Below is the list of changes that have just been committed into a local
5.0 repository of monty. When monty does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet
1.1781 05/03/15 16:07:28 monty@stripped +8 -0
Code cleanups during review of pushed code
sql/table.cc
1.155 05/03/15 16:07:24 monty@stripped +5 -1
Simplify usage of get_field()
sql/sql_udf.cc
1.43 05/03/15 16:07:24 monty@stripped +7 -6
Don't give warnings for suspicios UDF's if --log-warnings isn't given
sql/sql_show.cc
1.223 05/03/15 16:07:24 monty@stripped +2 -15
Simplify usage of get_field()
Now we can always call check_some_routine_access()
sql/sql_parse.cc
1.414 05/03/15 16:07:24 monty@stripped +2 -7
Added 'const' to some arguments
Fixed the check_rounte_level_acl() is always called
(old code didn't properly check access privilges if grant_option was not set)
sql/sql_acl.h
1.40 05/03/15 16:07:24 monty@stripped +1 -1
Added 'const' to some arguments
sql/sql_acl.cc
1.141 05/03/15 16:07:24 monty@stripped +15 -3
Simply code by making check_routine_level_acl() available also in embedded server
sql/sp_head.cc
1.121 05/03/15 16:07:24 monty@stripped +22 -14
Added comments
code cleanup
acceess -> access
sql/mysql_priv.h
1.272 05/03/15 16:07:24 monty@stripped +1 -1
Added 'const' to some arguments
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: monty
# Host: narttu.mysql.com
# Root: /home/my/mysql-5.0
--- 1.271/sql/mysql_priv.h 2005-03-05 13:34:18 +02:00
+++ 1.272/sql/mysql_priv.h 2005-03-15 16:07:24 +02:00
@@ -453,7 +453,7 @@
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
bool check_merge_table_access(THD *thd, char *db,
TABLE_LIST *table_list);
-bool check_some_routine_access(THD *thd, char *db, char *name);
+bool check_some_routine_access(THD *thd, const char *db, const char *name);
bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count);
bool mysql_multi_update_prepare(THD *thd);
--- 1.140/sql/sql_acl.cc 2005-03-05 13:34:18 +02:00
+++ 1.141/sql/sql_acl.cc 2005-03-15 16:07:24 +02:00
@@ -2125,7 +2125,7 @@
inline GRANT_NAME *
proc_hash_search(const char *host, const char *ip, const char *db,
- const char *user, const char *tname, bool exact)
+ const char *user, const char *tname, bool exact)
{
return (GRANT_TABLE*) name_hash_search(&proc_priv_hash, host, ip, db,
user, tname, exact);
@@ -3594,11 +3594,11 @@
name Routine name
RETURN
- 1 error
0 Ok
+ 1 error
*/
-bool check_routine_level_acl(THD *thd, char *db, char *name)
+bool check_routine_level_acl(THD *thd, const char *db, const char *name)
{
bool no_routine_acl= 1;
if (grant_option)
@@ -5570,4 +5570,16 @@
grant->privilege|= grant->grant_table->privs;
}
}
+
+#else /* NO_EMBEDDED_ACCESS_CHECKS */
+
+/****************************************************************************
+ Dummy wrappers when we don't have any access checks
+****************************************************************************/
+
+bool check_routine_level_acl(THD *thd, const char *db, const char *name)
+{
+ return FALSE;
+}
+
#endif
--- 1.39/sql/sql_acl.h 2005-03-05 13:34:18 +02:00
+++ 1.40/sql/sql_acl.h 2005-03-15 16:07:24 +02:00
@@ -219,7 +219,7 @@
const char *db, const char *table);
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name);
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name);
-bool check_routine_level_acl(THD *thd, char *db, char *name);
+bool check_routine_level_acl(THD *thd, const char *db, const char *name);
#ifdef NO_EMBEDDED_ACCESS_CHECKS
#define check_grant(A,B,C,D,E,F) 0
--- 1.413/sql/sql_parse.cc 2005-03-05 15:33:26 +02:00
+++ 1.414/sql/sql_parse.cc 2005-03-15 16:07:24 +02:00
@@ -4760,7 +4760,7 @@
1 error
*/
-bool check_some_routine_access(THD *thd, char *db, char *name)
+bool check_some_routine_access(THD *thd, const char *db, const char *name)
{
ulong save_priv;
if (thd->master_access & SHOW_PROC_ACLS)
@@ -4768,12 +4768,7 @@
if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) ||
(save_priv & SHOW_PROC_ACLS))
return FALSE;
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
- if (grant_option)
- return check_routine_level_acl(thd, db, name);
-#endif
-
- return FALSE;
+ return check_routine_level_acl(thd, db, name);
}
--- 1.222/sql/sql_show.cc 2005-03-05 13:34:18 +02:00
+++ 1.223/sql/sql_show.cc 2005-03-15 16:07:24 +02:00
@@ -2481,13 +2481,8 @@
definer= get_field(thd->mem_root, proc_table->field[11]);
if (!full_access)
full_access= !strcmp(sp_user, definer);
- if (!full_access)
- {
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
- if (check_some_routine_access(thd, (char * )sp_db, (char * )sp_name))
- return;
-#endif
- }
+ if (!full_access && check_some_routine_access(thd, sp_db, sp_name))
+ return;
if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC &&
proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE ||
@@ -2499,36 +2494,30 @@
if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0))
{
table->field[3]->store(sp_name, strlen(sp_name), cs);
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[3], &tmp_string);
table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[2]->store(sp_db, strlen(sp_db), cs);
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[2], &tmp_string);
table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION)
{
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[9], &tmp_string);
table->field[5]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[5]->set_notnull();
}
if (full_access)
{
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[10], &tmp_string);
table->field[7]->store(tmp_string.ptr(), tmp_string.length(), cs);
}
table->field[6]->store("SQL", 3, cs);
table->field[10]->store("SQL", 3, cs);
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[6], &tmp_string);
table->field[11]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[5]->val_int() == SP_CONTAINS_SQL)
{
table->field[12]->store("CONTAINS SQL", 12 , cs);
}
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[7], &tmp_string);
table->field[14]->store(tmp_string.ptr(), tmp_string.length(), cs);
bzero((char *)&time, sizeof(time));
@@ -2537,10 +2526,8 @@
bzero((char *)&time, sizeof(time));
((Field_timestamp *) proc_table->field[13])->get_time(&time);
table->field[16]->store_time(&time, MYSQL_TIMESTAMP_DATETIME);
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[14], &tmp_string);
table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs);
- tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[15], &tmp_string);
table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[19]->store(definer, strlen(definer), cs);
--- 1.42/sql/sql_udf.cc 2005-03-05 20:41:39 +02:00
+++ 1.43/sql/sql_udf.cc 2005-03-15 16:07:24 +02:00
@@ -110,15 +110,15 @@
*/
if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE)
{
- if (opt_allow_suspicious_udfs)
- sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), nm);
- else
+ if (!opt_allow_suspicious_udfs)
return nm;
+ if (current_thd->variables.log_warnings)
+ sql_print_warning(ER(ER_CANT_FIND_DL_ENTRY), nm);
}
-
return 0;
}
+
extern "C" byte* get_hash_key(const byte *buff,uint *length,
my_bool not_used __attribute__((unused)))
{
@@ -127,9 +127,10 @@
return (byte*) udf->name.str;
}
+
/*
-** Read all predeclared functions from mysql.func and accept all that
-** can be used.
+ Read all predeclared functions from mysql.func and accept all that
+ can be used.
*/
void udf_init()
--- 1.154/sql/table.cc 2005-03-04 12:14:53 +02:00
+++ 1.155/sql/table.cc 2005-03-15 16:07:24 +02:00
@@ -1390,8 +1390,12 @@
field->val_str(&str);
if (!(length= str.length()))
+ {
+ res->length(0);
return 1;
- to= strmake_root(mem, str.ptr(), length);
+ }
+ if (!(to= strmake_root(mem, str.ptr(), length)))
+ length= 0; // Safety fix
res->set(to, length, ((Field_str*)field)->charset());
return 0;
}
--- 1.120/sql/sp_head.cc 2005-03-05 15:33:26 +02:00
+++ 1.121/sql/sp_head.cc 2005-03-15 16:07:24 +02:00
@@ -1015,23 +1015,31 @@
}
-bool check_show_routine_acceess(THD *thd, sp_head *sp, bool *full_access)
+/*
+ Check if a user has access right to a routine
+
+ SYNOPSIS
+ check_show_routine_access()
+ thd Thread handler
+ sp SP
+ full_access Set to 1 if the user has SELECT right to the
+ 'mysql.proc' able or is the owner of the routine
+ RETURN
+ 0 ok
+ 1 error
+*/
+
+bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
{
TABLE_LIST tables;
bzero((char*) &tables,sizeof(tables));
tables.db= (char*) "mysql";
tables.table_name= tables.alias= (char*) "proc";
- *full_access= !check_table_access(thd, SELECT_ACL, &tables, 1);
- if (!(*full_access))
- *full_access= (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
- !strcmp(sp->m_definer_host.str, thd->priv_host));
- if (!(*full_access))
- {
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
- return check_some_routine_access(thd, (char * )sp->m_db.str,
- (char * ) sp->m_name.str);
-#endif
- }
+ *full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1) ||
+ (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
+ !strcmp(sp->m_definer_host.str, thd->priv_host)));
+ if (!*full_access)
+ return check_some_routine_access(thd, sp->m_db.str, sp->m_name.str);
return 0;
}
@@ -1055,7 +1063,7 @@
LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len);
- if (check_show_routine_acceess(thd, this, &full_access))
+ if (check_show_routine_access(thd, this, &full_access))
return 1;
old_sql_mode= thd->variables.sql_mode;
@@ -1128,7 +1136,7 @@
LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len);
- if (check_show_routine_acceess(thd, this, &full_access))
+ if (check_show_routine_access(thd, this, &full_access))
return 1;
old_sql_mode= thd->variables.sql_mode;
| Thread |
|---|
| • bk commit into 5.0 tree (monty:1.1781) | monty | 15 Mar |
