Commit graph

177 commits

Author SHA1 Message Date
kroki/tomash@moonlight.intranet
4272d1efc3 Bug#18630: Arguments of suid routine calculated in wrong security
context.

Routine arguments were evaluated in the security context of the routine
itself, not in the caller's context.

The bug is fixed the following way:

  - Item_func_sp::find_and_check_access() has been split into two
    functions: Item_func_sp::find_and_check_access() itself only
    finds the function and check that the caller have EXECUTE privilege
    on it.  New function set_routine_security_ctx() changes security
    context for SUID routines and checks that definer have EXECUTE
    privilege too.

  - new function sp_head::execute_trigger() is called from
    Table_triggers_list::process_triggers() instead of
    sp_head::execute_function(), and is effectively just as the
    sp_head::execute_function() is, with all non-trigger related code
    removed, and added trigger-specific security context switch.

  - call to Item_func_sp::find_and_check_access() stays outside
    of sp_head::execute_function(), and there is a code in
    sql_parse.cc before the call to sp_head::execute_procedure() that
    checks that the caller have EXECUTE privilege, but both
    sp_head::execute_function() and sp_head::execute_procedure() call
    set_routine_security_ctx() after evaluating their parameters,
    and restore the context after the body is executed.
2006-07-13 17:12:31 +04:00
mkindahl@dl145k.mysql.com
9415b24139 Merge dl145k.mysql.com:/data0/mkindahl/bkroot/mysql-5.1-new-rpl
into  dl145k.mysql.com:/data0/mkindahl/bk/MERGE/mysql-5.1-merge
2006-07-11 12:17:19 +02:00
guilhem@gbichot3.local
fdb0f85a0c * Mixed replication mode * :
1) Fix for BUG#19630 "stored function inserting into two auto_increment breaks
statement-based binlog":
a stored function inserting into two such tables may fail to replicate
(inserting wrong data in the slave's copy of the second table) if the slave's
second table had an internal auto_increment counter different from master's.
Because the auto_increment value autogenerated by master for the 2nd table
does not go into binlog, only the first does, so the slave lacks information.
To fix this, if running in mixed binlogging mode, if the stored function or
trigger plans to update two different tables both having auto_increment
columns, we switch to row-based for the whole function.
We don't have a simple solution for statement-based binlogging mode, there
the bug remains and will be documented as a known problem.
Re-enabling rpl_switch_stm_row_mixed.
2) Fix for BUG#20630 "Mixed binlogging mode does not work with stored
functions, triggers, views", which was a documented limitation (in mixed
mode, we didn't detect that a stored function's execution needed row-based
binlogging (due to some UUID() call for example); same for
triggers, same for views (a view created from a SELECT UUID(), and doing
INSERT INTO sometable SELECT theview; would not replicate row-based).
This is implemented by, after parsing a routine's body, remembering in sp_head
that this routine needs row-based binlogging. Then when this routine is used,
the caller is marked to require row-based binlogging too.
Same for views: when we parse a view and detect that its SELECT needs
row-based binary logging, we mark the calling LEX as such.
3) Fix for BUG#20499 "mixed mode with temporary table breaks binlog":
a temporary table containing e.g. UUID has its changes not binlogged,
so any query updating a permanent table with data from the temporary table
will run wrongly on slave. Solution: in mixed mode we don't switch back
from row-based to statement-based when there exists temporary tables.
4) Attempt to test mysqlbinlog on a binlog generated by mysqlbinlog;
impossible due to BUG#11312 and BUG#20329, but test is in place for when
they are fixed.
2006-07-09 17:00:47 +02:00
konstantin@bodhi.netgear
01bc761690 Merge bodhi.netgear:/opt/local/work/tmp_merge
into  bodhi.netgear:/opt/local/work/mysql-5.1-runtime-merge-with-5.0
2006-07-06 22:55:48 +04:00
konstantin@mysql.com
117b76a562 A fix and a test case for
Bug#19022 "Memory bug when switching db during trigger execution"
 Bug#17199 "Problem when view calls function from another database."
 Bug#18444 "Fully qualified stored function names don't work correctly in
            SELECT statements"

 Documentation note: this patch introduces a change in behaviour of prepared
 statements.

 This patch adds a few new invariants with regard to how THD::db should
 be used. These invariants should be preserved in future:

  - one should never refer to THD::db by pointer and always make a deep copy
    (strmake, strdup)
  - one should never compare two databases by pointer, but use strncmp or
    my_strncasecmp
  - TABLE_LIST object table->db should be always initialized in the parser or
    by creator of the object.

    For prepared statements it means that if the current database is changed
    after a statement is prepared, the database that was current at prepare
    remains active. This also means that you can not prepare a statement that
    implicitly refers to the current database if the latter is not set.
    This is not documented, and therefore needs documentation. This is NOT a
    change in behavior for almost all SQL statements except:
     - ALTER TABLE t1 RENAME t2 
     - OPTIMIZE TABLE t1
     - ANALYZE TABLE t1
     - TRUNCATE TABLE t1 --
     until this patch t1 or t2 could be evaluated at the first execution of
     prepared statement. 

     CURRENT_DATABASE() still works OK and is evaluated at every execution
     of prepared statement.

     Note, that in stored routines this is not an issue as the default
     database is the database of the stored procedure and "use" statement
     is prohibited in stored routines.

  This patch makes obsolete the use of check_db_used (it was never used in the
  old code too) and all other places that check for table->db and assign it
  from THD::db if it's NULL, except the parser.

 How this patch was created: THD::{db,db_length} were replaced with a
 LEX_STRING, THD::db. All the places that refer to THD::{db,db_length} were
 manually checked and:
  - if the place uses thd->db by pointer, it was fixed to make a deep copy
  - if a place compared two db pointers, it was fixed to compare them by value
    (via strcmp/my_strcasecmp, whatever was approproate)
 Then this intermediate patch was used to write a smaller patch that does the
 same thing but without a rename.

 TODO in 5.1:
   - remove check_db_used
   - deploy THD::set_db in mysql_change_db

 See also comments to individual files.
2006-06-27 00:47:52 +04:00
knielsen@mysql.com
1e8c6f16e5 Merge mysql.com:/usr/local/mysql/mysql-5.0-bug19633
into  mysql.com:/usr/local/mysql/tmp-5.1
2006-05-15 18:41:04 +02:00
knielsen@mysql.com
6703a50f7d BUG#18037: Fix stack corruption in THD::rollback_item_tree_changes().
Stored procedure execution sometimes placed the address of auto variables
in the list of Item changes to undo in THD::rollback_item_tree_changes().
This could cause stack corruption.
2006-05-15 12:01:55 +02:00
monty@mysql.com
3ddc1f9956 Merge mysql.com:/home/my/mysql-5.0
into  mysql.com:/home/my/mysql-5.1
2006-05-04 15:58:30 +03:00
monty@mysql.com
837ba4f399 Fixed memory leak in sql_parse.cc (lex_end() was not called)
This caused sp-vars.test to fail
2006-05-04 15:30:38 +03:00
pem@mysql.com
0e2d20b1cb Merge mysql.com:/extern/mysql/5.1/generic/mysql-5.0-merge
into  mysql.com:/extern/mysql/5.1/generic/mysql-5.1-new
2006-04-25 16:20:49 +02:00
konstantin@mysql.com
ba845055f9 Merge mysql.com:/opt/local/work/tmp_merge
into  mysql.com:/opt/local/work/mysql-5.1-merge
2006-04-23 04:04:36 +04:00
pem@mysql.com
a6fbde9db7 Fixed BUG#18949: Test case sp-goto is disabled
Removed sp-goto.test, sp-goto.result and all (disabled) GOTO code.
  Also removed some related code that's not needed any more (no possible
  unresolved label references any more, so no need to check for them).
  NB: Keeping the ER_SP_GOTO_IN_HNDLR in errmsg.txt; it might become useful
      in the future, and removing it (and thus re-enumerating error codes)
      might upset things. (Anything referring to explicit error codes.)
2006-04-18 11:07:34 +02:00
pem@mysql.com
bf548fb916 Renaming sp_pcontext members and methods; less cryptic and more consistent.
Also added comments, and fixing some coding style (mostly in comments too).
There are no functional changes, so no tests or documentation needed.
(This was originally part of a bugfix, but it was decided to not include this
 in that patch; instead it's done separately.)
2006-04-07 16:53:15 +02:00
anozdrin@mysql.com
c1ef46fcc7 Merge mysql.com:/home/alik/Documents/AllProgs/MySQL/devel/5.0-tree
into  mysql.com:/home/alik/Documents/AllProgs/MySQL/devel/5.1-merged
2006-03-09 20:41:21 +03:00
anozdrin@mysql.com
fbb5920399 Implementation of WL#2897: Complete definer support in the stored routines.
The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION
statements. Almost all support of definer in stored routines had been already
done before this patch.

NOTE: this patch changes behaviour of dumping stored routines in mysqldump.
Before this patch, mysqldump did not dump DEFINER-clause for stored routines
and this was documented behaviour. In order to get full information about stored
routines, one should have dumped mysql.proc table. This patch changes this
behaviour, so that DEFINER-clause is dumped.

Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements
before this patch, the clause is covered by additional version-specific comments.
2006-03-02 15:18:49 +03:00
andrey@lmy004.
6e94ad1d65 fix for bug #16413 (Events: statements don't appear in the general query log)
WL#1034
2006-03-01 16:27:57 +01:00
andrey@lmy004.
a9884c4c0a fix for bug #16426
Events: Event-caused statements don't appear in the slow query log
WL#1034
2006-03-01 02:34:22 +01:00
konstantin@mysql.com
e1f807af26 Merge mysql.com:/home/kostja/mysql/mysql-5.0-root
into  mysql.com:/home/kostja/mysql/mysql-5.1-merge
2006-02-09 13:35:59 +03:00
konstantin@mysql.com
d4c5516929 Merge mysql.com:/home/kostja/mysql/tmp_merge
into  mysql.com:/home/kostja/mysql/mysql-5.1-merge
2006-02-08 13:11:44 +03:00
pem@mysql.com
2d340a875c Merge mysql.com:/extern/mysql/bk/mysql-5.0
into  mysql.com:/extern/mysql/work/bug16568/mysql-5.0
2006-02-06 14:09:14 +01:00
konstantin@mysql.com
9f0bb47f87 Merge mysql.com:/home/kostja/mysql/tmp_merge
into  mysql.com:/home/kostja/mysql/mysql-5.1-merge
2006-02-02 23:27:06 +03:00
konstantin@mysql.com
065f8066d5 Merge mysql.com:/home/kostja/mysql/mysql-5.0-for_merge
into  mysql.com:/home/kostja/mysql/mysql-5.1-merge
2006-02-02 12:03:35 +03:00
pem@mysql.com
ff4e2892b7 Fixed on BUG#16568: Continue handler with simple CASE not working correctly
After trying multiple inheritance (to messy and hard make it work) and
  sublassing jump_if_not (worked, but ugly), decided to on this solution
  instead:
  Inserting an abstract sp_instr_opt_meta class as parent for all instructions
  with destinations makes it possible to handle a continuation pointer for
  sp_instr_set_case_expr too.
  Note: No special test case; the fix is captured by the changed behaviour of
  bug14643_2, and bug14498_4 (formerly disabled), in sp.test.
2006-01-26 17:26:25 +01:00
pem@mysql.com
f60a763208 Fixed BUG#15737: Stored procedure optimizer bug with LEAVE
Second version.
  The problem was that the optimizer didn't work correctly with forwards jumps
  to "no-op" hpop and cpop instructions.
  Don't generate "no-op" instructions (hpop 0 and cpop 0), it isn't actually
  necessary.
2006-01-25 15:11:49 +01:00
pem@mysql.com
a07bbd78da Post-review fixes (BUG#15658). 2006-01-19 16:13:04 +01:00
pem@mysql.com
3a753667dd Merge mysql.com:/extern/mysql/bk/mysql-5.0
into  mysql.com:/extern/mysql/work/bug15658/mysql-5.0
2006-01-19 11:48:07 +01:00
pem@mysql.com
559a243686 Merge mysql.com:/extern/mysql/bk/mysql-5.0
into  mysql.com:/extern/mysql/work/bug14498/mysql-5.0
2006-01-16 15:37:25 +01:00
pem@mysql.com
0cc1acd51c Fixing BUG#15658: Server crashes after creating function as empty string
Empty strings (and names with trailing spaces) should not be allowed.
2006-01-11 15:11:05 +01:00
andrey@lmy004.
7c049782fa WL #1034 (Internal CRON)
merge before push
2006-01-10 21:02:19 +01:00
jimw@mysql.com
96ae7c2e78 Merge mysql.com:/home/jimw/my/mysql-5.0-clean
into  mysql.com:/home/jimw/my/mysql-5.1-clean
2006-01-06 10:42:58 -08:00
monty@mysql.com
b0a5ea01ef Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  mysql.com:/home/my/mysql-5.0
2006-01-06 01:08:48 +02:00
monty@mysql.com
6e22e29de6 Review fixes of new pushed code
- Fixed tests
- Optimized new code
- Fixed some unlikely core dumps
- Better bug fixes for:
  - #14397 - OPTIMIZE TABLE with an open HANDLER causes a crash
  - #14850 (ERROR 1062 when a quering a view using a Group By on a column that can be null
2006-01-06 00:47:49 +02:00
dlenev@mysql.com
5ff3e4ec57 Merge mysql.com:/home/dlenev/src/mysql-5.0-merges
into  mysql.com:/home/dlenev/src/mysql-5.1-merges
2005-12-12 14:59:14 +03:00
anozdrin@mysql.com
5d105fb7e7 Merge mysql.com:/home/alik/MySQL/devel/5.0-wl2984
into  mysql.com:/home/alik/MySQL/devel/5.1-wl2984-merge
2005-12-09 15:14:19 +03:00
dlenev@mysql.com
8d1292185c Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  mysql.com:/home/dlenev/src/mysql-5.0-merges
2005-12-07 20:31:10 +03:00
anozdrin@mysql.com
0ff8f60b45 Patch for WL#2894: Make stored routine variables work
according to the standard.

The idea is to use Field-classes to implement stored routines
variables. Also, we should provide facade to Item-hierarchy
by Item_field class (it is necessary, since SRVs take part
in expressions).

The patch fixes the following bugs:
  - BUG#8702: Stored Procedures: No Error/Warning shown for inappropriate data 
    type matching; 
 
  - BUG#8768: Functions: For any unsigned data type, -ve values can be passed 
    and returned; 
 
  - BUG#8769: Functions: For Int datatypes, out of range values can be passed 
    and returned; 
 
  - BUG#9078: STORED PROCDURE: Decimal digits are not displayed when we use 
    DECIMAL datatype; 
 
  - BUG#9572: Stored procedures: variable type declarations ignored; 
 
  - BUG#12903: upper function does not work inside a function; 
 
  - BUG#13705: parameters to stored procedures are not verified; 
 
  - BUG#13808: ENUM type stored procedure parameter accepts non-enumerated
    data; 
 
  - BUG#13909: Varchar Stored Procedure Parameter always BINARY string (ignores 
    CHARACTER SET); 
 
  - BUG#14161: Stored procedure cannot retrieve bigint unsigned;

  - BUG#14188: BINARY variables have no 0x00 padding;

  - BUG#15148: Stored procedure variables accept non-scalar values;
2005-12-07 17:01:17 +03:00
dlenev@mysql.com
06b895c096 Fix for bug #11555 "Stored procedures: current SP tables locking make
impossible view security".

We should not expose names of tables which are explicitly or implicitly (via
routine or trigger) used by view even if we find that they are missing.
So during building of list of prelocked tables for statement we track which
routines (and therefore tables for these routines) are used from views. We
mark elements of LEX::routines set which correspond to routines used in views
by setting Sroutine_hash_entry::belong_to_view member to point to TABLE_LIST
object for topmost view which uses routine. We propagate this mark to all
routines which are used by this routine and which we add to this set. We also
mark tables used by such routine which we add to the list of tables for
prelocking as belonging to this view.
2005-12-07 12:27:17 +03:00
andrey@lmy004.
7120d43c36 WL#1034 updated
- split into several files
- forbid parallel execution (before analyse is done how to make it possible)
  because the same sp_head instance cannot be executed in parallel
- added GPL headers
- changed EVENT_ACL to be per DB variable
- fixed minor problems
2005-12-05 11:45:04 +01:00
monty@mysql.com
4575a662cb Merge mysql.com:/home/my/mysql-5.1
into  mysql.com:/home/my/mysql-5.1-TDC
2005-11-23 22:58:53 +02:00
monty@mysql.com
e42c980967 Table definition cache, part 2
The table opening process now works the following way:
- Create common TABLE_SHARE object
- Read the .frm file and unpack it into the TABLE_SHARE object
- Create a TABLE object based on the information in the TABLE_SHARE
  object and open a handler to the table object

Other noteworthy changes:
- In TABLE_SHARE the most common strings are now LEX_STRING's
- Better error message when table is not found
- Variable table_cache is now renamed 'table_open_cache'
- New variable 'table_definition_cache' that is the number of table defintions that will be cached
- strxnmov() calls are now fixed to avoid overflows
- strxnmov() will now always add one end \0 to result
- engine objects are now created with a TABLE_SHARE object instead of a TABLE object.
- After creating a field object one must call field->init(table) before using it

- For a busy system this change will give you:
 - Less memory usage for table object
 - Faster opening of tables (if it's has been in use or is in table definition cache)
 - Allow you to cache many table definitions objects
 - Faster drop of table
2005-11-23 22:45:02 +02:00
bell@sanja.is.com.ua
db8f03ebe8 Merge sanja.is.com.ua:/home/bell/mysql/bk/work-bug7-5.0
into  sanja.is.com.ua:/home/bell/mysql/bk/work-merge-5.0
2005-11-23 01:28:32 +02:00
bell@sanja.is.com.ua
7bd691f11e Recursion support made for SP (BUG#10100). 2005-11-23 01:11:19 +02:00
pem@mysql.com
d71d1242ff Merge mysql.com:/usr/local/bk/mysql-5.0
into  mysql.com:/usr/home/pem/show-sp-code/mysql-5.0
2005-11-22 13:24:53 +01:00
pem@mysql.com
c518a2405f Background:
Since long, the compiled code of stored routines has been printed in the trace file
when starting mysqld with the "--debug" flag. (At creation time only, and only in
debug builds of course.) This has been helpful when debugging stored procedure
execution, but it's a bit awkward to use. Also, the printing of some of the
instructions is a bit terse, in particular for sp_instr_stmt where only the command
code was printed.

This improves the printout of several of the instructions, and adds the debugging-
only commands "show procedure code <name>" and "show function code <name>".
(In non-debug builds they are not available.)
2005-11-17 11:11:48 +01:00
bell@sanja.is.com.ua
a60a6b0f7f Issuing error about presence of commit/rollback statements in stored functions and triggers added to SP parsing procedure (BUG#13627)
The crash mentioned in original bug report is already prevented by one
of previous patches (fix for bug #13343 "CREATE|etc TRIGGER|VIEW|USER
don't commit the transaction (inconsistency)"), this patch only improve
error returning.
2005-11-16 14:09:06 +02:00
anozdrin@mysql.com
491e4f89f5 WL#2818 (Add creator to the trigger definition for privilege
checks on trigger activation)
2005-11-10 22:25:03 +03:00
pem@mysql.com
58db54364f Fixed BUG#14498: Stored procedures: hang if undefined variable and exception
The problem was to continue at the right place in the code after the
  test expression in a flow control statement fails with an exception
  (internally, the test in sp_instr_jump_if_not), and the exception is
  caught by a continue handler. Execution must then be resumed after the
  the entire flow control statement (END IF, END WHILE, etc).
2005-11-04 15:37:39 +01:00
konstantin@mysql.com
2d4c54ba1b Merge mysqldev@production.mysql.com:my/mysql-5.0-release
into  mysql.com:/opt/local/work/mysql-5.0-root
2005-09-23 00:46:59 +04:00
konstantin@mysql.com
6f8d3c4844 A fix and a test case for Bug#6513 "Test Suite: Values inserted by using
cursor is interpreted latin1 character and Bug#9819 "Cursors: Mysql Server
Crash while fetching from table with 5 million records."
A fix for a possible memory leak when fetching into an SP cursor
in a long loop.
The patch uses a common implementation of cursors in the binary protocol and 
in stored procedures and implements materialized cursors.
For implementation details, see comments in sql_cursor.cc
2005-09-22 02:11:21 +04:00
bell@sanja.is.com.ua
c1b185f5ff WL#2787 (Add view definer/owner to the view definition (.frm) to check privileges on used tables and stored routines when using a VIEW.)
Part 2 postreview fixes.
2005-09-20 21:20:38 +03:00