The flag EXTRA_ACL is used in conjugation with our access checks, yet it is
not clear what impact this flag has.
This is a code clean up which replaces use of EXTRA_ACL with an explicit
function parameter.
The patch also fixes privilege checks for:
- SHOW CREATE TABLE: The new privilege requirement is any privilege on
the table-level.
- CHECKSUM TABLE: Requires SELECT on the table level.
- SHOW CREATE VIEW: Requires SHOW_VIEW and SELECT on the table level
(just as the manual claims)
- SHOW INDEX: Requires any privilege on any column combination.
mysql-test/r/grant.result:
* Error message now shows correct command (SHOW instead of SELECT)
mysql-test/r/grant2.result:
* Error message now shows correct command (SHOW instead of SELECT)
mysql-test/r/grant4.result:
* This test file tests privilege requirements for
SHOW COLUMNS
CREATE TABLE .. LIKE
SHOW CREATE TABLE
SHOW INDEX
CHECKSUM TABLE
SHOW CREATE VIEW
mysql-test/r/information_schema_db.result:
* Added SELECT privilege to testdb_2 as
SHOW CREATE VIEW now demands this privilege
as well as SHOW VIEW.
mysql-test/r/outfile.result:
* Changed error code
mysql-test/r/view_grant.result:
* Additional SELECT privilege is now needed
for SHOW CREATE VIEW
mysql-test/t/grant4.test:
* This test file tests privilege requirements for
SHOW COLUMNS
CREATE TABLE .. LIKE
SHOW CREATE TABLE
SHOW INDEX
CHECKSUM TABLE
SHOW CREATE VIEW
mysql-test/t/information_schema_db.test:
* Added SELECT privilege to testdb_2 as
SHOW CREATE VIEW now demands this privilege
as well as SHOW VIEW.
mysql-test/t/outfile.test:
* Changed error code
mysql-test/t/view_grant.test:
* Additional SELECT privilege is now needed
for SHOW CREATE VIEW
sql/mysql_priv.h:
* Replaced EXTRA_ACL with a parameter
sql/sp_head.cc:
* Replaced EXTRA_ACL with a parameter
sql/sql_acl.cc:
* Converted function documentation to doxygen and clarified some behaviors.
* Changed value from uint to bool to better reflect its meaning.
* Removed pointless variable orig_want_access
* Added function has_any_table_level_privileges to help with requirements
checks during SHOW CREATE TABLE.
sql/sql_acl.h:
* changed signature of check_grant()
* introduced access control function has_any_table_leevl_privileges()
sql/sql_base.cc:
* Check_table_access has new signature
sql/sql_cache.cc:
* Check_table_access has new signature
sql/sql_parse.cc:
* Rewrote function documentation in doxygen comments for: check_access,
check_table_acces, check_grant.
* Removed EXTRA_ACL flag where it doesn't hold any meaningful purpose anymore
and replaced it with a function parameter where any privileges on any column
combination would satisfy the requirement.
* Fixed privilege check for SHOW COLUMNS and SHOW INDEX
* Modified check_table_access to gain clarity in what EXTRA_ACL actually does.
* Modified check_access to gain clarity in what EXTRA_ACL actually does.
* Fixed privilege check for CREATE TABLE .. LIKE .. ; It now requires SELECT
privileges on the table.
* Fixed privilege check for SHOW CREATE TABLE ..; It now requires any privilege
on the table level.
sql/sql_plugin.cc:
* check_table_access has new signature
sql/sql_prepare.cc:
* check_table_access has new signature
sql/sql_show.cc:
* check_table_access has new signature
sql/sql_trigger.cc:
* check_table_access has new signature
sql/sql_update.cc:
* check grant has new signature
sql/sql_view.cc:
* check_table_access has new signature
Implemented the server infrastructure for the fix:
1. Added a function LEX_STRING *thd_query_string(THD) to return
a LEX_STRING structure instead of char *.
This is the function that must be called in innodb instead of
thd_query()
2. Did some encapsulation in THD : aggregated thd_query and
thd_query_length into a LEX_STRING and made accessor and mutator
methods for easy code updating.
3. Updated the server code to use the new methods where applicable.
----------------------------------------------------------
revno: 2630.22.8
committer: Konstantin Osipov <konstantin@mysql.com>
branch nick: mysql-6.0-runtime
timestamp: Sun 2008-08-10 18:49:52 +0400
message:
Get rid of typedef struct for the most commonly used types:
TABLE, TABLE_SHARE, LEX. This simplifies use of tags
and forward declarations.
Original revision in 6.0:
------------------------------------------------------------
revno: 2630.13.11
committer: Alexander Nozdrin <alik@mysql.com>
branch nick: 6.0-rt-wl4300
timestamp: Thu 2008-07-24 11:44:21 +0400
message:
A patch for WL#4300: Define privileges for tablespaces.
------------------------------------------------------------
per-file messages:
mysql-test/r/grant.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/r/ps.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/r/system_mysql_db.result
Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
mysql-test/suite/falcon/r/falcon_tablespace_priv.result
Test case for WL#4300.
mysql-test/suite/falcon/t/falcon_tablespace_priv.test
Test case for WL#4300.
mysql-test/suite/ndb/r/ndb_dd_ddl.result
Test case for WL#4300.
mysql-test/suite/ndb/t/ndb_dd_ddl.test
Test case for WL#4300.
scripts/mysql_system_tables.sql
New columm 'Create_tablespace_priv' has been added to mysql.user.
scripts/mysql_system_tables_data.sql
'CREATE TABLESPACE' is granted by default to the root user.
scripts/mysql_system_tables_fix.sql
Grant 'CREATE TABLESPACE' privilege during system table upgrade
if a user had SUPER privilege.
sql/sql_acl.cc
Added CREATE TABLESPACE privilege.
sql/sql_acl.h
Added CREATE TABLESPACE privilege.
sql/sql_parse.cc
Check global 'CREATE TABLESPACE' privilege for the following SQL statements:
- CREATE | ALTER | DROP TABLESPACE
- CREATE | ALTER | DROP LOGFILE GROUP
sql/sql_show.cc
Added CREATE TABLESPACE privilege.
sql/sql_yacc.yy
Added CREATE TABLESPACE privilege.
strict SQL mode
The problem was that a COMMENT longer than 64 characters
caused CREATE PROCEDURE to fail.
This patch fixed the problem by changing the COMMENT field in
mysql.proc from char(64) to text. The corresponding ROUTINE_COMMENT
field in INFORMATION_SCHEMA.ROUTINES is also changed from
varchar(64) to longtext.
mysql_system_tables.sql and mysql_system_tables_fix.sql updated.
Test case added to sp.test and affected result-files updated.
lowercasing table name".
In lower_case_table_names > 0 mode some queries to I_S left entries
with incorrect key in table definition cache. This wasted memory and
caused some of the further queries to I_S to produce stale results
in cases when table definition was changed by a DDL statement.
Also in combination with similar problem in CREATE TABLE (which also
has peeked into table definition cache using non-normalized key) this
issue led to to spurious ER_TABLE_EXISTS_ERROR errors when one tried
to create a table with the same name as a previously existing but
dropped table (assuming that table name contained characters in upper
case).
This problem occured due to fact that fill_schema_table_from_frm()
was not properly normalizing (lowercasing) database and table names
which it used for lookups in table definition cache.
This fix adds proper normalization to this function. It also solves
similar problem in CREATE TABLE's code by ensuring that it uses
properly normalized version of table name when it peeks into table
definition cache instead of non-normalized one.
mysql-test/r/lowercase_table2.result:
Added test for #44738 "fill_schema_table_from_frm() opens tables
without lowercasing table name".
mysql-test/t/lowercase_table2.test:
Added test for #44738 "fill_schema_table_from_frm() opens tables
without lowercasing table name".
sql/sql_show.cc:
Normalize database and table name before using them for looking
up entry in table definition cache.
sql/sql_table.cc:
Ensure that CREATE TABLE uses properly normalized version of table
name when it peeks into table definition cache.
view definition
During SHOW CREATE VIEW there is no reason to 'anonymize'
errors that name objects that a user does not have access
to. Moreover it was inconsistently implemented. For example
base tables being referenced from a view appear to be ok,
but not views. The manual on the other hand is clear: If a
user has the privileges SELECT and SHOW VIEW, the view
definition is available to that user, period. The fix
changes the behavior to support the manual.
mysql-test/r/information_schema_db.result:
Bug#35996: Changed warnings.
mysql-test/r/view_grant.result:
Bug#35996: Changed warnings, test result.
mysql-test/t/information_schema_db.test:
Bug#35996: Changed test case to reflect new behavior.
mysql-test/t/view_grant.test:
Bug#35996: Test case.
sql/sql_acl.cc:
Bug#35996: Code no longer necessary, we may as well exempt
SHOW CREATE VIEW from this check.
sql/sql_show.cc:
Bug#35996: The fix: An Internal_error_handler that hides
most errors raised by access checking as they are not
relevant to SHOW CREATE VIEW.
sql/table.cc:
Bug#35996: Restricting this hack to act only when there is
no Internal_error_handler.
on SHOW CREATE TRIGGER + MERGE table
Problem: SHOW CREATE TRIGGER erroneously relies on fact
that we have the only underlying table for a trigger
(wrong for merge tables).
Fix: remove erroneous assert().
mysql-test/r/merge.result:
Fix for bug #46614: Assertion in show_create_trigger()
on SHOW CREATE TRIGGER + MERGE table
- test result.
mysql-test/t/merge.test:
Fix for bug #46614: Assertion in show_create_trigger()
on SHOW CREATE TRIGGER + MERGE table
- test case.
sql/sql_show.cc:
Fix for bug #46614: Assertion in show_create_trigger()
on SHOW CREATE TRIGGER + MERGE table
- unnecessary assert() removed as we may have more than 1
tables open e.g. for a merge table.
those keywords do nothing in 5.1 (they are meant for future versions, for example featuring the Maria engine)
so they are here removed from the syntax. Adding those keywords to future versions when needed is:
- WL#5034 "Add TRANSACTIONA=0|1 and PAGE_CHECKSUM=0|1 clauses to CREATE TABLE"
- WL#5037 "New ROW_FORMAT value for CREATE TABLE: PAGE"
mysql-test/r/create.result:
test that syntax is not accepted
mysql-test/t/create.test:
test that syntax is not accepted
sql/handler.cc:
remove ROW_FORMAT=PAGE
sql/handler.h:
Mark unused objects, but I don't remove them by fear of breaking any plugin which includes this file
(see also table.h)
sql/lex.h:
removing syntax
sql/sql_show.cc:
removing output of noise keywords in SHOW CREATE TABLE and INFORMATION_SCHEMA.TABLES
sql/sql_table.cc:
removing TRANSACTIONAL
sql/sql_yacc.yy:
removing syntax
sql/table.cc:
removing TRANSACTIONAL, PAGE_CHECKSUM. Their place in the frm file is not reclaimed,
for compatibility with older 5.1.
sql/table.h:
Mark unused objects, but I don't remove them by fear of breaking any plugin which includes this file
(and there are several engines which use the content TABLE_SHARE and thus rely on a certain binary
layout of this structure).
procedures causes crashes!
The problem of that bugreport was mostly fixed by the
patch for bug 38691.
However, attached test case focused on another crash or
valgrind warning problem: SHOW PROCESSLIST query accesses
freed memory of SP instruction that run in a parallel
connection.
Changes of thd->query/thd->query_length in dangerous
places have been guarded with the per-thread
LOCK_thd_data mutex (the THD::LOCK_delete mutex has been
renamed to THD::LOCK_thd_data).
sql/ha_myisam.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the a THD::set_query() method call/LOCK_thd_data
mutex.
Unnecessary locking with the global LOCK_thread_count
mutex has been removed.
sql/log_event.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the THD::set_query()) method call/LOCK_thd_data
mutex.
sql/slave.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the THD::set_query() method call/LOCK_thd_data mutex.
The THD::LOCK_delete mutex has been renamed to
THD::LOCK_thd_data.
sql/sp_head.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the a THD::set_query() method call/LOCK_thd_data
mutex.
sql/sql_class.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
The new THD::LOCK_thd_data mutex and THD::set_query()
method has been added to guard modifications of THD::query/
THD::query_length fields, also the Statement::set_statement()
method has been overloaded in the THD class.
The THD::LOCK_delete mutex has been renamed to
THD::LOCK_thd_data.
sql/sql_class.h:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
The new THD::LOCK_thd_data mutex and THD::set_query()
method has been added to guard modifications of THD::query/
THD::query_length fields, also the Statement::set_statement()
method has been overloaded in the THD class.
The THD::LOCK_delete mutex has been renamed to
THD::LOCK_thd_data.
sql/sql_insert.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the a THD::set_query() method call/LOCK_thd_data
mutex.
sql/sql_parse.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Modification of THD::query/query_length has been guarded
with the a THD::set_query() method call/LOCK_thd_data mutex.
sql/sql_repl.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
The THD::LOCK_delete mutex has been renamed to
THD::LOCK_thd_data.
sql/sql_show.cc:
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
Inter-thread read of THD::query/query_length field has
been protected with a new per-thread LOCK_thd_data
mutex in the mysqld_list_processes function.
"create as select" (innodb table)
Problem: code constructing "CREATE TABLE..." statement
doesn't take into account that current database is not set
in some cases. That may lead to a server crash.
Fix: check if current database is set.
mysql-test/extra/binlog_tests/binlog.test:
Fix for bug#45998: database crashes when running
"create as select" (innodb table)
- test case.
mysql-test/suite/binlog/r/binlog_row_binlog.result:
Fix for bug#45998: database crashes when running
"create as select" (innodb table)
- test result.
sql/sql_show.cc:
Fix for bug#45998: database crashes when running
"create as select" (innodb table)
- added check if there's current database set.
Added privilege checking to SHOW CREATE TRIGGER code.
mysql-test/r/trigger_notembedded.result:
test result
mysql-test/t/trigger_notembedded.test:
test case
sql/sql_show.cc:
Added privilege checking to SHOW CREATE TRIGGER code.
The problem: described in the bug report.
The fix:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
client/mysql.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/ha_ndbcluster.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/ha_ndbcluster_binlog.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/handler.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/log.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/mysqld.cc:
removed unnecessary line
sql/parse_file.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_acl.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_base.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_db.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_delete.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_partition.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_rename.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_show.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_table.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
sql/sql_view.cc:
--increase buffers where it's necessary
(buffers which are used in stxnmov)
--decrease buffer lengths which are used
as argument for strxnmov function
with gcc 4.3.2
Compiling MySQL with gcc 4.3.2 and later produces a number of
warnings, many of which are new with the recent compiler
versions.
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
with gcc 4.3.2
Compiling MySQL with gcc 4.3.2 and later produces a number of
warnings, many of which are new with the recent compiler
versions.
This bug will be resolved in more than one patch to limit the
size of changesets. This is the second patch, fixing more
of the warnings.
the thread->mysys_var parameter should be empty for the idle
embedded-server threads so that working threads can safely free
this memory.
per-file comments:
libmysqld/lib_sql.cc
Bug#43733 Select on processlist let the embedded server crash (concurrent_innodb_safelog)
set thread->mysys_var= 0 after the query is handled
mysql-test/include/concurrent.inc
Bug#43733 Select on processlist let the embedded server crash (concurrent_innodb_safelog)
enable these for the embedded-server mode
sql/sql_show.cc
Bug#43733 Select on processlist let the embedded server crash (concurrent_innodb_safelog)
show thread lock status in the query result
become negative
- merged the fix to 5.1
- extended to cover I_S.PROCESSLIST.TIME
- Changed the column type of I_S.PROCESSLIST.TIME from LOGNLONG
UNSIGNED
to LONG (to match the SHOW PROCESSLIST type)
- Added a test case
seems to become negative
THD::start_time has a dual meaning : it's either the time since the process
entered a given state or is the transaction time returned by e.g. NOW().
This causes problems, as sometimes THD::start_time may be set to a value
that is correct and needed when used as a base for NOW(), but these times
may be arbitrary (SET @@timestamp) or non-local (coming from the master
through the replication feed).
If one such non-local time is set there's no way to return a correct value
for e.g. SHOW PROCESSLIST or SELECT ... FROM INFORMATION_SCHEMA.PROCESSLIST.
Fixed by making the Time column in SHOW PROCESSLIST SIGNED LONG instead of
UNSIGNED LONG and doing the correct conversions.
Note that no reliable test suite can be constructed, since it would require
knowing the local time and can't be achieved by the means of the current test
suite.
sql/sql_show.cc:
Bug #22047: make the Time in SHOW PROCESSLIST LONG from
LONG UNSIGNED
print compact view name if the view belongs to the current database
mysql-test/r/information_schema_db.result:
result fix
mysql-test/r/mysqldump.result:
result fix
mysql-test/r/view_grant.result:
result fix
sql/sql_show.cc:
print compact view name if the view belongs to the current database
Changed context of Create routine to Databases.
mysql-test/r/grant.result:
result fix
mysql-test/r/sp.result:
result fix
sql/sql_show.cc:
Changed context of Create routine to Databases.
become unescaped
Problem was only with the print out of the KEY partitioning list of
fields, it did not include quotes, even if it was needed.
Fixed by always add quotes if needed.
mysql-test/r/partition.result:
Bug#39338: Fieldnames in INFORMATIONSCHEMA.PARTITIONS.PARTITION_EXPRESSION
become unescaped
Updated result
mysql-test/t/partition.test:
Bug#39338: Fieldnames in INFORMATIONSCHEMA.PARTITIONS.PARTITION_EXPRESSION
become unescaped
Added test case
sql/sql_show.cc:
Bug#39338: Fieldnames in INFORMATIONSCHEMA.PARTITIONS.PARTITION_EXPRESSION
become unescaped
Added quotes if necessary.
replace wild_case_compare with my_wildcmp which is multibyte safe function
mysql-test/r/lowercase_utf8.result:
test result
mysql-test/t/lowercase_utf8-master.opt:
test case
mysql-test/t/lowercase_utf8.test:
test case
sql/sql_show.cc:
replace wild_case_compare with my_wildcmp which is multibyte safe function
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
Added global status variable 'Queries' which represents
total amount of queries executed by server including
statements executed by SPs.
note: It's old behaviour of 'Questions' variable.
mysql-test/r/status.result:
test result
mysql-test/t/status.test:
test case
sql/mysqld.cc:
Added global status variable 'Queries' which represents
total amount of queries executed by server including
statements executed by SPs.
note: It's old behaviour of 'Questions' variable.
sql/sql_show.cc:
Added global status variable 'Queries' which represents
total amount of queries executed by server including
statements executed by SPs.
note: It's old behaviour of 'Questions' variable.
sql/structs.h:
Added global status variable 'Queries' which represents
total amount of queries executed by server including
statements executed by SPs.
note: It's old behaviour of 'Questions' variable.
replace wild_case_compare with my_wildcmp which is multibyte safe function
mysql-test/r/lowercase_utf8.result:
test result
mysql-test/t/lowercase_utf8-master.opt:
test case
mysql-test/t/lowercase_utf8.test:
test case
sql/sql_show.cc:
replace wild_case_compare with my_wildcmp which is multibyte safe function
