Below is the list of changes that have just been committed into a local
5.0 repository of alik. When alik does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet
1.1980 05/09/20 01:57:04 anozdrin@stripped +7 -0
Fix for Bug#13198 "SP executes if definer does not exist"
The idea is to return status from user-context-switching routine,
and to check this status before executing stored procedure/function.
If context was not switched, do not execute the object.
sql/sql_parse.cc
1.489 05/09/20 01:56:58 anozdrin@stripped +7 -1
Bug#13198: do not execute stored procedure if user context
can not be switched (i.e. definer does not exist).
sql/sp_head.h
1.71 05/09/20 01:56:58 anozdrin@stripped +1 -1
Bug#13198: return status from sp_change_security_context():
- FALSE -- context was switched successfully;
- TRUE -- context wasn't switched. Probably, the definer does not exist.
sql/sp_head.cc
1.185 05/09/20 01:56:58 anozdrin@stripped +43 -27
Bug#13198: return status from sp_change_security_context():
- FALSE -- context was switched successfully;
- TRUE -- context wasn't switched. Probably, the definer does not exist.
sql/share/errmsg.txt
1.46 05/09/20 01:56:57 anozdrin@stripped +3 -0
Bug#13198: add a new error message
sql/item_func.cc
1.252 05/09/20 01:56:57 anozdrin@stripped +2 -1
Bug#13198: do not execute stored function if user context
can not be switched (definer does not exist).
mysql-test/t/sp.test
1.152 05/09/20 01:56:57 anozdrin@stripped +80 -0
Test case for Bug#13198.
mysql-test/r/sp.result
1.156 05/09/20 01:56:57 anozdrin@stripped +34 -1
Results for the test case for Bug#13198.
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: anozdrin
# Host: station.home
# Root: /home/alik/Documents/AllProgs/MySQL/devel/5.0-bug13198
--- 1.251/sql/item_func.cc 2005-09-14 07:25:21 +04:00
+++ 1.252/sql/item_func.cc 2005-09-20 01:56:57 +04:00
@@ -4726,7 +4726,8 @@
if (check_routine_access(thd, EXECUTE_ACL,
m_sp->m_db.str, m_sp->m_name.str, 0, 0))
goto error;
- sp_change_security_context(thd, m_sp, &save_ctx);
+ if (sp_change_security_context(thd, m_sp, &save_ctx))
+ goto error;
if (save_ctx.changed &&
check_routine_access(thd, EXECUTE_ACL,
m_sp->m_db.str, m_sp->m_name.str, 0, 0))
--- 1.488/sql/sql_parse.cc 2005-09-14 22:44:43 +04:00
+++ 1.489/sql/sql_parse.cc 2005-09-20 01:56:58 +04:00
@@ -4193,7 +4193,13 @@
#endif
goto error;
}
- sp_change_security_context(thd, sp, &save_ctx);
+ if (sp_change_security_context(thd, sp, &save_ctx))
+ {
+#ifndef EMBEDDED_LIBRARY
+ thd->net.no_send_ok= nsok;
+#endif
+ goto error;
+ }
if (save_ctx.changed &&
check_routine_access(thd, EXECUTE_ACL,
sp->m_db.str, sp->m_name.str, TRUE, 0))
--- 1.45/sql/share/errmsg.txt 2005-09-16 19:13:14 +04:00
+++ 1.46/sql/share/errmsg.txt 2005-09-20 01:56:57 +04:00
@@ -5415,3 +5415,6 @@
eng "There is not %-.64s@%-.64s registered"
ER_FORBID_SCHEMA_CHANGE
eng "Changing schema from '%-.64s' to '%-.64s' is not allowed."
+ER_CANT_SWITCH_CONTEXT
+ eng "Can't switch context to ('%-.64s'@'%-.64s')"
--- 1.155/mysql-test/r/sp.result 2005-09-14 14:54:42 +04:00
+++ 1.156/mysql-test/r/sp.result 2005-09-20 01:56:57 +04:00
@@ -3348,4 +3348,37 @@
internal_var
NULL
drop procedure bug12979_2|
-drop table t1,t2;
+DROP DATABASE IF EXISTS bug13198_db;
+CREATE USER bug13198_u1@localhost;
+CREATE USER bug13198_u2@localhost;
+CREATE DATABASE bug13198_db;
+GRANT ALL PRIVILEGES ON bug13198_db.* TO bug13198_u1@localhost;
+GRANT ALL PRIVILEGES ON bug13198_db.* TO bug13198_u2@localhost;
+DROP PROCEDURE IF EXISTS bug13198_p1;
+Warnings:
+Note 1305 PROCEDURE bug13198_p1 does not exist
+CREATE PROCEDURE bug13198_p1()
+BEGIN
+SELECT 1;
+END|
+CREATE FUNCTION bug13198_f1() RETURNS INT
+BEGIN
+RETURN 1;
+END|
+CALL bug13198_p1();
+1
+1
+SELECT bug13198_f1();
+bug13198_f1()
+1
+CALL bug13198_p1();
+1
+1
+SELECT bug13198_f1();
+bug13198_f1()
+1
+DROP USER bug13198_u1@localhost;
+CALL bug13198_p1();
+ERROR HY000: Can't switch context to ('bug13198_u1'@'localhost')
+SELECT bug13198_f1();
+ERROR HY000: Can't switch context to ('bug13198_u1'@'localhost')
--- 1.151/mysql-test/t/sp.test 2005-09-14 14:54:42 +04:00
+++ 1.152/mysql-test/t/sp.test 2005-09-20 01:56:57 +04:00
@@ -4205,7 +4205,87 @@
end|
call bug12979_2()|
drop procedure bug12979_2|
+delimiter ;|
+#
+# Bug #13198 SP executes if definer does not exist
+#
+
+# Prepare environment under root.
+
+--connect (bug13198_root_con,localhost,root,,mysql)
+--connection bug13198_root_con
+
+--disable_warnings
+DROP DATABASE IF EXISTS bug13198_db;
+--enable_warnings
+
+CREATE USER bug13198_u1@localhost;
+CREATE USER bug13198_u2@localhost;
+
+CREATE DATABASE bug13198_db;
+
+GRANT ALL PRIVILEGES ON bug13198_db.* TO bug13198_u1@localhost;
+GRANT ALL PRIVILEGES ON bug13198_db.* TO bug13198_u2@localhost;
+
+# Create a procedure/function under u1.
+
+--connect (bug13198_u1_con,localhost,bug13198_u1,,bug13198_db)
+--connection bug13198_u1_con
+
+DROP PROCEDURE IF EXISTS bug13198_p1;
+
+delimiter |;
+
+CREATE PROCEDURE bug13198_p1()
+BEGIN
+ SELECT 1;
+END|
+
+CREATE FUNCTION bug13198_f1() RETURNS INT
+BEGIN
+ RETURN 1;
+END|
+
+delimiter ;|
+
+CALL bug13198_p1();
+
+SELECT bug13198_f1();
+
+--disconnect bug13198_u1_con
+
+# Check that u2 can call the procedure/function.
+
+--connect (bug13198_u2_con,localhost,bug13198_u2,,bug13198_db)
+--connection bug13198_u2_con
+
+CALL bug13198_p1();
+
+SELECT bug13198_f1();
+
+# Drop user u1 (definer of the object);
+
+--connection bug13198_root_con
+
+DROP USER bug13198_u1@localhost;
+
+# Check that u2 can not call the procedure/function.
+
+--connect (bug13198_u2_con2,localhost,bug13198_u2,,bug13198_db)
+--connection bug13198_u2_con2
+
+--error 1451
+CALL bug13198_p1();
+
+--error 1451
+SELECT bug13198_f1();
+
+# Cleanup.
+
+--connection default
+--disconnect bug13198_root_con
+--disconnect bug13198_u2_con2
#
# BUG#NNNN: New bug synopsis
--- 1.184/sql/sp_head.cc 2005-09-15 03:57:52 +04:00
+++ 1.185/sql/sp_head.cc 2005-09-20 01:56:58 +04:00
@@ -2645,41 +2645,57 @@
*/
#ifndef NO_EMBEDDED_ACCESS_CHECKS
-void
+bool
sp_change_security_context(THD *thd, sp_head *sp, st_sp_security_context *ctxp)
{
ctxp->changed= (sp->m_chistics->suid != SP_IS_NOT_SUID &&
(strcmp(sp->m_definer_user.str, thd->priv_user) ||
strcmp(sp->m_definer_host.str, thd->priv_host)));
- if (ctxp->changed)
+ if (!ctxp->changed)
+ return 0; /* Ok: no need to change context. */
+
+ ctxp->master_access= thd->master_access;
+ ctxp->db_access= thd->db_access;
+ ctxp->priv_user= thd->priv_user;
+ strncpy(ctxp->priv_host, thd->priv_host, sizeof(ctxp->priv_host));
+ ctxp->user= thd->user;
+ ctxp->host= thd->host;
+ ctxp->ip= thd->ip;
+
+ /* Change thise just to do the acl_getroot_no_password */
+ thd->user= sp->m_definer_user.str;
+ thd->host= thd->ip = sp->m_definer_host.str;
+
+ bool result;
+
+ if (acl_getroot_no_password(thd))
+ {
+ /* Failed, run as invoker for now */
+ ctxp->changed= FALSE;
+ thd->master_access= ctxp->master_access;
+ thd->db_access= ctxp->db_access;
+ thd->priv_user= ctxp->priv_user;
+ strncpy(thd->priv_host, ctxp->priv_host, sizeof(thd->priv_host));
+
+ my_error(ER_CANT_SWITCH_CONTEXT,
+ MYF(0),
+ sp->m_definer_user.str,
+ sp->m_definer_host.str);
+
+ result= 1; /* Error: can't switch context. */
+ }
+ else
{
- ctxp->master_access= thd->master_access;
- ctxp->db_access= thd->db_access;
- ctxp->priv_user= thd->priv_user;
- strncpy(ctxp->priv_host, thd->priv_host, sizeof(ctxp->priv_host));
- ctxp->user= thd->user;
- ctxp->host= thd->host;
- ctxp->ip= thd->ip;
-
- /* Change thise just to do the acl_getroot_no_password */
- thd->user= sp->m_definer_user.str;
- thd->host= thd->ip = sp->m_definer_host.str;
-
- if (acl_getroot_no_password(thd))
- { // Failed, run as invoker for now
- ctxp->changed= FALSE;
- thd->master_access= ctxp->master_access;
- thd->db_access= ctxp->db_access;
- thd->priv_user= ctxp->priv_user;
- strncpy(thd->priv_host, ctxp->priv_host, sizeof(thd->priv_host));
- }
-
- /* Restore these immiediately */
- thd->user= ctxp->user;
- thd->host= ctxp->host;
- thd->ip= ctxp->ip;
+ result= 0; /* Ok: context switched successfully. */
}
+
+ /* Restore these immiediately */
+ thd->user= ctxp->user;
+ thd->host= ctxp->host;
+ thd->ip= ctxp->ip;
+
+ return result;
}
void
--- 1.70/sql/sp_head.h 2005-09-14 12:53:55 +04:00
+++ 1.71/sql/sp_head.h 2005-09-20 01:56:58 +04:00
@@ -1030,7 +1030,7 @@
};
#ifndef NO_EMBEDDED_ACCESS_CHECKS
-void
+bool
sp_change_security_context(THD *thd, sp_head *sp, st_sp_security_context *ctxp);
void
sp_restore_security_context(THD *thd, sp_head *sp,st_sp_security_context *ctxp);
| Thread |
|---|
| • bk commit into 5.0 tree (anozdrin:1.1980) BUG#13198 | Alexander Nozdrin | 19 Sep |
