diff options
| author | Alexander Barkov <bar@mariadb.com> | 2020-05-30 13:50:37 +0400 |
|---|---|---|
| committer | Alexander Barkov <bar@mariadb.com> | 2020-05-30 14:00:56 +0400 |
| commit | 0bf843cd13981b03920bfc49c646b28a130f5d47 (patch) | |
| tree | b66a252f27ac6e4d1fbe3430ad09fc478ec20592 /sql/sql_lex.cc | |
| parent | ccdfcedf10610a32ce7d173e2936c29cb10df75c (diff) | |
| download | mariadb-git-0bf843cd13981b03920bfc49c646b28a130f5d47.tar.gz | |
MDEV-20366 Server crashes in get_current_user upon SET PASSWORD via SP
The opt_for_user subrule was incorrectly scanned before sp_create_assignment_lex(),
so the user name and the host were created on a wrong memory root.
- Reoganizing the grammar to make sure that sp_create_assignment_lex()
is called immediately after PASSWORD_SYM is scanned, so all attributes
are then allocated on its memory root.
- Moving the semantic code as methods to LEX, so the grammar looks as simple as possible.
- Changing text_or_password to be of the data type USER_AUTH*.
As a side effect, the LEX::definer member is now not used when processing
the SET PASSWORD statement. Everything is done using Bison's stack.
The bug sas introduced by this commit:
commit bf5a144e1692f6cc6a6d781b7e75ff4abf32bdf3
Diffstat (limited to 'sql/sql_lex.cc')
| -rw-r--r-- | sql/sql_lex.cc | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc index 477401c793f..671948f8e8d 100644 --- a/sql/sql_lex.cc +++ b/sql/sql_lex.cc @@ -11393,3 +11393,36 @@ bool LEX::stmt_revoke_proxy(THD *thd, LEX_USER *user) return !(m_sql_cmd= new (thd->mem_root) Sql_cmd_grant_proxy(sql_command, NO_ACL)); } + + +LEX_USER *LEX::current_user_for_set_password(THD *thd) +{ + LEX_CSTRING pw= { STRING_WITH_LEN("password") }; + if (unlikely(spcont && spcont->find_variable(&pw, false))) + { + my_error(ER_SP_BAD_VAR_SHADOW, MYF(0), pw.str); + return NULL; + } + LEX_USER *res; + if (unlikely(!(res= (LEX_USER*) thd->calloc(sizeof(LEX_USER))))) + return NULL; + res->user= current_user; + return res; +} + + +bool LEX::sp_create_set_password_instr(THD *thd, + LEX_USER *user, + USER_AUTH *auth, + bool no_lookahead) +{ + user->auth= auth; + set_var_password *var= new (thd->mem_root) set_var_password(user); + if (unlikely(var == NULL) || + unlikely(var_list.push_back(var, thd->mem_root))) + return true; + autocommit= true; + if (sphead) + sphead->m_flags|= sp_head::HAS_SET_AUTOCOMMIT_STMT; + return sp_create_assignment_instr(thd, no_lookahead); +} |