mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
66e0ee6639
MySQL crashes if a user without proper privileges attempts to create a procedure.
The crash happens because more than one error state is pushed onto the Diagnostic
area. In this particular case the user is denied to implicitly create a new user
account with the implicitly granted privileges ALTER- and EXECUTE ROUTINE.
The new account is needed if the original user account contained a host mask.
A user account with a host mask is a distinct user account in this context.
An alternative would be to first get the most permissive user account which
include the current user connection and then assign privileges to that
account. This behavior change is considered out of scope for this bug patch.
The implicit assignment of privileges when a user creates a stored routine is a
considered to be a feature for user convenience and as such it is not
a critical operation. Any failure to complete this operation is thus considered
non-fatal (an error becomes a warning).
The patch back ports a stack implementation of the internal error handler interface.
This enables the use of multiple error handlers so that it is possible to intercept
and cancel errors thrown by lower layers. This is needed as a error handler already
is used in the call stack emitting the errors which needs to be converted.
mysql-test/r/grant.result:
* Added test case for bug44658
mysql-test/t/grant.test:
* Added test case for bug44658
sql/sp.cc:
* Removed non functional parameter no_error and my_error calls as all errors
from this function will be converted to a warning anyway.
* Change function return type from int to bool.
sql/sp.h:
* Removed non functional parameter no_error and my_error calls as all errors
from this function will be converted to a warning anyway.
* Changed function return value from int to bool
sql/sql_acl.cc:
* Removed the non functional no_error parameter from the function prototype.
The function is called from two places and in one of the places we now
ignore errors through error handlers.
* Introduced the parameter write_to_binlog
* Introduced an error handler to cancel any error state from mysql_routine_grant.
* Moved my_ok() signal from mysql_routine_grant to make it easier to avoid
setting the wrong state in the Diagnostic area.
* Changed the broken error state in sp_grant_privileges() to a warning
so that if "CREATE PROCEDURE" fails because "Password hash isn't a hexidecimal
number" it is still clear what happened.
sql/sql_acl.h:
* Removed the non functional no_error parameter from the function prototype.
The function is called from two places and in one of the places we now
ignore errors through error handlers.
* Introduced the parameter write_to_binlog
* Changed return type for sp_grant_privileges() from int to bool
sql/sql_class.cc:
* Back ported implementation of internal error handler from 6.0 branch
sql/sql_class.h:
* Back ported implementation of internal error handler from 6.0 branch
sql/sql_parse.cc:
* Moved my_ok() signal from mysql_routine_grant() to make it easier to avoid
setting the wrong state in the Diagnostic area.
86 lines
2.9 KiB
C++
86 lines
2.9 KiB
C++
/* -*- C++ -*- */
|
|
/* Copyright (C) 2002 MySQL AB
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; version 2 of the License.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
|
|
|
|
#ifndef _SP_H_
|
|
#define _SP_H_
|
|
|
|
// Return codes from sp_create_*, sp_drop_*, and sp_show_*:
|
|
#define SP_OK 0
|
|
#define SP_KEY_NOT_FOUND -1
|
|
#define SP_OPEN_TABLE_FAILED -2
|
|
#define SP_WRITE_ROW_FAILED -3
|
|
#define SP_DELETE_ROW_FAILED -4
|
|
#define SP_GET_FIELD_FAILED -5
|
|
#define SP_PARSE_ERROR -6
|
|
#define SP_INTERNAL_ERROR -7
|
|
#define SP_NO_DB_ERROR -8
|
|
#define SP_BAD_IDENTIFIER -9
|
|
#define SP_BODY_TOO_LONG -10
|
|
#define SP_FLD_STORE_FAILED -11
|
|
|
|
/* Drop all routines in database 'db' */
|
|
int
|
|
sp_drop_db_routines(THD *thd, char *db);
|
|
|
|
sp_head *
|
|
sp_find_routine(THD *thd, int type, sp_name *name,
|
|
sp_cache **cp, bool cache_only);
|
|
|
|
bool
|
|
sp_exist_routines(THD *thd, TABLE_LIST *procs, bool any);
|
|
|
|
int
|
|
sp_routine_exists_in_table(THD *thd, int type, sp_name *name);
|
|
|
|
bool
|
|
sp_show_create_routine(THD *thd, int type, sp_name *name);
|
|
|
|
int
|
|
sp_create_routine(THD *thd, int type, sp_head *sp);
|
|
|
|
int
|
|
sp_update_routine(THD *thd, int type, sp_name *name, st_sp_chistics *chistics);
|
|
|
|
int
|
|
sp_drop_routine(THD *thd, int type, sp_name *name);
|
|
|
|
/*
|
|
Procedures for pre-caching of stored routines and building table list
|
|
for prelocking.
|
|
*/
|
|
void sp_get_prelocking_info(THD *thd, bool *need_prelocking,
|
|
bool *first_no_prelocking);
|
|
void sp_add_used_routine(LEX *lex, Query_arena *arena,
|
|
sp_name *rt, char rt_type);
|
|
void sp_remove_not_own_routines(LEX *lex);
|
|
void sp_update_sp_used_routines(HASH *dst, HASH *src);
|
|
int sp_cache_routines_and_add_tables(THD *thd, LEX *lex,
|
|
bool first_no_prelock);
|
|
int sp_cache_routines_and_add_tables_for_view(THD *thd, LEX *lex,
|
|
TABLE_LIST *view);
|
|
int sp_cache_routines_and_add_tables_for_triggers(THD *thd, LEX *lex,
|
|
TABLE_LIST *table);
|
|
|
|
extern "C" uchar* sp_sroutine_key(const uchar *ptr, size_t *plen,
|
|
my_bool first);
|
|
|
|
/*
|
|
Routines which allow open/lock and close mysql.proc table even when
|
|
we already have some tables open and locked.
|
|
*/
|
|
TABLE *open_proc_table_for_read(THD *thd, Open_tables_state *backup);
|
|
|
|
#endif /* _SP_H_ */
|