List:Commits« Previous MessageNext Message »
From:Sergey Glukhov Date:June 2 2009 11:45am
Subject:bzr commit into mysql-5.0-bugteam branch (Sergey.Glukhov:2764)
Bug#44798
View as plain text  
#At file:///home/gluh/MySQL/mysql-5.0-bug-44798/ based on revid:sergey.glukhov@stripped

 2764 Sergey Glukhov	2009-06-02
      Bug#44798 MySQL engine crashes when creating stored procedures with execute_priv=N
      The crash happens because of uninitialized
      lex->ssl_cipher, lex->x509_subject, lex->x509_issuer variables.
      The fix is to add initialization of these variables for
      stored procedures&functions.
     @ mysql-test/r/sp_notembedded.result
        test result
     @ mysql-test/t/sp_notembedded.test
        test case
     @ sql/sql_acl.cc
        The crash happens because of uninitialized
        lex->ssl_cipher, lex->x509_subject, lex->x509_issuer variables.
        The fix is to add initialization of these variables for
        stored procedures&functions.

    modified:
      mysql-test/r/sp_notembedded.result
      mysql-test/t/sp_notembedded.test
      sql/sql_acl.cc
=== modified file 'mysql-test/r/sp_notembedded.result'
--- a/mysql-test/r/sp_notembedded.result	2006-10-04 11:09:37 +0000
+++ b/mysql-test/r/sp_notembedded.result	2009-06-02 09:45:33 +0000
@@ -219,3 +219,10 @@ GRANT ALL PRIVILEGES ON *.* TO 'root'@'l
 drop user mysqltest_1@localhost;
 drop procedure 15298_1;
 drop procedure 15298_2;
+INSERT INTO mysql.user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, Execute_priv, Repl_slave_priv, Repl_client_priv, Create_view_priv, Show_view_priv, Create_routine_priv, Alter_routine_priv, Create_user_priv, ssl_type, ssl_cipher, x509_issuer, x509_subject, max_questions, max_updates, max_connections, max_user_connections) 
+VALUES('%', 'mysqltest_1', password(''), 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', '', '', '', '', '0', '0', '0', '0');
+FLUSH PRIVILEGES;
+CREATE PROCEDURE p1(i INT) BEGIN END;
+DROP PROCEDURE p1;
+DELETE FROM mysql.user WHERE User='mysqltest_1';
+FLUSH PRIVILEGES;

=== modified file 'mysql-test/t/sp_notembedded.test'
--- a/mysql-test/t/sp_notembedded.test	2009-03-03 20:34:18 +0000
+++ b/mysql-test/t/sp_notembedded.test	2009-06-02 09:45:33 +0000
@@ -292,6 +292,22 @@ drop user mysqltest_1@localhost;
 drop procedure 15298_1;
 drop procedure 15298_2;
 
+#
+# Bug#44798 MySQL engine crashes when creating stored procedures with execute_priv=N
+#
+INSERT INTO mysql.user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, Execute_priv, Repl_slave_priv, Repl_client_priv, Create_view_priv, Show_view_priv, Create_routine_priv, Alter_routine_priv, Create_user_priv, ssl_type, ssl_cipher, x509_issuer, x509_subject, max_questions, max_updates, max_connections, max_user_connections) 
+VALUES('%', 'mysqltest_1', password(''), 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', 'Y', 'Y', 'N', '', '', '', '', '0', '0', '0', '0');
+FLUSH PRIVILEGES;
+
+connect (con1, localhost, mysqltest_1,,);
+connection con1;
+CREATE PROCEDURE p1(i INT) BEGIN END;
+disconnect con1;
+connection default;
+DROP PROCEDURE p1;
+
+DELETE FROM mysql.user WHERE User='mysqltest_1';
+FLUSH PRIVILEGES;
+
 # Wait till all disconnects are completed
 --source include/wait_until_count_sessions.inc
-

=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc	2009-03-27 05:19:50 +0000
+++ b/sql/sql_acl.cc	2009-06-02 09:45:33 +0000
@@ -5911,6 +5911,7 @@ int sp_grant_privileges(THD *thd, const 
     DBUG_RETURN(TRUE);
 
   thd->lex->ssl_type= SSL_TYPE_NOT_SPECIFIED;
+  thd->lex->ssl_cipher= thd->lex->x509_subject= thd->lex->x509_issuer= 0;
   bzero((char*) &thd->lex->mqh, sizeof(thd->lex->mqh));
 
   result= mysql_routine_grant(thd, tables, is_proc, user_list,


Attachment: [text/bzr-bundle] bzr/sergey.glukhov@sun.com-20090602094533-o0pmg80y5v5p3fel.bundle
Thread
bzr commit into mysql-5.0-bugteam branch (Sergey.Glukhov:2764)Bug#44798Sergey Glukhov2 Jun