diff options
| author | unknown <kostja@bodhi.local> | 2006-08-12 21:06:51 +0400 |
|---|---|---|
| committer | unknown <kostja@bodhi.local> | 2006-08-12 21:06:51 +0400 |
| commit | f68085c4e75a2ef4db33a9500b07ad4e37bf8b95 (patch) | |
| tree | cccb1fdd583e353f4a229cbb0f9d585104db78f9 /sql/item_func.cc | |
| parent | eef51cd83d952b786def92fccde44b41a007c989 (diff) | |
| parent | 4abe4b1717b099dbf3502e041c246b196622a23f (diff) | |
| download | mariadb-git-f68085c4e75a2ef4db33a9500b07ad4e37bf8b95.tar.gz | |
Merge bodhi.local:/opt/local/work/tmp_merge
into bodhi.local:/opt/local/work/mysql-5.1-runtime-merge
BitKeeper/etc/ignore:
auto-union
BitKeeper/deleted/.del-im_options_set.result~59278f56be61d921:
Auto merged
BitKeeper/deleted/.del-mysqld.dsp~ffdbf2d234e23e56:
Auto merged
BitKeeper/deleted/.del-mysys.dsp~32695fee91189326:
Auto merged
BitKeeper/deleted/.del-im_options_set.imtest~b53d9d60e5684833:
Auto merged
BitKeeper/deleted/.del-im_options_unset.imtest~768eb186b51d0048:
Auto merged
BitKeeper/deleted/.del-im_options_unset.result~20a4790cd3c70a4f:
Auto merged
client/mysql.cc:
Auto merged
client/mysqlbinlog.cc:
Auto merged
client/mysqlcheck.c:
Auto merged
client/mysqldump.c:
Auto merged
client/mysqltest.c:
Auto merged
dbug/dbug.c:
Auto merged
extra/perror.c:
Auto merged
extra/yassl/src/yassl_imp.cpp:
Auto merged
extra/yassl/src/yassl_int.cpp:
Auto merged
include/mysql.h:
Auto merged
include/mysql_com.h:
Auto merged
libmysql/libmysql.c:
Auto merged
mysql-test/r/cast.result:
Auto merged
mysql-test/r/date_formats.result:
Auto merged
mysql-test/r/federated.result:
Auto merged
mysql-test/r/func_compress.result:
Auto merged
mysql-test/r/func_group.result:
Auto merged
mysql-test/r/func_time.result:
Auto merged
mysql-test/r/gis-rtree.result:
Auto merged
mysql-test/r/gis.result:
Auto merged
mysql-test/r/im_daemon_life_cycle.result:
Auto merged
mysql-test/r/im_utils.result:
Auto merged
mysql-test/r/join_outer.result:
Auto merged
mysql-test/r/mysqlcheck.result:
Auto merged
mysql-test/r/rpl_sp.result:
Auto merged
mysql-test/r/rpl_trigger.result:
Auto merged
mysql-test/r/sp-code.result:
Auto merged
mysql-test/r/sp-security.result:
Auto merged
mysql-test/r/strict.result:
Auto merged
mysql-test/r/type_blob.result:
Auto merged
mysql-test/r/type_datetime.result:
Auto merged
mysql-test/r/type_ranges.result:
Auto merged
mysql-test/r/udf.result:
Auto merged
mysql-test/r/user_var.result:
Auto merged
mysql-test/t/cast.test:
Auto merged
mysql-test/t/disabled.def:
Auto merged
mysql-test/t/func_group.test:
Auto merged
mysql-test/t/func_time.test:
Auto merged
mysql-test/t/im_daemon_life_cycle.imtest:
Auto merged
mysql-test/t/im_life_cycle.imtest:
Auto merged
mysql-test/t/im_utils.imtest:
Auto merged
mysql-test/t/mysql.test:
Auto merged
mysql-test/t/mysqlbinlog.test:
Auto merged
mysql-test/t/mysqlcheck.test:
Auto merged
mysql-test/t/ps.test:
Auto merged
mysql-test/t/rpl_trigger.test:
Auto merged
mysql-test/t/sp-security.test:
Auto merged
mysql-test/t/strict.test:
Auto merged
mysql-test/t/udf.test:
Auto merged
sql/field.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/item_sum.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysqld.cc:
Auto merged
sql/protocol.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.h:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_lex.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_prepare.cc:
Auto merged
sql/sql_udf.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/table.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
sql/table.h:
Auto merged
storage/ndb/src/kernel/error/ndbd_exit_codes.c:
Auto merged
storage/ndb/src/mgmsrv/ConfigInfo.cpp:
Auto merged
mysql-test/r/im_life_cycle.result:
e
use local
mysql-test/r/ps.result:
use local
client/Makefile.am:
Manual merge.
client/mysqlimport.c:
Manual merge.
configure.in:
Manual merge.
mysql-test/mysql-test-run.pl:
Manual merge.
mysql-test/r/mysqldump.result:
Manual merge.
mysql-test/r/mysqltest.result:
Manual merge.
mysql-test/r/ndb_basic.result:
Manual merge.
mysql-test/r/rpl_view.result:
Manual merge.
mysql-test/r/show_check.result:
Manual merge.
mysql-test/r/sp-error.result:
Manual merge.
mysql-test/r/sp.result:
Manual merge.
mysql-test/r/union.result:
Manual merge.
mysql-test/t/mysqldump.test:
Manual merge.
mysql-test/t/mysqltest.test:
Manual merge.
mysql-test/t/ndb_basic.test:
Manual merge.
mysql-test/t/rpl_sp.test:
Manual merge.
mysql-test/t/rpl_view.test:
Manual merge.
mysql-test/t/show_check.test:
Manual merge.
mysql-test/t/sp-error.test:
Manual merge.
mysql-test/t/sp.test:
Manual merge.
sql/item_sum.cc:
Manual merge.
sql/mysql_priv.h:
Manual merge.
sql/sp_head.cc:
Manual merge.
sql/sql_db.cc:
Manual merge.
sql/sql_delete.cc:
Manual merge.
sql/sql_lex.h:
Manual merge.
sql/sql_show.cc:
Manual merge.
sql/sql_table.cc:
Manual merge.
sql/sql_trigger.cc:
Manual merge.
sql/sql_yacc.yy:
Manual merge.
tests/mysql_client_test.c:
Manual merge.
Diffstat (limited to 'sql/item_func.cc')
| -rw-r--r-- | sql/item_func.cc | 108 |
1 files changed, 45 insertions, 63 deletions
diff --git a/sql/item_func.cc b/sql/item_func.cc index e901eaf8654..9a2ef4e5482 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -3412,6 +3412,7 @@ static user_var_entry *get_variable(HASH *hash, LEX_STRING &name, entry->length=0; entry->update_query_id=0; entry->collation.set(NULL, DERIVATION_IMPLICIT); + entry->unsigned_flag= 0; /* If we are here, we were called from a SET or a query which sets a variable. Imagine it is this: @@ -3498,6 +3499,7 @@ Item_func_set_user_var::fix_length_and_dec() type - type of new value cs - charset info for new value dv - derivation for new value + unsigned_arg - indiates if a value of type INT_RESULT is unsigned RETURN VALUE False - success, True - failure @@ -3505,7 +3507,8 @@ Item_func_set_user_var::fix_length_and_dec() static bool update_hash(user_var_entry *entry, bool set_null, void *ptr, uint length, - Item_result type, CHARSET_INFO *cs, Derivation dv) + Item_result type, CHARSET_INFO *cs, Derivation dv, + bool unsigned_arg) { if (set_null) { @@ -3553,6 +3556,7 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, uint length, ((my_decimal*)entry->value)->fix_buffer_pointer(); entry->length= length; entry->collation.set(cs, dv); + entry->unsigned_flag= unsigned_arg; } entry->type=type; return 0; @@ -3561,7 +3565,8 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, uint length, bool Item_func_set_user_var::update_hash(void *ptr, uint length, Item_result type, - CHARSET_INFO *cs, Derivation dv) + CHARSET_INFO *cs, Derivation dv, + bool unsigned_arg) { /* If we set a variable explicitely to NULL then keep the old @@ -3570,7 +3575,7 @@ Item_func_set_user_var::update_hash(void *ptr, uint length, Item_result type, if ((null_value= args[0]->null_value) && null_item) type= entry->type; // Don't change type of item if (::update_hash(entry, (null_value= args[0]->null_value), - ptr, length, type, cs, dv)) + ptr, length, type, cs, dv, unsigned_arg)) { current_thd->fatal_error(); // Probably end of memory null_value= 1; @@ -3652,7 +3657,10 @@ String *user_var_entry::val_str(my_bool *null_value, String *str, str->set_real(*(double*) value, decimals, &my_charset_bin); break; case INT_RESULT: - str->set(*(longlong*) value, &my_charset_bin); + if (!unsigned_flag) + str->set(*(longlong*) value, &my_charset_bin); + else + str->set(*(ulonglong*) value, &my_charset_bin); break; case DECIMAL_RESULT: my_decimal2string(E_DEC_FATAL_ERROR, (my_decimal *)value, 0, 0, 0, str); @@ -3723,6 +3731,7 @@ Item_func_set_user_var::check() case INT_RESULT: { save_result.vint= args[0]->val_int(); + unsigned_flag= args[0]->unsigned_flag; break; } case STRING_RESULT: @@ -3778,7 +3787,8 @@ Item_func_set_user_var::update() case INT_RESULT: { res= update_hash((void*) &save_result.vint, sizeof(save_result.vint), - INT_RESULT, &my_charset_bin, DERIVATION_IMPLICIT); + INT_RESULT, &my_charset_bin, DERIVATION_IMPLICIT, + unsigned_flag); break; } case STRING_RESULT: @@ -4157,7 +4167,7 @@ bool Item_user_var_as_out_param::fix_fields(THD *thd, Item **ref) void Item_user_var_as_out_param::set_null_value(CHARSET_INFO* cs) { if (::update_hash(entry, TRUE, 0, 0, STRING_RESULT, cs, - DERIVATION_IMPLICIT)) + DERIVATION_IMPLICIT, 0 /* unsigned_arg */)) current_thd->fatal_error(); // Probably end of memory } @@ -4166,7 +4176,7 @@ void Item_user_var_as_out_param::set_value(const char *str, uint length, CHARSET_INFO* cs) { if (::update_hash(entry, FALSE, (void*)str, length, STRING_RESULT, cs, - DERIVATION_IMPLICIT)) + DERIVATION_IMPLICIT, 0 /* unsigned_arg */)) current_thd->fatal_error(); // Probably end of memory } @@ -4837,7 +4847,9 @@ Item_func_sp::execute_impl(THD *thd, Field *return_value_fld) { bool err_status= TRUE; Sub_statement_state statement_state; - Security_context *save_security_ctx= thd->security_ctx, *save_ctx_func; +#ifndef NO_EMBEDDED_ACCESS_CHECKS + Security_context *save_security_ctx= thd->security_ctx; +#endif DBUG_ENTER("Item_func_sp::execute_impl"); @@ -4848,7 +4860,7 @@ Item_func_sp::execute_impl(THD *thd, Field *return_value_fld) thd->security_ctx= context->security_ctx; } #endif - if (find_and_check_access(thd, EXECUTE_ACL, &save_ctx_func)) + if (find_and_check_access(thd)) goto error; /* @@ -4860,13 +4872,11 @@ Item_func_sp::execute_impl(THD *thd, Field *return_value_fld) err_status= m_sp->execute_function(thd, args, arg_count, return_value_fld); thd->restore_sub_statement_state(&statement_state); -#ifndef NO_EMBEDDED_ACCESS_CHECKS - sp_restore_security_context(thd, save_ctx_func); error: +#ifndef NO_EMBEDDED_ACCESS_CHECKS thd->security_ctx= save_security_ctx; -#else -error: #endif + DBUG_RETURN(err_status); } @@ -4983,70 +4993,38 @@ Item_func_sp::tmp_table_field(TABLE *t_arg) SYNOPSIS find_and_check_access() thd thread handler - want_access requested access - save backup of security context RETURN FALSE Access granted TRUE Requested access can't be granted or function doesn't exists - In this case security context is not changed and *save = 0 NOTES Checks if requested access to function can be granted to user. If function isn't found yet, it searches function first. If function can't be found or user don't have requested access error is raised. - If security context sp_ctx is provided and access can be granted then - switch back to previous context isn't performed. - In case of access error or if context is not provided then - find_and_check_access() switches back to previous security context. */ bool -Item_func_sp::find_and_check_access(THD *thd, ulong want_access, - Security_context **save) +Item_func_sp::find_and_check_access(THD *thd) { - bool res= TRUE; - - *save= 0; // Safety if error if (! m_sp && ! (m_sp= sp_find_routine(thd, TYPE_ENUM_FUNCTION, m_name, &thd->sp_func_cache, TRUE))) { my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION", m_name->m_qname.str); - goto error; + return TRUE; } #ifndef NO_EMBEDDED_ACCESS_CHECKS - if (check_routine_access(thd, want_access, - m_sp->m_db.str, m_sp->m_name.str, 0, FALSE)) - goto error; - - sp_change_security_context(thd, m_sp, save); - /* - If we changed context to run as another user, we need to check the - access right for the new context again as someone may have deleted - this person the right to use the procedure - - TODO: - Cache if the definer has the right to use the object on the first - usage and only reset the cache if someone does a GRANT statement - that 'may' affect this. - */ - if (*save && - check_routine_access(thd, want_access, + if (check_routine_access(thd, EXECUTE_ACL, m_sp->m_db.str, m_sp->m_name.str, 0, FALSE)) - { - sp_restore_security_context(thd, *save); - *save= 0; // Safety - goto error; - } + return TRUE; #endif - res= FALSE; // no error -error: - return res; + return FALSE; } + bool Item_func_sp::fix_fields(THD *thd, Item **ref) { @@ -5057,19 +5035,23 @@ Item_func_sp::fix_fields(THD *thd, Item **ref) { /* Here we check privileges of the stored routine only during view - creation, in order to validate the view. A runtime check is perfomed - in Item_func_sp::execute(), and this method is not called during - context analysis. We do not need to restore the security context - changed in find_and_check_access because all view structures created - in CREATE VIEW are not used for execution. Notice, that during view - creation we do not infer into stored routine bodies and do not check - privileges of its statements, which would probably be a good idea - especially if the view has SQL SECURITY DEFINER and the used stored - procedure has SQL SECURITY DEFINER + creation, in order to validate the view. A runtime check is + perfomed in Item_func_sp::execute(), and this method is not + called during context analysis. Notice, that during view + creation we do not infer into stored routine bodies and do not + check privileges of its statements, which would probably be a + good idea especially if the view has SQL SECURITY DEFINER and + the used stored procedure has SQL SECURITY DEFINER. */ - Security_context *save_ctx; - if (!(res= find_and_check_access(thd, EXECUTE_ACL, &save_ctx))) - sp_restore_security_context(thd, save_ctx); + res= find_and_check_access(thd); +#ifndef NO_EMBEDDED_ACCESS_CHECKS + Security_context *save_secutiry_ctx; + if (!res && !(res= set_routine_security_ctx(thd, m_sp, false, + &save_secutiry_ctx))) + { + sp_restore_security_context(thd, save_secutiry_ctx); + } +#endif /* ! NO_EMBEDDED_ACCESS_CHECKS */ } return res; } |