List:Commits« Previous MessageNext Message »
From:tim Date:February 23 2008 12:56am
Subject:bk commit into 5.1 tree (tsmith:1.2541) BUG#34053
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of tsmith.  When tsmith does a push these changes
will be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2008-02-22 16:56:34-07:00, tsmith@stripped +3 -0
  Bug #34053: normal users can enable innodb_monitor logging
  
  The check_global_access() function was made available to InnoDB, but
  was not defined in the embedded server library.  InnoDB, as a plugin,
  is not recompiled when the embedded server is built.  This caused a
  link failure when compiling applications which use the embedded server.
  
  The fix here is to always define check_global_access() externally; in
  the embedded server case, it is defined to just return OK.
  
  Also, don't run the test case for this bug in embedded server.

  mysql-test/t/innodb_bug34053.test@stripped, 2008-02-22 16:56:14-07:00,
tsmith@stripped +1 -0
    Disable this test on embedded server - it tests privilege
    checks which are not in place there.

  sql/mysql_priv.h@stripped, 2008-02-22 16:56:14-07:00, tsmith@stripped +0 -5
    Since check_global_access() may be used from some storage engine plugins
    (InnoDB, currently), and the plugins are not recompiled for the embedded
    server, it must be defined externally even for NO_EMBEDDED_ACCESS_CHECKS.

  sql/sql_parse.cc@stripped, 2008-02-22 16:56:14-07:00, tsmith@stripped +33 -29
    Since check_global_access() may be used from some storage engine plugins
    (InnoDB, currently), and the plugins are not recompiled for the embedded
    server, it must be defined externally even for NO_EMBEDDED_ACCESS_CHECKS.

diff -Nrup a/mysql-test/t/innodb_bug34053.test b/mysql-test/t/innodb_bug34053.test
--- a/mysql-test/t/innodb_bug34053.test	2008-02-18 19:11:26 -07:00
+++ b/mysql-test/t/innodb_bug34053.test	2008-02-22 16:56:14 -07:00
@@ -2,6 +2,7 @@
 # Make sure http://bugs.mysql.com/34053 remains fixed.
 #
 
+-- source include/not_embedded.inc
 -- source include/have_innodb.inc
 
 SET storage_engine=InnoDB;
diff -Nrup a/sql/mysql_priv.h b/sql/mysql_priv.h
--- a/sql/mysql_priv.h	2008-02-18 19:11:25 -07:00
+++ b/sql/mysql_priv.h	2008-02-22 16:56:14 -07:00
@@ -1051,12 +1051,7 @@ inline bool check_table_access(THD *thd,
 
 #endif /* MYSQL_SERVER */
 #if defined MYSQL_SERVER || defined INNODB_COMPATIBILITY_HOOKS
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
 bool check_global_access(THD *thd, ulong want_access);
-#else
-inline bool check_global_access(THD *thd, ulong want_access)
-{ return false; }
-#endif /*NO_EMBEDDED_ACCESS_CHECKS*/
 #endif /* MYSQL_SERVER || INNODB_COMPATIBILITY_HOOKS */
 #ifdef MYSQL_SERVER
 
diff -Nrup a/sql/sql_parse.cc b/sql/sql_parse.cc
--- a/sql/sql_parse.cc	2008-02-21 06:08:31 -07:00
+++ b/sql/sql_parse.cc	2008-02-22 16:56:14 -07:00
@@ -4989,35 +4989,6 @@ check_access(THD *thd, ulong want_access
 }
 
 
-/**
-  check for global access and give descriptive error message if it fails.
-
-  @param thd			Thread handler
-  @param want_access		Use should have any of these global rights
-
-  @warning
-    One gets access right if one has ANY of the rights in want_access.
-    This is useful as one in most cases only need one global right,
-    but in some case we want to check if the user has SUPER or
-    REPL_CLIENT_ACL rights.
-
-  @retval
-    0	ok
-  @retval
-    1	Access denied.  In this case an error is sent to the client
-*/
-
-bool check_global_access(THD *thd, ulong want_access)
-{
-  char command[128];
-  if ((thd->security_ctx->master_access & want_access))
-    return 0;
-  get_privilege_desc(command, sizeof(command), want_access);
-  my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
-  return 1;
-}
-
-
 static bool check_show_access(THD *thd, TABLE_LIST *table)
 {
   switch (get_schema_table_idx(table->schema_table)) {
@@ -5259,6 +5230,39 @@ bool check_some_access(THD *thd, ulong w
 }
 
 #endif /*NO_EMBEDDED_ACCESS_CHECKS*/
+
+
+/**
+  check for global access and give descriptive error message if it fails.
+
+  @param thd			Thread handler
+  @param want_access		Use should have any of these global rights
+
+  @warning
+    One gets access right if one has ANY of the rights in want_access.
+    This is useful as one in most cases only need one global right,
+    but in some case we want to check if the user has SUPER or
+    REPL_CLIENT_ACL rights.
+
+  @retval
+    0	ok
+  @retval
+    1	Access denied.  In this case an error is sent to the client
+*/
+
+bool check_global_access(THD *thd, ulong want_access)
+{
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+  char command[128];
+  if ((thd->security_ctx->master_access & want_access))
+    return 0;
+  get_privilege_desc(command, sizeof(command), want_access);
+  my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
+  return 1;
+#else
+  return 0;
+#endif
+}
 
 /****************************************************************************
 	Check stack size; Send error if there isn't enough stack to continue
Thread
bk commit into 5.1 tree (tsmith:1.2541) BUG#34053tim23 Feb 2008