database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Bug#12601974 - STORED PROCEDURE SQL_MODE=NO_BACKSLASH_ESCAPES IGNORED AND BREAKS REPLICATION

Browse Source 
Analysis:
========================
sql_mode "NO_BACKSLASH_ESCAPES": When user want to use backslash as character input,
instead of escape character in a string literal then sql_mode can be set to 
"NO_BACKSLASH_ESCAPES". With this mode enabled, backslash becomes an ordinary 
character like any other. 

SQL_MODE set applies to the current client session. And while creating the stored 
procedure, MySQL stores the current sql_mode and always executes the stored 
procedure in sql_mode stored with the Procedure, regardless of the server SQL 
mode in effect when the routine is invoked.  

In the scenario (for which bug is reported), the routine is created with 
sql_mode=NO_BACKSLASH_ESCAPES. And routine is executed with the invoker sql_mode
is "" (NOT SET) by executing statement "call testp('Axel\'s')".
Since invoker sql_mode is "" (NOT_SET), the '\' in 'Axel\'s'(argument to function)
is considered as escape character and column "a" (of table "t1") values are 
updated with "Axel's". The binary log generated for above update operation is as below,

  set sql_mode=XXXXXX (for no_backslash_escapes)
  update test.t1 set a= NAME_CONST('var',_latin1'Axel\'s' COLLATE 'latin1_swedish_ci');

While logging stored procedure statements, the local variables (params) used in
statements are replaced with the NAME_CONST(var_name, var_value) (Internal function) 
(http://dev.mysql.com/doc/refman/5.6/en/miscellaneous-functions.html#function_name-const)

On slave, these logs are applied. NAME_CONST is parsed to get the variable and its
value. Since, stored procedure is created with sql_mode="NO_BACKSLASH_ESCAPES", the sql_mode
is also logged in. So that at slave this sql_mode is set before executing the statements
of routine.  So at slave, sql_mode is set to "NO_BACKSLASH_ESCAPES" and then while
parsing NAME_CONST of string variable, '\' is considered as NON ESCAPE character
and parsing reported error for "'" (as we have only one "'" no backslash). 

At slave, parsing was proper with sql_mode "NO_BACKSLASH_ESCAPES".
But above error reported while writing bin log, "'" (of Axel's) is escaped with
"\" character. Actually, all special characters (n, r, ', ", \, 0...) are escaped
while writing NAME_CONST for string variable(param, local variable) in bin log 
Airrespective of "NO_BACKSLASH_ESCAPES" sql_mode. So, basically, the problem is 
that logging string parameter does not take into account sql_mode value.

Fix:
========================
So when sql_mode is set to "NO_BACKSLASH_ESCAPES", escaping  characters as 
(n, r, ', ", \, 0...) should be avoided. To do so, added a check to not to
escape such characters while writing NAME_CONST for string variables in bin 
log. 
And when sql_mode is set to NO_BACKSLASH_ESCAPES, quote character "'" is
represented as ''.
http://dev.mysql.com/doc/refman/5.6/en/string-literals.html (There are several 
ways to include quote characters within a string: )



mysql-test/r/sql_mode.result:
  Added test case for Bug#12601974.
mysql-test/suite/binlog/r/binlog_sql_mode.result:
  Appended result of test cases added for Bug#12601974.
mysql-test/suite/binlog/t/binlog_sql_mode.test:
  Added test case for Bug#12601974.
mysql-test/t/sql_mode.test:
  Appended result of test cases added for Bug#12601974.
This commit is contained in:
Praveenkumar Hulakund
2012-02-29 12:23:15 +05:30
parent c2d0fea84e
commit c22c9270fb
10 changed files with 596 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
mysql-test/r/sql_mode.result
View File

@ -527,3 +527,207 @@ SELECT * FROM mysql.columns_priv WHERE Host = 'localhost' AND User LIKE 'user_%P
Host Db User Table_name Column_name Timestamp Column_priv
DROP TABLE t1;
DROP TABLE t2;
#
# Test for Bug#12601974 - STORED PROCEDURE SQL_MODE=NO_BACKSLASH_ESCAPES
# IGNORED AND BREAKS REPLICATION
#
DROP TABLE IF EXISTS test_table;
DROP FUNCTION IF EXISTS test_function;
CREATE TABLE test_table (c1 CHAR(50));
SET @org_mode=@@sql_mode;
SET @@sql_mode='';
PREPARE insert_stmt FROM 'INSERT INTO test_table VALUES (?)';
PREPARE update_stmt FROM 'UPDATE test_table SET c1= ? WHERE c1= ?';
CREATE FUNCTION test_function(var CHAR(50)) RETURNS CHAR(50)
BEGIN
DECLARE char_val CHAR(50);
SELECT c1 INTO char_val FROM test_table WHERE c1=var;
RETURN char_val;
END
$
SET @var1='abcd\'ef';
SET @var2='abcd\"ef';
SET @var3='abcd\bef';
SET @var4='abcd\nef';
SET @var5='abcd\ref';
SET @var6='abcd\tef';
SET @var7='abcd\\ef';
SET @var8='abcd\%ef';
SET @var9='abcd\_ef';
SET @to_var1='wxyz\'ef';
SET @to_var2='wxyz\"ef';
SET @to_var3='wxyz\bef';
SET @to_var4='wxyz\nef';
SET @to_var5='wxyz\ref';
SET @to_var6='wxyz\tef';
SET @to_var7='wxyz\\ef';
SET @to_var8='wxyz\%ef';
SET @to_var9='wxyz\_ef';
# STRING LILTERAL WITH BACKSLASH IN PREPARE STATEMENT
EXECUTE insert_stmt USING @var1;
EXECUTE insert_stmt USING @var2;
EXECUTE insert_stmt USING @var3;
EXECUTE insert_stmt USING @var4;
EXECUTE insert_stmt USING @var5;
EXECUTE insert_stmt USING @var6;
EXECUTE insert_stmt USING @var7;
EXECUTE insert_stmt USING @var8;
EXECUTE insert_stmt USING @var9;
SELECT * FROM test_table;
c1
abcd'ef
abcd"ef
abcdef
abcd
ef
abcd
ef
abcd ef
abcd\ef
abcd\%ef
abcd\_ef
EXECUTE update_stmt USING @to_var1, @var1;
EXECUTE update_stmt USING @to_var2, @var2;
EXECUTE update_stmt USING @to_var3, @var3;
EXECUTE update_stmt USING @to_var4, @var4;
EXECUTE update_stmt USING @to_var5, @var5;
EXECUTE update_stmt USING @to_var6, @var6;
EXECUTE update_stmt USING @to_var7, @var7;
EXECUTE update_stmt USING @to_var8, @var8;
EXECUTE update_stmt USING @to_var9, @var9;
SELECT * FROM test_table;
c1
wxyz'ef
wxyz"ef
wxyzef
wxyz
ef
wxyz
ef
wxyz ef
wxyz\ef
wxyz\%ef
wxyz\_ef
# END OF CASE - STRING LILTERAL WITH BACKSLASH IN PREPARE STATEMENT
# STRING LILTERAL WITH BACKSLASH IN FUNCTION RETURNING STRING
select test_function(@to_var1);
test_function(@to_var1)
wxyz'ef
SELECT test_function(@to_var2);
test_function(@to_var2)
wxyz"ef
SELECT test_function(@to_var3);
test_function(@to_var3)
wxyzef
SELECT test_function(@to_var4);
test_function(@to_var4)
wxyz
ef
SELECT test_function(@to_var5);
test_function(@to_var5)
wxyz
ef
SELECT test_function(@to_var6);
test_function(@to_var6)
wxyz ef
SELECT test_function(@to_var7);
test_function(@to_var7)
wxyz\ef
SELECT test_function(@to_var8);
test_function(@to_var8)
wxyz\%ef
SELECT test_function(@to_var9);
test_function(@to_var9)
wxyz\_ef
# END OF CASE - STRING LILTERAL WITH BACKSLASH IN FUNCTION RETURNING STRING
DELETE FROM test_table;
DROP FUNCTION test_function;
SET @@sql_mode='NO_BACKSLASH_ESCAPES';
CREATE FUNCTION test_function(var CHAR(50)) RETURNS CHAR(50)
BEGIN
DECLARE char_val CHAR(50);
SELECT c1 INTO char_val FROM test_table WHERE c1=var;
RETURN char_val;
END
$
# STRING LILTERAL WITH BACKSLASH IN PREPARE STATEMENT
EXECUTE insert_stmt USING @var1;
EXECUTE insert_stmt USING @var2;
EXECUTE insert_stmt USING @var3;
EXECUTE insert_stmt USING @var4;
EXECUTE insert_stmt USING @var5;
EXECUTE insert_stmt USING @var6;
EXECUTE insert_stmt USING @var7;
EXECUTE insert_stmt USING @var8;
EXECUTE insert_stmt USING @var9;
SELECT * FROM test_table;
c1
abcd'ef
abcd"ef
abcdef
abcd
ef
abcd
ef
abcd ef
abcd\ef
abcd\%ef
abcd\_ef
EXECUTE update_stmt USING @to_var1, @var1;
EXECUTE update_stmt USING @to_var2, @var2;
EXECUTE update_stmt USING @to_var3, @var3;
EXECUTE update_stmt USING @to_var4, @var4;
EXECUTE update_stmt USING @to_var5, @var5;
EXECUTE update_stmt USING @to_var6, @var6;
EXECUTE update_stmt USING @to_var7, @var7;
EXECUTE update_stmt USING @to_var8, @var8;
EXECUTE update_stmt USING @to_var9, @var9;
SELECT * FROM test_table;
c1
wxyz'ef
wxyz"ef
wxyzef
wxyz
ef
wxyz
ef
wxyz ef
wxyz\ef
wxyz\%ef
wxyz\_ef
# END OF CASE - STRING LILTERAL WITH BACKSLASH IN PREPARE STATEMENT
# STRING LILTERAL WITH BACKSLASH IN FUNCTION RETURNING STRING
select test_function(@to_var1);
test_function(@to_var1)
wxyz'ef
SELECT test_function(@to_var2);
test_function(@to_var2)
wxyz"ef
SELECT test_function(@to_var3);
test_function(@to_var3)
wxyzef
SELECT test_function(@to_var4);
test_function(@to_var4)
wxyz
ef
SELECT test_function(@to_var5);
test_function(@to_var5)
wxyz
ef
SELECT test_function(@to_var6);
test_function(@to_var6)
wxyz ef
SELECT test_function(@to_var7);
test_function(@to_var7)
wxyz\ef
SELECT test_function(@to_var8);
test_function(@to_var8)
wxyz\%ef
SELECT test_function(@to_var9);
test_function(@to_var9)
wxyz\_ef