_def->name.str, i, field_def->type.str); field_def->type.str);
error= TRUE; error= TRUE;
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment