...and no ALTER privilege either.
For now, only the definer and root can drop or alter an SP.
include/mysqld_error.h:
New access denied error code when dropping/altering stored procedures.
include/sql_state.h:
New access denied error code when dropping/altering stored procedures.
mysql-test/r/sp-error.result:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
mysql-test/r/sp-security.result:
Added tests for access control on who's allowed to drop and alter SPs.
mysql-test/r/sp.result:
Updated results. (Warning removed.)
mysql-test/t/sp-error.test:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
mysql-test/t/sp-security.test:
Added tests for access control on who's allowed to drop and alter SPs.
sql/share/czech/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/danish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/dutch/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/english/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/estonian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/french/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/german/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/greek/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/hungarian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/italian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/japanese/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/korean/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/norwegian-ny/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/norwegian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/polish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/portuguese/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/romanian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/russian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/serbian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/slovak/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/spanish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/swedish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/ukrainian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/sql_parse.cc:
Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer
and root are allowed to do this.
sql/sql_yacc.yy:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
Removed the support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
mysql-test/r/sp-error.result:
Removed test for renaming procedures with alter.
mysql-test/r/sp.result:
Removed test for renaming procedures with alter.
mysql-test/t/sp-error.test:
Removed test for renaming procedures with alter.
mysql-test/t/sp.test:
Removed test for renaming procedures with alter.
sql/sp.cc:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sp.h:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sql_parse.cc:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sql_yacc.yy:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
I learned that one shouldn't use String::set in val_str() methods...
mysql-test/r/gis.result:
Test result for #6117
mysql-test/t/gis.test:
Test case #6117
sql/item_geofunc.cc:
String::set doesn't work here
sql/spatial.cc:
Error message isn't needed here
mysql-test/r/view.result:
user with global DB privileges test
mysql-test/t/view.test:
user with global DB privileges test
sql/sql_acl.cc:
fixed db/user privileges getting
names with ident. tables fr. diff. schemata": revise all uses of
Item_field and make them prepared-statements friendly when necessary.
mysql-test/r/ps.result:
Test results fixed: the test case for Bug#6050
mysql-test/r/ps_1general.result:
Test results fixed: in prepared statements we expand '*' to a list
of fully qualified fields (db.table.column).
mysql-test/t/ps.test:
A test for Bug#6050 "EXECUTE stmt reports ambiguous fieldnames with
ident. tables fr. diff. schemata"
sql/item.cc:
Revise all Item_field constructors: we need to make sure that no Item_field
object points to unaccessible memory in prepared statements.
sql/item.h:
Revise all Item_field constructors: we need to make sure that no Item_field
object points to unaccessible memory in prepared statements.
sql/sql_base.cc:
Item_field use changed to be prepared statements friendly.
sql/sql_class.h:
New check of Item_arena state.
sql/sql_union.cc:
Fixing the problem with name resolving in UNION and prepared statements:
In case of SELECT a, b, c FROM t1 UNION SELECT a, b, c FROM t2 the list of
selected items is represented as a List<Item_field>, where each
Item_field points to a field of temporary table.
But the temporary table is created anew on each execution of the prepared
statement. So on each subsequent execution we should reset Item_field
items to point to fields from freshly-created temporary table.
sql/table.h:
Comment TABLE member.
into sanja.is.com.ua:/home/bell/mysql/bk/work-error-5.0
sql/ha_innodb.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_row.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_select.h:
Auto merged
Added SQLSTATE matching support to test engine
mysqltest.result, mysqltest.test:
new file
mysql-test/t/mysqltest.test:
Added SQLSTATE matching support to test engine
mysql-test/r/mysqltest.result:
Added SQLSTATE matching support to test engine
client/mysqltest.c:
Added SQLSTATE matching support to test engine
mysql-test/r/query_cache.result:
hiding real table stored in query cache by temporary table
mysql-test/t/query_cache.test:
hiding real table stored in query cache by temporary table
sql/sql_cache.cc:
Check of temporary tables hiding for query fetched from QC
sql/sql_cache.h:
Key length now stored in table record of query cache
Removed the assumption of a certain key order.
Since 4.1, keys are padded with blanks for comparison.
Hence, shorter keys sort behind longer keys, if the
data bytes have values below BLANK.
mysql-test/r/key.result:
BUG#6151 - myisam index corruption.
The test results.
mysql-test/t/key.test:
BUG#6151 - myisam index corruption.
Added the test case as derived from the original data.
mysql-test/r/view.result:
LOAD DATA with view and CHECK OPTION
mysql-test/t/view.test:
LOAD DATA with view and CHECK OPTION
sql/log_event.cc:
new parameter for load data
sql/mysql_priv.h:
new parameter for load data
sql/sql_lex.cc:
LOAD DATA supported by view
sql/sql_load.cc:
added support of view and CHECK OPTION of view to LOAD DATA
sql/sql_parse.cc:
new parameter for CHECK OPTION
mysql.time_zone* tables".
We are excluding implicitly used time zone tables from privilege
checking.
mysql-test/r/timezone2.result:
Added test for bug #6116 "SET time_zone := ... requires access to
mysql.time_zone tables"
mysql-test/t/timezone2.test:
Added test for bug #6116 "SET time_zone := ... requires access to
mysql.time_zone tables"
sql/sql_parse.cc:
check_table_access(): we should avoid privilege checking for implicitly
used time zone tables.
sql/tztime.cc:
Indicated dependancy between my_tz_get_table_list() function and
my_tz_check_n_skip_implicit_tables() function.
sql/tztime.h:
Added my_tz_check_n_skip_implicit_tables() function which allows easily
determine whenever we have found beggining of the list of implicitly used
time zone tables and fast-forward to its end.
check option build only according most top VIEW CHECK OPTION TYPE (BUG#5993)
mysql-test/r/view.result:
CASCADED should be used for all underlaying VIEWs
mysql-test/t/view.test:
CASCADED should be used for all underlaying VIEWs
sql/sql_base.cc:
new behaviour of CHECK option build, for mor efficience and more correct.
sql/table.cc:
new behaviour of CHECK option build, for mor efficience and more correct.
sql/table.h:
new behaviour of CHECK option build, for mor efficience and more correct.
mysql-test/r/view.result:
changing value by trigger and CHECK OPTION
mysql-test/t/view.test:
changing value by trigger and CHECK OPTION
sql/sql_insert.cc:
value should be checked after 'before' trigger work
mysql-test/r/ps_10nestset.result:
Correct the expected protocol according to the test changes.
mysql-test/t/ps_10nestset.test:
Improve comments; adapt to standard test style:
disable warnings around 'drop table', use 't#' table name scheme.
mysql-test/t/ps_11bugs.test:
Corrected a typing error in the bug number comment.
mysql-test/r/view.result:
inserting single value with check option failed always get error
mysql-test/t/view.test:
inserting single value with check option failed always get error
sql/sql_insert.cc:
inserting single value with check option failed always get error
mysql-test/r/view.result:
fixed default behaviour of WITH CHECK OPTIONS according to standard
sql/sql_yacc.yy:
fixed default behaviour of WITH CHECK OPTIONS according to standard
mysql-test/r/view.result:
test of cascaded check option for whiew without WHERE clause
mysql-test/t/view.test:
test of cascaded check option for whiew without WHERE clause
sql/table.cc:
Allow inheriting check options if view have not WHERE clause
mysql-test/r/func_str.result:
fixed printing of substring_index
mysql-test/r/view.result:
test of substring_index with view
mysql-test/t/view.test:
test of substring_index with view
sql/item_strfunc.h:
fixed printing of substring_index
Fixed bug #6187: a wrong initial setting for const_item_cache
in Item_cond::fix_fields.
sql/item_cmpfunc.cc:
Fixed bug #6187: a wrong initial setting for const_item_cache
in Item_cond::fix_fields.
mysql-test/r/func_test.result:
Fixed bug #6187: a wrong initial setting for const_item_cache
in Item_cond::fix_fields.
into rurik.mysql.com:/home/igor/dev/mysql-5.0-0
mysql-test/r/innodb.result:
Auto merged
mysql-test/r/range.result:
Auto merged
mysql-test/t/range.test:
Auto merged
sql/opt_range.cc:
Auto merged
BitKeeper/etc/logging_ok:
auto-union
Docs/Support/texi2html:
Auto merged
innobase/trx/trx0rec.c:
Auto merged
libmysql/libmysql.c:
Auto merged
myisam/myisampack.c:
Auto merged
mysql-test/t/innodb-lock.test:
Auto merged
mysys/thr_lock.c:
Auto merged
sql/ha_innodb.cc:
Auto merged
sql/lock.cc:
Auto merged
sql/sql_acl.cc:
Keep old code
into sanja.is.com.ua:/home/bell/mysql/bk/work-error-5.0
mysql-test/r/sp.result:
Auto merged
mysql-test/t/sp.test:
Auto merged
sql/item.cc:
Auto merged
sql/item_sum.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_handler.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_select.h:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
mysql-test/r/rpl_rotate_logs.result:
changed error message
mysql-test/t/rpl_rotate_logs.test:
changed error message
sql/log_event.cc:
changed function name to prevent injection wrong code from 4.1
sql/mysqld.cc:
changed function name to prevent injection wrong code from 4.1
sql/protocol.cc:
changed function name to prevent injection wrong code from 4.1
sql/protocol.h:
changed function name to prevent injection wrong code from 4.1
sql/sql_class.h:
changed function name to prevent injection wrong code from 4.1
sql/sql_parse.cc:
changed function name to prevent injection wrong code from 4.1
sql/sql_repl.cc:
changed function name to prevent injection wrong code from 4.1
mysql-test/r/innodb-lock.result:
Fix test case (old one didn't test things correctly)
mysql-test/t/innodb-lock.test:
Fix test case (old one didn't test things correctly)
mysys/thr_lock.c:
More debugging information
sql/mysqld.cc:
Enable innodb_table_locks as default, as otherwise there is a possibility for deadlocks
sql/sql_base.cc:
More debug information
into mysql.com:/home/dlenev/src/mysql-4.1-secfix
sql/mysql_priv.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_prepare.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
he has SELECT and INSERT privileges for table with primary key"
Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has
ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck()
function (this also fixes a bug) and some other code.
mysql-test/r/grant2.result:
Added test for bug #6173 "One can circumvent missing UPDATE privilege if
he has SELECT and INSERT privileges for table with primary key"
mysql-test/t/grant2.test:
Added test for bug #6173 "One can circumvent missing UPDATE privilege if
he has SELECT and INSERT privileges for table with primary key"
sql/mysql_priv.h:
insert_precheck() don't need "update" parameter any longer since
now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
KEY UPDATE clause.
sql/sql_parse.cc:
insert_precheck() don't need "update" parameter any longer since
now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
KEY UPDATE clause, so it can determine whenever it is needed to
require UPDATE_ACL by itself. Also calling of mysql_insert() is
simplified.
sql/sql_prepare.cc:
insert_precheck() don't need "update" parameter any longer since
now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
KEY UPDATE clause, so it can determine whenever it is needed to
require UPDATE_ACL by itself. Also calling of mysql_insert() is
simplified.
sql/sql_yacc.yy:
It is better to set Lex->duplicates= DUP_UPDATE right in parser if we
have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later.
