database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

MDEV-10102 Disallow CREATE VIEW .. PROCEDURE ANALYSE() syntactically

Browse Source
This commit is contained in:
Alexander Barkov
2016-05-23 16:25:51 +04:00
parent 4c0e2960d4
commit 9a25c01f78
11 changed files with 85 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
mysql-test/r/sp-error.result
View File

@ -1227,14 +1227,14 @@ DROP PROCEDURE IF EXISTS bug14702;
DROP TABLE IF EXISTS t1;
CREATE TABLE t1 (i INT);
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO @a;
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INTO @a' at line 1
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO DUMPFILE "file";
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INTO DUMPFILE "file"' at line 1
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO OUTFILE "file";
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INTO OUTFILE "file"' at line 1
CREATE PROCEDURE bug20953()
CREATE VIEW v AS SELECT i FROM t1 PROCEDURE ANALYSE();
ERROR HY000: View's SELECT contains a 'PROCEDURE' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'PROCEDURE ANALYSE()' at line 2
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 FROM (SELECT 1) AS d1;
ERROR HY000: View's SELECT contains a subquery in the FROM clause
CREATE PROCEDURE bug20953(i INT) CREATE VIEW v AS SELECT i;

6
mysql-test/r/view.result
View File

@ -923,12 +923,12 @@ select * from v4;
ERROR 21000: Subquery returns more than 1 row
drop view v4, v3, v2, v1;
create view v1 as select 5 into @w;
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'into @w' at line 1
create view v1 as select 5 into outfile 'ttt';
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'into outfile 'ttt'' at line 1
create table t1 (a int);
create view v1 as select a from t1 procedure analyse();
ERROR HY000: View's SELECT contains a 'PROCEDURE' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'procedure analyse()' at line 1
create view v1 as select 1 from (select 1) as d1;
ERROR HY000: View's SELECT contains a subquery in the FROM clause
drop table t1;

2
mysql-test/suite/funcs_1/r/innodb_views.result
View File

@ -3497,7 +3497,7 @@ DROP VIEW IF EXISTS v2 ;
CREATE TABLE t1 (f1 BIGINT) ;
SET @x=0;
CREATE or REPLACE VIEW v1 AS Select 1 INTO @x;
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INTO @x' at line 1
Select @x;
@x
0

2
mysql-test/suite/funcs_1/r/memory_views.result
View File

@ -3498,7 +3498,7 @@ DROP VIEW IF EXISTS v2 ;
CREATE TABLE t1 (f1 BIGINT) ;
SET @x=0;
CREATE or REPLACE VIEW v1 AS Select 1 INTO @x;
ERROR HY000: View's SELECT contains a 'INTO' clause
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'INTO @x' at line 1
Select @x;
@x
0

2
mysql-test/suite/funcs_1/views/views_master.inc
View File

@ -266,7 +266,7 @@ CREATE TABLE t1 (f1 BIGINT) ;
# SELECT INTO is illegal
SET @x=0;
--error ER_VIEW_SELECT_CLAUSE
--error ER_PARSE_ERROR
CREATE or REPLACE VIEW v1 AS Select 1 INTO @x;
Select @x;

8
mysql-test/t/sp-error.test
View File

@ -1785,13 +1785,13 @@ CREATE TABLE t1 (i INT);
# We do not have to drop this procedure and view because they won't be
# created.
--error ER_VIEW_SELECT_CLAUSE
--error ER_PARSE_ERROR
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO @a;
--error ER_VIEW_SELECT_CLAUSE
--error ER_PARSE_ERROR
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO DUMPFILE "file";
--error ER_VIEW_SELECT_CLAUSE
--error ER_PARSE_ERROR
CREATE PROCEDURE bug20953() CREATE VIEW v AS SELECT 1 INTO OUTFILE "file";
--error ER_VIEW_SELECT_CLAUSE
--error ER_PARSE_ERROR
CREATE PROCEDURE bug20953()
CREATE VIEW v AS SELECT i FROM t1 PROCEDURE ANALYSE();
--error ER_VIEW_SELECT_DERIVED

6
mysql-test/t/view.test
View File

@ -840,12 +840,12 @@ drop view v4, v3, v2, v1;
#
# VIEW over SELECT with prohibited clauses
#
-- error ER_VIEW_SELECT_CLAUSE
-- error ER_PARSE_ERROR
create view v1 as select 5 into @w;
-- error ER_VIEW_SELECT_CLAUSE
-- error ER_PARSE_ERROR
create view v1 as select 5 into outfile 'ttt';
create table t1 (a int);
-- error ER_VIEW_SELECT_CLAUSE
-- error ER_PARSE_ERROR
create view v1 as select a from t1 procedure analyse();
-- error ER_VIEW_SELECT_DERIVED
create view v1 as select 1 from (select 1) as d1;

2
sql/share/errmsg-utf8.txt
View File

@ -5218,6 +5218,8 @@ ER_VIEW_SELECT_DERIVED
ger "SELECT der View enthält eine Subquery in der FROM-Klausel"
rus "View SELECT содержит подзапрос в конструкции FROM"
ukr "View SELECT має підзапит у конструкції FROM"
# Not used any more, syntax error is returned instead
ER_VIEW_SELECT_CLAUSE
eng "View's SELECT contains a '%s' clause"
ger "SELECT der View enthält eine '%s'-Klausel"

2
sql/sql_lex.cc
View File

@ -232,8 +232,6 @@ void
st_parsing_options::reset()
{
allows_variable= TRUE;
allows_select_into= TRUE;
allows_select_procedure= TRUE;
allows_derived= TRUE;
}

2
sql/sql_lex.h
View File

@ -1817,8 +1817,6 @@ private:
struct st_parsing_options
{
bool allows_variable;
bool allows_select_into;
bool allows_select_procedure;
bool allows_derived;
st_parsing_options() { reset(); }

89
sql/sql_yacc.yy
View File

@ -8545,6 +8545,23 @@ select_paren:
| '(' select_paren ')'
;
select_paren_view:
{
/*
In order to correctly parse UNION's global ORDER BY we need to
set braces before parsing the clause.
*/
Lex->current_select->set_braces(true);
}
SELECT_SYM select_options_and_item_list select_part3_view
opt_select_lock_type
{
if (setup_select_in_parentheses(Lex))
MYSQL_YYABORT;
}
| '(' select_paren_view ')'
;
/* The equivalent of select_paren for nested queries. */
select_paren_derived:
{
@ -8580,11 +8597,37 @@ select_init3:
;
select_init3_view:
opt_table_expression opt_select_lock_type
{
Lex->current_select->set_braces(false);
}
| opt_table_expression opt_select_lock_type
{
Lex->current_select->set_braces(false);
}
union_list_view
| order_or_limit opt_select_lock_type
{
Lex->current_select->set_braces(false);
}
| table_expression order_or_limit opt_select_lock_type
{
Lex->current_select->set_braces(false);
}
;
select_part3:
opt_table_expression
| select_part3_union_not_ready
;
select_part3_view:
opt_table_expression
| order_or_limit
| table_expression order_or_limit
;
/*
The SELECT parts after select_item_list that cannot be followed by UNION.
*/
@ -11969,12 +12012,6 @@ procedure_clause:
{
LEX *lex=Lex;
if (! lex->parsing_options.allows_select_procedure)
{
my_error(ER_VIEW_SELECT_CLAUSE, MYF(0), "PROCEDURE");
MYSQL_YYABORT;
}
if (&lex->select_lex != lex->current_select)
{
// SELECT * FROM t1 UNION SELECT * FROM t2 PROCEDURE ANALYSE();
@ -12086,15 +12123,7 @@ select_outvar:
;
into:
INTO
{
if (! Lex->parsing_options.allows_select_into)
{
my_error(ER_VIEW_SELECT_CLAUSE, MYF(0), "INTO");
MYSQL_YYABORT;
}
}
into_destination
INTO into_destination
;
into_destination:
@ -16342,6 +16371,18 @@ union_list:
}
;
union_list_view:
UNION_SYM union_option
{
if (add_select_to_union_list(Lex, (bool)$2, TRUE))
MYSQL_YYABORT;
}
query_expression_body_view
{
Lex->pop_context();
}
;
union_opt:
opt_union_order_or_limit
| union_list { $$= 1; }
@ -16654,12 +16695,10 @@ view_select:
{
LEX *lex= Lex;
lex->parsing_options.allows_variable= FALSE;
lex->parsing_options.allows_select_into= FALSE;
lex->parsing_options.allows_select_procedure= FALSE;
lex->parsing_options.allows_derived= FALSE;
lex->create_view_select.str= (char *) YYLIP->get_cpp_ptr();
}
opt_with_clause view_select_aux view_check_option
opt_with_clause query_expression_body_view view_check_option
{
LEX *lex= Lex;
uint len= YYLIP->get_cpp_ptr() - lex->create_view_select.str;
@ -16668,16 +16707,20 @@ view_select:
lex->create_view_select.str= (char *) create_view_select;
trim_whitespace(thd->charset(), &lex->create_view_select);
lex->parsing_options.allows_variable= TRUE;
lex->parsing_options.allows_select_into= TRUE;
lex->parsing_options.allows_select_procedure= TRUE;
lex->parsing_options.allows_derived= TRUE;
lex->current_select->set_with_clause($2);
}
;
view_select_aux:
SELECT_SYM select_options_and_item_list select_init3
| '(' select_paren ')' union_opt
/*
SQL Standard <query expression body> for VIEWs.
Does not include INTO and PROCEDURE clauses.
*/
query_expression_body_view:
SELECT_SYM select_options_and_item_list select_init3_view
| '(' select_paren_view ')'
| '(' select_paren_view ')' union_order_or_limit
| '(' select_paren_view ')' union_list_view
;
view_check_option: