Below is the list of changes that have just been committed into a local
5.0 repository of evgen. When evgen does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet
1.1927 05/09/14 01:28:49 evgen@stripped +5 -0
Fix bug #12812 create view calling a function works without execute right on function
Execution rigths on function was checked just before function execution,
thus it was unknown on prepare stage whether user have right to execute
particular function.
Added access rights checking function which is called right after fixing
Item_func_sp.
This have additional effect that if user don't have rights for execution
query will fail on earlier stage and will not waste resources on optimizing
with failing on execution stage.
mysql-test/t/sp.test
1.143 05/09/14 01:28:16 evgen@stripped +23 -0
Test case for bug#12812 create view calling a function works without execute right on function
mysql-test/r/sp.result
1.149 05/09/14 01:27:54 evgen@stripped +12 -0
Test case for bug#12812 create view calling a function works without execute right on function
sql/sql_base.cc
1.294 05/09/14 01:02:32 evgen@stripped +3 -0
Fix bug#12812 create view calling a function works without execute right on function
Added checking access rights for SP functions after fixing them.
sql/item_func.h
1.129 05/09/14 01:02:06 evgen@stripped +3 -2
Fix bug#12812 create view calling a function works without execute right on function
sql/item_func.cc
1.247 05/09/14 01:01:16 evgen@stripped +40 -0
Fix bug#12812 create view calling a function works without execute right on function
Added fuicntion Item_func_sp::check_access() which checks access rights.
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: evgen
# Host: moonbone.local
# Root: /work/12812-bug-5.0-mysql
--- 1.246/sql/item_func.cc 2005-08-29 17:44:57 +04:00
+++ 1.247/sql/item_func.cc 2005-09-14 01:01:16 +04:00
@@ -4845,3 +4845,43 @@
DBUG_RETURN(res);
}
+
+/*
+ Check access rigths to function
+
+ SYNOPSIS
+ check_access()
+ want_access requested access
+
+ RETURN
+ 0 Access granted
+ 1 Requested access can't be granted or function doesn't exists
+
+ NOTES
+ Checks if requested access to function can be granted to user.
+ If function isn't found yet, it searches function first.
+ If function can't be found or user don't have requested access
+ error is raised.
+*/
+bool
+Item_func_sp::check_access(ulong want_access)
+{
+ THD *thd= current_thd;
+ bool res= 0;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+ if (! m_sp && ! (m_sp= sp_find_function(thd, m_name, TRUE)))
+ {
+ my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION", m_name->m_qname.str);
+ res= thd->net.report_error= 1;
+ }
+
+ if (!res && check_routine_access(thd, want_access,
+ m_sp->m_db.str, m_sp->m_name.str, 0, 0))
+ {
+ res= thd->net.report_error= 1;
+ }
+#endif
+ return res;
+};
+
+
--- 1.128/sql/item_func.h 2005-08-27 08:34:19 +04:00
+++ 1.129/sql/item_func.h 2005-09-14 01:02:06 +04:00
@@ -55,7 +55,7 @@
NOT_FUNC, NOT_ALL_FUNC,
NOW_FUNC, TRIG_COND_FUNC,
GUSERVAR_FUNC, COLLATE_FUNC,
- EXTRACT_FUNC, CHAR_TYPECAST_FUNC };
+ EXTRACT_FUNC, CHAR_TYPECAST_FUNC, FUNC_SP };
enum optimize_type { OPTIMIZE_NONE,OPTIMIZE_KEY,OPTIMIZE_OP, OPTIMIZE_NULL,
OPTIMIZE_EQUAL };
enum Type type() const { return FUNC_ITEM; }
@@ -1434,7 +1434,8 @@
{ context= (Name_resolution_context *)cntx; return FALSE; }
void fix_length_and_dec();
-
+ bool check_access(ulong want_access);
+ virtual enum Functype functype() const { return FUNC_SP; }
};
--- 1.293/sql/sql_base.cc 2005-08-25 01:22:52 +04:00
+++ 1.294/sql/sql_base.cc 2005-09-14 01:02:32 +04:00
@@ -4085,6 +4085,9 @@
if (item->with_sum_func && item->type() != Item::SUM_FUNC_ITEM &&
sum_func_list)
item->split_sum_func(thd, ref_pointer_array, *sum_func_list);
+ if (item->type() == Item::FUNC_ITEM &&
+ ((Item_func*)item)->functype() == Item_func::FUNC_SP)
+ ((Item_func_sp*)item)->check_access(EXECUTE_ACL);
thd->used_tables|= item->used_tables();
}
thd->set_query_id= save_set_query_id;
--- 1.148/mysql-test/r/sp.result 2005-08-27 14:29:29 +04:00
+++ 1.149/mysql-test/r/sp.result 2005-09-14 01:27:54 +04:00
@@ -3193,4 +3193,16 @@
return f1;
end|
drop function bug9048|
+drop function if exists bug12812|
+create function bug12812() returns char(2)
+begin
+return 'ok';
+end;
+create user user_bug12812@localhost IDENTIFIED BY 'ABC'|
+SELECT test.bug12812()|
+ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812'
+CREATE VIEW v1 AS SELECT test.bug12812()|
+ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812'
+DROP USER user_bug12812@localhost|
+drop function bug12812|
drop table t1,t2;
--- 1.142/mysql-test/t/sp.test 2005-08-27 10:25:47 +04:00
+++ 1.143/mysql-test/t/sp.test 2005-09-14 01:28:16 +04:00
@@ -4044,6 +4044,29 @@
drop function bug9048|
#
+# BUG#12812 create view calling a function works without execute right
+# on function
+--disable_warnings
+drop function if exists bug12812|
+--enable_warnings
+create function bug12812() returns char(2)
+begin
+ return 'ok';
+end;
+create user user_bug12812@localhost IDENTIFIED BY 'ABC'|
+--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
+connect (test_user_12812,localhost,user_bug12812,ABC,test)|
+--error 1370
+SELECT test.bug12812()|
+--error 1370
+CREATE VIEW v1 AS SELECT test.bug12812()|
+# Cleanup
+connection default|
+disconnect test_user_12812|
+DROP USER user_bug12812@localhost|
+drop function bug12812|
+
+#
# BUG#NNNN: New bug synopsis
#
#--disable_warnings
| Thread |
|---|
| • bk commit into 5.0 tree (evgen:1.1927) BUG#12812 | eugene | 13 Sep |
