List:Commits« Previous MessageNext Message »
From:Rafal Somla Date:August 6 2009 1:47pm
Subject:Re: bzr commit into mysql-6.0-backup branch (jorgen.loland:2855)
Bug#43444
View as plain text  
STATUS: Approved.

SUGGESTION: Instead of adding backticks explicitly, use the append_identifier() 
function declared in mysql_priv.h. This should be safer wrt. future changes in 
quoting conventions. Also, I think the way identifiers are quoted depends on SQL 
mode and such. This should be handled correctly by append_identifier().

Rafal

Jorgen Loland wrote:
> #At file:///localhome/jl208045/mysql/mysql-6.0-backup-43444/ based on
> revid:rafal.somla@stripped
> 
>  2855 Jorgen Loland	2009-08-06
>       BUG#43444 - RESTORE confused if image contains grants for 
>       users with certain names.
>       
>       Before, RESTORE got confused if a username or objectname 
>       (table, column etc) had to be quoted for a grant to work. 
>       E.g.: "GRANT SELECT on `db.1`.`table.1` TO ...". This was
>       Partially due to insuffiently sophisticated parsing of 
>       grant strings in the restore code, and partially because
>       these names were not quoted when GRANT was executed as
>       part of RESTORE (i.e., the server rejected the statement).
>       
>       This path removes the parsing done in the restore code as 
>       it is no longer needed, and adds backticks to all object-
>       names for GRANT statements.
>      @ mysql-test/suite/backup/r/backup_client.result
>         Reflect that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/r/backup_db_grants.result
>         Added test for objects that need to be quoted for GRANT to work, and reflect
> that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/r/backup_db_grants_extra.result
>         Reflect that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/r/backup_namecase.result
>         Remove test that checks if database name has been modified in the backup
> image.
>      @ mysql-test/suite/backup/r/backup_table_grants.result
>         Reflect that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/r/backup_xpfm_compat_backup_lctn0.result
>         Reflect that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/r/backup_xpfm_compat_backup_lctn1.result
>         Reflect that object names are now enclosed in backticks (`<name>`)
>      @ mysql-test/suite/backup/t/backup_db_grants.test
>         Added test for objects that need to be quoted for GRANT to work
>      @ mysql-test/suite/backup/t/backup_namecase.test
>         Remove test that checks if database name has been modified in the backup
> image.
>      @ sql/backup/kernel.cc
>         Remove parsing of GRANT statements to check if they have been modified. This
> check does not make sense since GRANT statements can be injected anywhere in the backup
> image. Checking for modified statements need to be more sophisticated to make sense.
>      @ sql/si_objects.cc
>         Add backticks around object names for restore of GRANTs
>
Thread
bzr commit into mysql-6.0-backup branch (jorgen.loland:2855) Bug#43444Jorgen Loland6 Aug
  • Re: bzr commit into mysql-6.0-backup branch (jorgen.loland:2855)Bug#43444Rafal Somla6 Aug
    • Re: bzr commit into mysql-6.0-backup branch (jorgen.loland:2855)Bug#43444Paul DuBois6 Aug
    • Re: bzr commit into mysql-6.0-backup branch (jorgen.loland:2855)Bug#43444Jørgen Løland7 Aug
  • Re: bzr commit into mysql-6.0-backup branch (jorgen.loland:2855)Bug#43444Chuck Bell6 Aug