diff options
| author | unknown <kroki@mysql.com> | 2006-07-02 14:35:45 +0400 |
|---|---|---|
| committer | unknown <kroki@mysql.com> | 2006-07-02 14:35:45 +0400 |
| commit | a2fc4843e38fcf12cacd526f1227cc0b30488bb5 (patch) | |
| tree | 2c878e8f57af2a501208576c95d163f6b0d96de2 /sql/item_strfunc.h | |
| parent | 9b871930a9189cce16b39dc5576f3592a34959ba (diff) | |
| download | mariadb-git-a2fc4843e38fcf12cacd526f1227cc0b30488bb5.tar.gz | |
Bug#20570: CURRENT_USER() in a VIEW with SQL SECURITY DEFINER returns
invoker name
The bug was fixed similar to how context switch is handled in
Item_func_sp::execute_impl(): we store pointer to current
Name_resolution_context in Item_func_current_user class, and use
its Security_context in Item_func_current_user::fix_fields().
mysql-test/r/view_grant.result:
Add result for bug#20570.
mysql-test/t/view_grant.test:
Add test case for bug#20570.
sql/item_create.cc:
Remove create_func_current_user(), as it is not used for automatic
function creation.
sql/item_create.h:
Remove prototype for create_func_current_user().
sql/item_strfunc.cc:
Add implementations for Item_func_user::init(),
Item_func_user::fix_fields() and
Item_func_current_user::fix_fields() methods. The latter uses
Security_context from current Name_resolution_context, if one is
defined.
sql/item_strfunc.h:
Move implementation of CURRENT_USER() out of Item_func_user to
to new Item_func_current_user class. For both classes calculate
user name in fix_fields() method.
For Item_func_current_user add context field to store
Name_resolution_context in effect.
sql/sql_yacc.yy:
Pass current Name_resolution_context to Item_func_current_user.
Diffstat (limited to 'sql/item_strfunc.h')
| -rw-r--r-- | sql/item_strfunc.h | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/sql/item_strfunc.h b/sql/item_strfunc.h index 90d421a2c68..d73ab75394b 100644 --- a/sql/item_strfunc.h +++ b/sql/item_strfunc.h @@ -385,21 +385,40 @@ public: class Item_func_user :public Item_func_sysconst { - bool is_current; +protected: + bool init (const char *user, const char *host); public: - Item_func_user(bool is_current_arg) - :Item_func_sysconst(), is_current(is_current_arg) {} - String *val_str(String *); + Item_func_user() + { + str_value.set("", 0, system_charset_info); + } + String *val_str(String *) + { + DBUG_ASSERT(fixed == 1); + return (null_value ? 0 : &str_value); + } + bool fix_fields(THD *thd, Item **ref); void fix_length_and_dec() { max_length= ((USERNAME_LENGTH + HOSTNAME_LENGTH + 1) * system_charset_info->mbmaxlen); } - const char *func_name() const - { return is_current ? "current_user" : "user"; } - const char *fully_qualified_func_name() const - { return is_current ? "current_user()" : "user()"; } + const char *func_name() const { return "user"; } + const char *fully_qualified_func_name() const { return "user()"; } +}; + + +class Item_func_current_user :public Item_func_user +{ + Name_resolution_context *context; + +public: + Item_func_current_user(Name_resolution_context *context_arg) + : context(context_arg) {} + bool fix_fields(THD *thd, Item **ref); + const char *func_name() const { return "current_user"; } + const char *fully_qualified_func_name() const { return "current_user()"; } }; |