diff options
| author | Ajo Robert <ajo.robert@oracle.com> | 2015-11-13 17:51:18 +0530 |
|---|---|---|
| committer | Ajo Robert <ajo.robert@oracle.com> | 2015-11-13 17:51:18 +0530 |
| commit | 15de3c6275ad8898aed5cd466762030df0fef015 (patch) | |
| tree | 1d4762e9e5710f53e7a9ad2ed1cf0c53d19cb3b2 /sql/sql_admin.cc | |
| parent | 4b4a0532456fa05dc04c63d3e202e44573abaa4c (diff) | |
| download | mariadb-git-15de3c6275ad8898aed5cd466762030df0fef015.tar.gz | |
Bug#19817021 CRASH IN TABLE_LIST::PREPARE_SECURITY WHEN
DOING BAD DDL IN PREPARED STATEMENT
Analysis
========
A repeat execution of the prepared statement 'ALTER TABLE v1
CHECK PARTITION' where v1 is a view leads to server exit.
ALTER TABLE ... CHECK PARTITION is not applicable for views
and check for the same check is missing. This leads to
further execution and creation of derived table for the view
(Allocated under temp_table mem_root). Any reference to open
view or related pointers from second execution leads to
server exit as the same was freed at previous execution closure.
Fix:
======
Added check for view in mysql_admin_table() on PARTITION
operation. This will prevent mysql_admin_table() from
going ahead and creating temp table and related issues.
Changed message on admin table view operation error to
be more appropriate.
Diffstat (limited to 'sql/sql_admin.cc')
| -rw-r--r-- | sql/sql_admin.cc | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/sql/sql_admin.cc b/sql/sql_admin.cc index f07a8089853..efdb67d01c4 100644 --- a/sql/sql_admin.cc +++ b/sql/sql_admin.cc @@ -1,4 +1,5 @@ -/* Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights + reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -248,7 +249,8 @@ static inline bool table_not_corrupt_error(uint sql_errno) sql_errno == ER_LOCK_WAIT_TIMEOUT || sql_errno == ER_LOCK_DEADLOCK || sql_errno == ER_CANT_LOCK_LOG_TABLE || - sql_errno == ER_OPEN_AS_READONLY); + sql_errno == ER_OPEN_AS_READONLY || + sql_errno == ER_WRONG_OBJECT); } @@ -333,7 +335,13 @@ static bool mysql_admin_table(THD* thd, TABLE_LIST* tables, lex->query_tables_last= &table->next_global; lex->query_tables_own_last= 0; - if (view_operator_func == NULL) + /* + CHECK TABLE command is allowed for views as well. Check on alter flags + to differentiate from ALTER TABLE...CHECK PARTITION on which view is not + allowed. + */ + if (lex->alter_info.flags & ALTER_ADMIN_PARTITION || + view_operator_func == NULL) table->required_type=FRMTYPE_TABLE; if (!thd->locked_tables_mode && repair_table_use_frm) |