diff options
| author | unknown <monty@mashka.mysql.fi> | 2003-03-14 17:08:42 +0200 |
|---|---|---|
| committer | unknown <monty@mashka.mysql.fi> | 2003-03-14 17:08:42 +0200 |
| commit | 03b0df9481c6f83ab67c1c79d8c6cc2db0ca9223 (patch) | |
| tree | 2c4870b4c69060f127e0c4aca401c4312128a363 | |
| parent | f3eb7fe0c3259b001f77c30844f42f96562c23f1 (diff) | |
| download | mariadb-git-03b0df9481c6f83ab67c1c79d8c6cc2db0ca9223.tar.gz | |
Check for empty table/column names
mysql-test/t/create.test:
Test for empty table/column name
tests/grant.pl:
More tests
tests/grant.res:
More tests
| -rw-r--r-- | mysql-test/t/create.test | 8 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 3 | ||||
| -rw-r--r-- | sql/sql_table.cc | 12 | ||||
| -rw-r--r-- | sql/table.cc | 7 | ||||
| -rw-r--r-- | tests/grant.pl | 10 | ||||
| -rw-r--r-- | tests/grant.res | 5 |
6 files changed, 35 insertions, 10 deletions
diff --git a/mysql-test/t/create.test b/mysql-test/t/create.test index 1a829eec6a3..b11c07e5b8d 100644 --- a/mysql-test/t/create.test +++ b/mysql-test/t/create.test @@ -59,6 +59,14 @@ create table test_$1.test2$ (a int); drop table test_$1.test2$; drop database test_$1; +--error 1103 +create table `` (a int); +--error 1103 +drop table if exists ``; +--error 1166 +create table t1 (`` int); +drop table if exists t1; + # # Test of CREATE ... SELECT with indexes # diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 8daba09174e..62c2f18c882 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -2758,8 +2758,7 @@ TABLE_LIST *add_table_to_list(Table_ident *table, LEX_STRING *alias, if (!table) DBUG_RETURN(0); // End of memory alias_str= alias ? alias->str : table->table.str; - if (table->table.length > NAME_LEN || - check_table_name(table->table.str,table->table.length) || + if (check_table_name(table->table.str,table->table.length) || table->db.str && check_db_name(table->db.str)) { net_printf(&thd->net,ER_WRONG_TABLE_NAME,table->table.str); diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 2ff7c9c1a75..f273821c5e0 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -244,6 +244,11 @@ int mysql_create_table(THD *thd,const char *db, const char *table_name, } if (!(sql_field->flags & NOT_NULL_FLAG)) null_fields++; + if (check_column_name(sql_field->field_name)) + { + my_error(ER_WRONG_COLUMN_NAME, MYF(0), sql_field->field_name); + DBUG_RETURN(-1); + } while ((dup_field=it2++) != sql_field) { if (my_strcasecmp(sql_field->field_name, dup_field->field_name) == 0) @@ -688,13 +693,6 @@ TABLE *create_table_from_items(THD *thd, HA_CREATE_INFO *create_info, while ((item=it++)) { create_field *cr_field; - if (strlen(item->name) > NAME_LEN || - check_column_name(item->name)) - { - my_error(ER_WRONG_COLUMN_NAME,MYF(0),item->name); - DBUG_RETURN(0); - } - Field *field=create_tmp_field(&tmp_table,item,item->type(), (Item_result_field***) 0, &tmp_field,0,0); if (!field || diff --git a/sql/table.cc b/sql/table.cc index 3afadec3801..5503dddf085 100644 --- a/sql/table.cc +++ b/sql/table.cc @@ -1099,6 +1099,8 @@ bool check_db_name(char *name) bool check_table_name(const char *name, uint length) { const char *end= name+length; + if (!length || length > NAME_LEN) + return 1; while (name != end) { @@ -1122,6 +1124,8 @@ bool check_table_name(const char *name, uint length) bool check_column_name(const char *name) { + const char *start= name; + while (*name) { #if defined(USE_MB) && defined(USE_MB_IDENT) @@ -1139,7 +1143,8 @@ bool check_column_name(const char *name) return 1; name++; } - return 0; + /* Error if empty or too long column name */ + return (name == start || (uint) (name - start) > NAME_LEN); } /* diff --git a/tests/grant.pl b/tests/grant.pl index c41b22157bd..bf67ce5e790 100644 --- a/tests/grant.pl +++ b/tests/grant.pl @@ -207,6 +207,16 @@ user_query("delete from $opt_database.test where a=1",1); user_query("update $opt_database.test set b=3 where b=1",1); user_query("update $opt_database.test set b=b+1",1); +# +# Test global SELECT privilege combined with table level privileges +# + +safe_query("grant SELECT on *.* to $user"); +user_connect(0); +user_query("update $opt_database.test set b=b+1"); +safe_query("revoke SELECT on *.* from $user"); +user_connect(0); + # Add one privilege at a time until the user has all privileges user_query("select * from test",1); safe_query("grant select on $opt_database.test to $user"); diff --git a/tests/grant.res b/tests/grant.res index 1c74e5b1d1b..44e20db555f 100644 --- a/tests/grant.res +++ b/tests/grant.res @@ -192,6 +192,11 @@ update grant_test.test set b=3 where b=1 Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' update grant_test.test set b=b+1 Error in execute: select command denied to user: 'grant_user@localhost' for column 'b' in table 'test' +grant SELECT on *.* to grant_user@localhost +Connecting grant_user +update grant_test.test set b=b+1 +revoke SELECT on *.* from grant_user@localhost +Connecting grant_user select * from test Error in execute: select command denied to user: 'grant_user@localhost' for table 'test' grant select on grant_test.test to grant_user@localhost |