database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-08 11:22:35 +03:00
Code Activity

Bug#28846 Use of undocumented Prepared Statements crashes server

Browse Source 
ALTER VIEW is currently not supported as a prepared statement
and should be disabled as such as they otherwise could cause server crashes.

ALTER VIEW is currently not supported when called from stored
procedures or functions for related reasons and should also be disabled.

This patch disables these DDL statements and adjusts the appropriate test
cases accordingly.

Additional tests has been added to reflect on the fact that we do support
CREATE/ALTER/DROP TABLE for Prepared Statements (PS), Stored Procedures (SP)
and PS within SP.
This commit is contained in:
thek@adventure.(none)
2007-06-22 11:55:48 +02:00
parent 8725f45724
commit 3e7c1b1cb1
11 changed files with 72 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
mysql-test/r/sp-dynamic.result
View File

@@ -87,6 +87,10 @@ prepare stmt from "create table t1 (a int)";
execute stmt;
insert into t1 (a) values (1);
select * from t1;
prepare stmt_alter from "alter table t1 add (b int)";
execute stmt_alter;
insert into t1 (a,b) values (2,1);
deallocate prepare stmt_alter;
deallocate prepare stmt;
deallocate prepare stmt_drop;
end|
@@ -245,6 +249,9 @@ a
1
drop procedure p1|
drop table if exists t1|
drop table if exists t2|
Warnings:
Note 1051 Unknown table 't2'
create table t1 (id integer primary key auto_increment,
stmt_text char(35), status varchar(20))|
insert into t1 (stmt_text) values
@@ -255,7 +262,10 @@ insert into t1 (stmt_text) values
("help help"), ("show databases"), ("show tables"),
("show table status"), ("show open tables"), ("show storage engines"),
("insert into t1 (id) values (1)"), ("update t1 set status=''"),
("delete from t1"), ("truncate t1"), ("call p1()"), ("foo bar")|
("delete from t1"), ("truncate t1"), ("call p1()"), ("foo bar"),
("create view v1 as select 1"), ("alter view v1 as select 2"),
("drop view v1"),("create table t2 (a int)"),("alter table t2 add (b int)"),
("drop table t2")|
create procedure p1()
begin
declare v_stmt_text varchar(255);
@@ -305,6 +315,12 @@ id stmt_text status
20 truncate t1 supported
21 call p1() supported
22 foo bar syntax error
23 create view v1 as select 1 supported
24 alter view v1 as select 2 not supported
25 drop view v1 supported
26 create table t2 (a int) supported
27 alter table t2 add (b int) supported
28 drop table t2 supported
drop procedure p1|
drop table t1|
prepare stmt from 'select 1'|