database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-01 03:47:19 +03:00
Code Activity

Fixed BUG#6030: Stored procedure has no appropriate DROP privilege.

Browse Source 
...and no ALTER privilege either.
  For now, only the definer and root can drop or alter an SP.


include/mysqld_error.h:
  New access denied error code when dropping/altering stored procedures.
include/sql_state.h:
  New access denied error code when dropping/altering stored procedures.
mysql-test/r/sp-error.result:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/r/sp-security.result:
  Added tests for access control on who's allowed to drop and alter SPs.
mysql-test/r/sp.result:
  Updated results. (Warning removed.)
mysql-test/t/sp-error.test:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
mysql-test/t/sp-security.test:
  Added tests for access control on who's allowed to drop and alter SPs.
sql/share/czech/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/danish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/dutch/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/english/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/estonian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/french/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/german/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/greek/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/hungarian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/italian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/japanese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/korean/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian-ny/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/norwegian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/polish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/portuguese/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/romanian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/russian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/serbian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/slovak/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/spanish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/swedish/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/share/ukrainian/errmsg.txt:
  New access denied error message when dropping/altering stored procedures.
sql/sql_parse.cc:
  Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer
  and root are allowed to do this.
sql/sql_yacc.yy:
  Removed warning for "unitialized variable", as this popped up in unexpected
  places after the access control for drop/alter SPs was added. (And the warning
  was wrong and planned to be removed anyway.)
This commit is contained in:
unknown
2004-10-22 20:29:06 +02:00
parent 35588c9dd0
commit a50cd5c53d
32 changed files with 148 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
sql/sql_parse.cc
View File

@ -69,6 +69,7 @@ static void remove_escape(char *name);
static void refresh_status(void);
static bool append_file_to_dir(THD *thd, const char **filename_ptr,
const char *table_name);
static bool check_sp_definer_access(THD *thd, sp_head *sp);
const char *any_db="*any*"; // Special symbol for check_access
@ -3765,11 +3766,30 @@ purposes internal to the MySQL server", MYF(0));
case SQLCOM_ALTER_PROCEDURE:
case SQLCOM_ALTER_FUNCTION:
{
res= -1;
sp_head *sp;
st_sp_chistics chistics;
memcpy(&chistics, &lex->sp_chistics, sizeof(chistics));
if (lex->sql_command == SQLCOM_ALTER_PROCEDURE)
res= sp_update_procedure(thd, lex->spname, &lex->sp_chistics);
sp= sp_find_procedure(thd, lex->spname);
else
res= sp_update_function(thd, lex->spname, &lex->sp_chistics);
sp= sp_find_function(thd, lex->spname);
mysql_reset_errors(thd);
if (! sp)
res= SP_KEY_NOT_FOUND;
else
{
if (check_sp_definer_access(thd, sp))
{
res= -1;
break;
}
memcpy(&lex->sp_chistics, &chistics, sizeof(lex->sp_chistics));
if (lex->sql_command == SQLCOM_ALTER_PROCEDURE)
res= sp_update_procedure(thd, lex->spname, &lex->sp_chistics);
else
res= sp_update_function(thd, lex->spname, &lex->sp_chistics);
}
switch (res)
{
case SP_OK:
@ -3789,28 +3809,45 @@ purposes internal to the MySQL server", MYF(0));
case SQLCOM_DROP_PROCEDURE:
case SQLCOM_DROP_FUNCTION:
{
sp_head *sp;
if (lex->sql_command == SQLCOM_DROP_PROCEDURE)
res= sp_drop_procedure(thd, lex->spname);
sp= sp_find_procedure(thd, lex->spname);
else
sp= sp_find_function(thd, lex->spname);
mysql_reset_errors(thd);
if (! sp)
res= SP_KEY_NOT_FOUND;
else
{
res= sp_drop_function(thd, lex->spname);
#ifdef HAVE_DLOPEN
if (res == SP_KEY_NOT_FOUND)
if (check_sp_definer_access(thd, sp))
{
udf_func *udf = find_udf(lex->spname->m_name.str,
lex->spname->m_name.length);
if (udf)
res= -1;
break;
}
if (lex->sql_command == SQLCOM_DROP_PROCEDURE)
res= sp_drop_procedure(thd, lex->spname);
else
{
res= sp_drop_function(thd, lex->spname);
#ifdef HAVE_DLOPEN
if (res == SP_KEY_NOT_FOUND)
{
if (check_access(thd, DELETE_ACL, "mysql", 0, 1, 0))
goto error;
if (!(res = mysql_drop_function(thd,&lex->spname->m_name)))
udf_func *udf = find_udf(lex->spname->m_name.str,
lex->spname->m_name.length);
if (udf)
{
send_ok(thd);
break;
if (check_access(thd, DELETE_ACL, "mysql", 0, 1, 0))
goto error;
if (!(res = mysql_drop_function(thd,&lex->spname->m_name)))
{
send_ok(thd);
break;
}
}
}
}
#endif
}
}
switch (res)
{
@ -4269,6 +4306,41 @@ static bool check_db_used(THD *thd,TABLE_LIST *tables)
return FALSE;
}
/*
Check if the given SP is owned by thd->priv_user/host, or priv_user is root.
QQ This is not quite complete, but it will do as a basic security check
for now. The question is exactly which rights should 'root' have?
Should root have access regardless of host for instance?
SYNOPSIS
check_sp_definer_access()
thd Thread handler
sp The SP pointer
RETURN
0 ok
1 error Error message has been sent
*/
static bool
check_sp_definer_access(THD *thd, sp_head *sp)
{
LEX_STRING *usr, *hst;
if (strcmp("root", thd->priv_user) == 0)
return FALSE; /* QQ Any root is ok now */
usr= &sp->m_definer_user;
hst= &sp->m_definer_host;
if (strncmp(thd->priv_user, usr->str, usr->length) == 0 &&
strncmp(thd->priv_host, hst->str, hst->length) == 0)
return FALSE; /* Both user and host must match */
my_error(ER_SP_ACCESS_DENIED_ERROR, MYF(0), sp->m_qname.str);
return TRUE; /* Not definer or root */
}
/****************************************************************************
Check stack size; Send error if there isn't enough stack to continue
****************************************************************************/