mirror of
https://github.com/MariaDB/server.git
synced 2025-07-30 16:24:05 +03:00
postmerge fixes
libmysqld/lib_sql.cc: struct st_security_context nad to class Security_context sql/item_func.cc: fixed method call, name and contence to be compatible with new code sql/item_func.h: fixed method to be compatible wit new code sql/sql_parse.cc: fixed typo removed compiler warnings
This commit is contained in:
unknown
@ -532,7 +532,7 @@ err:
|
|||||||
int check_embedded_connection(MYSQL *mysql)
|
int check_embedded_connection(MYSQL *mysql)
|
||||||
{
|
{
|
||||||
THD *thd= (THD*)mysql->thd;
|
THD *thd= (THD*)mysql->thd;
|
||||||
st_security_context *sctx= thd->security_ctx;
|
Security_context *sctx= thd->security_ctx;
|
||||||
sctx->host_or_ip= sctx->host= (char*)my_localhost;
|
sctx->host_or_ip= sctx->host= (char*)my_localhost;
|
||||||
sctx->priv_user= sctx->user= my_strdup(mysql->user, MYF(0));
|
sctx->priv_user= sctx->user= my_strdup(mysql->user, MYF(0));
|
||||||
return check_user(thd, COM_CONNECT, NULL, 0, thd->db, true);
|
return check_user(thd, COM_CONNECT, NULL, 0, thd->db, true);
|
||||||
|
|||||||
@ -4711,21 +4711,11 @@ Item_func_sp::execute(Item **itp)
|
|||||||
THD *thd= current_thd;
|
THD *thd= current_thd;
|
||||||
int res= -1;
|
int res= -1;
|
||||||
Sub_statement_state statement_state;
|
Sub_statement_state statement_state;
|
||||||
|
|
||||||
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
|
||||||
Security_context *save_ctx;
|
Security_context *save_ctx;
|
||||||
#endif
|
|
||||||
|
|
||||||
if (! m_sp && ! (m_sp= sp_find_function(thd, m_name, TRUE)))
|
if (find_and_check_access(thd, EXECUTE_ACL, &save_ctx))
|
||||||
{
|
|
||||||
my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION", m_name->m_qname.str);
|
|
||||||
goto error;
|
goto error;
|
||||||
}
|
|
||||||
|
|
||||||
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
|
||||||
if (check_access(EXECUTE_ACL, 0, &save_ctx))
|
|
||||||
goto error;
|
|
||||||
#endif
|
|
||||||
/*
|
/*
|
||||||
Disable the binlogging if this is not a SELECT statement. If this is a
|
Disable the binlogging if this is not a SELECT statement. If this is a
|
||||||
SELECT, leave binlogging on, so execute_function() code writes the
|
SELECT, leave binlogging on, so execute_function() code writes the
|
||||||
@ -4734,7 +4724,7 @@ Item_func_sp::execute(Item **itp)
|
|||||||
thd->reset_sub_statement_state(&statement_state, SUB_STMT_FUNCTION);
|
thd->reset_sub_statement_state(&statement_state, SUB_STMT_FUNCTION);
|
||||||
res= m_sp->execute_function(thd, args, arg_count, itp);
|
res= m_sp->execute_function(thd, args, arg_count, itp);
|
||||||
thd->restore_sub_statement_state(&statement_state);
|
thd->restore_sub_statement_state(&statement_state);
|
||||||
|
|
||||||
if (res && mysql_bin_log.is_open() &&
|
if (res && mysql_bin_log.is_open() &&
|
||||||
(m_sp->m_chistics->daccess == SP_CONTAINS_SQL ||
|
(m_sp->m_chistics->daccess == SP_CONTAINS_SQL ||
|
||||||
m_sp->m_chistics->daccess == SP_MODIFIES_SQL_DATA))
|
m_sp->m_chistics->daccess == SP_MODIFIES_SQL_DATA))
|
||||||
@ -4851,71 +4841,67 @@ Item_func_sp::tmp_table_field(TABLE *t_arg)
|
|||||||
DBUG_RETURN(res);
|
DBUG_RETURN(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Check access rigths to function
|
Find the function and chack access rigths to the function
|
||||||
|
|
||||||
SYNOPSIS
|
SYNOPSIS
|
||||||
check_access()
|
find_and_check_access()
|
||||||
|
thd thread handler
|
||||||
want_access requested access
|
want_access requested access
|
||||||
report_error whether to set error to thd->net.report_error
|
backup backup of security context or 0
|
||||||
sp_ctx sp security context for switching
|
|
||||||
|
|
||||||
RETURN
|
RETURN
|
||||||
0 Access granted
|
FALSE Access granted
|
||||||
1 Requested access can't be granted or function doesn't exists
|
TRUE Requested access can't be granted or function doesn't exists
|
||||||
|
|
||||||
NOTES
|
NOTES
|
||||||
Checks if requested access to function can be granted to user.
|
Checks if requested access to function can be granted to user.
|
||||||
If function isn't found yet, it searches function first.
|
If function isn't found yet, it searches function first.
|
||||||
If function can't be found or user don't have requested access
|
If function can't be found or user don't have requested access
|
||||||
and report_error is true error is raised.
|
error is raised.
|
||||||
If security context sp_ctx is provided and access can be granted then
|
If security context sp_ctx is provided and access can be granted then
|
||||||
switch back to previous context isn't performed.
|
switch back to previous context isn't performed.
|
||||||
In case of access error or if context is not provided then check_access()
|
In case of access error or if context is not provided then
|
||||||
switches back to previous security context.
|
find_and_check_access() switches back to previous security context.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
bool
|
bool
|
||||||
Item_func_sp::check_access(ulong want_access, bool report_error, st_sp_security_context *sp_ctx)
|
Item_func_sp::find_and_check_access(THD *thd, ulong want_access,
|
||||||
|
Security_context **backup)
|
||||||
{
|
{
|
||||||
bool res;
|
bool res;
|
||||||
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
Security_context *local_save,
|
||||||
THD *thd= current_thd;
|
**save= (backup ? backup : &local_save);
|
||||||
st_sp_security_context save_ctx, *curr_ctx= sp_ctx?sp_ctx:&save_ctx;
|
res= TRUE;
|
||||||
bool ctx_switched= 0;
|
|
||||||
res= 1;
|
|
||||||
if (! m_sp && ! (m_sp= sp_find_function(thd, m_name, TRUE)))
|
if (! m_sp && ! (m_sp= sp_find_function(thd, m_name, TRUE)))
|
||||||
{
|
{
|
||||||
my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION", m_name->m_qname.str);
|
my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION", m_name->m_qname.str);
|
||||||
if (report_error)
|
|
||||||
thd->net.report_error= 1;
|
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
||||||
if (check_routine_access(thd, want_access,
|
if (check_routine_access(thd, want_access,
|
||||||
m_sp->m_db.str, m_sp->m_name.str, 0, 0))
|
m_sp->m_db.str, m_sp->m_name.str, 0, FALSE))
|
||||||
{
|
{
|
||||||
if (report_error)
|
|
||||||
thd->net.report_error= 1;
|
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
sp_change_security_context(thd, m_sp, curr_ctx);
|
sp_change_security_context(thd, m_sp, save);
|
||||||
ctx_switched= curr_ctx->changed;
|
if (*save &&
|
||||||
if (curr_ctx->changed &&
|
|
||||||
check_routine_access(thd, want_access,
|
check_routine_access(thd, want_access,
|
||||||
m_sp->m_db.str, m_sp->m_name.str, 0, 0))
|
m_sp->m_db.str, m_sp->m_name.str, 0, FALSE))
|
||||||
{
|
{
|
||||||
if (report_error)
|
|
||||||
thd->net.report_error= 1;
|
|
||||||
goto error_check_ctx;
|
goto error_check_ctx;
|
||||||
}
|
}
|
||||||
res= 0;
|
res= FALSE;
|
||||||
error_check_ctx:
|
error_check_ctx:
|
||||||
if (ctx_switched && (res || !sp_ctx))
|
if (*save && (res || !backup))
|
||||||
sp_restore_security_context(thd, m_sp, curr_ctx);
|
sp_restore_security_context(thd, local_save);
|
||||||
error:
|
error:
|
||||||
#else
|
#else
|
||||||
res= 0;
|
res= 0;
|
||||||
|
error:
|
||||||
#endif
|
#endif
|
||||||
return res;
|
return res;
|
||||||
};
|
};
|
||||||
@ -4926,7 +4912,7 @@ Item_func_sp::fix_fields(THD *thd, Item **ref)
|
|||||||
bool res;
|
bool res;
|
||||||
DBUG_ASSERT(fixed == 0);
|
DBUG_ASSERT(fixed == 0);
|
||||||
res= Item_func::fix_fields(thd, ref);
|
res= Item_func::fix_fields(thd, ref);
|
||||||
if (!res && check_access(EXECUTE_ACL, 1, NULL))
|
if (!res && find_and_check_access(thd, EXECUTE_ACL, NULL))
|
||||||
res= 1;
|
res= 1;
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1435,7 +1435,8 @@ public:
|
|||||||
{ context= (Name_resolution_context *)cntx; return FALSE; }
|
{ context= (Name_resolution_context *)cntx; return FALSE; }
|
||||||
|
|
||||||
void fix_length_and_dec();
|
void fix_length_and_dec();
|
||||||
bool check_access(ulong want_access, bool report_error, st_sp_security_context *sp_ctx);
|
bool find_and_check_access(THD * thd, ulong want_access,
|
||||||
|
Security_context **backup);
|
||||||
virtual enum Functype functype() const { return FUNC_SP; }
|
virtual enum Functype functype() const { return FUNC_SP; }
|
||||||
|
|
||||||
bool fix_fields(THD *thd, Item **ref);
|
bool fix_fields(THD *thd, Item **ref);
|
||||||
|
|||||||
@ -273,7 +273,7 @@ int check_user(THD *thd, enum enum_server_command command,
|
|||||||
DBUG_ENTER("check_user");
|
DBUG_ENTER("check_user");
|
||||||
|
|
||||||
#ifdef NO_EMBEDDED_ACCESS_CHECKS
|
#ifdef NO_EMBEDDED_ACCESS_CHECKS
|
||||||
thd->ain_security_ctx.master_access= GLOBAL_ACLS; // Full rights
|
thd->main_security_ctx.master_access= GLOBAL_ACLS; // Full rights
|
||||||
/* Change database if necessary */
|
/* Change database if necessary */
|
||||||
if (db && db[0])
|
if (db && db[0])
|
||||||
{
|
{
|
||||||
@ -4490,10 +4490,10 @@ end_with_restore_list:
|
|||||||
mysql_bin_log.is_open())
|
mysql_bin_log.is_open())
|
||||||
{
|
{
|
||||||
String buff;
|
String buff;
|
||||||
LEX_STRING command[3]=
|
const LEX_STRING command[3]=
|
||||||
{{STRING_WITH_LEN("CREATE ")},
|
{{(char *)STRING_WITH_LEN("CREATE ")},
|
||||||
{STRING_WITH_LEN("ALTER ")},
|
{(char *)STRING_WITH_LEN("ALTER ")},
|
||||||
{STRING_WITH_LEN("CREATE OR REPLACE ")}};
|
{(char *)STRING_WITH_LEN("CREATE OR REPLACE ")}};
|
||||||
thd->clear_error();
|
thd->clear_error();
|
||||||
|
|
||||||
buff.append(command[thd->lex->create_view_mode].str,
|
buff.append(command[thd->lex->create_view_mode].str,
|
||||||
|
|||||||
Reference in New Issue
Block a user