From 405f82d390f71c510a1da9f8495ae61d249504e0 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 28 Jun 2007 21:34:54 +0400 Subject: Patch for the following bugs: - BUG#11986: Stored routines and triggers can fail if the code has a non-ascii symbol - BUG#16291: mysqldump corrupts string-constants with non-ascii-chars - BUG#19443: INFORMATION_SCHEMA does not support charsets properly - BUG#21249: Character set of SP-var can be ignored - BUG#25212: Character set of string constant is ignored (stored routines) - BUG#25221: Character set of string constant is ignored (triggers) There were a few general problems that caused these bugs: 1. Character set information of the original (definition) query for views, triggers, stored routines and events was lost. 2. mysqldump output query in client character set, which can be inappropriate to encode definition-query. 3. INFORMATION_SCHEMA used strings with mixed encodings to display object definition; 1. No query-definition-character set. In order to compile query into execution code, some extra data (such as environment variables or the database character set) is used. The problem here was that this context was not preserved. So, on the next load it can differ from the original one, thus the result will be different. The context contains the following data: - client character set; - connection collation (character set and collation); - collation of the owner database; The fix is to store this context and use it each time we parse (compile) and execute the object (stored routine, trigger, ...). 2. Wrong mysqldump-output. The original query can contain several encodings (by means of character set introducers). The problem here was that we tried to convert original query to the mysqldump-client character set. Moreover, we stored queries in different character sets for different objects (views, for one, used UTF8, triggers used original character set). The solution is - to store definition queries in the original character set; - to change SHOW CREATE statement to output definition query in the binary character set (i.e. without any conversion); - introduce SHOW CREATE TRIGGER statement; - to dump special statements to switch the context to the original one before dumping and restore it afterwards. Note, in order to preserve the database collation at the creation time, additional ALTER DATABASE might be used (to temporary switch the database collation back to the original value). In this case, ALTER DATABASE privilege will be required. This is a backward-incompatible change. 3. INFORMATION_SCHEMA showed non-UTF8 strings The fix is to generate UTF8-query during the parsing, store it in the object and show it in the INFORMATION_SCHEMA. Basically, the idea is to create a copy of the original query convert it to UTF8. Character set introducers are removed and all text literals are converted to UTF8. This UTF8 query is intended to provide user-readable output. It must not be used to recreate the object. Specialized SHOW CREATE statements should be used for this. The reason for this limitation is the following: the original query can contain symbols from several character sets (by means of character set introducers). Example: - original query: CREATE VIEW v1 AS SELECT _cp1251 'Hello' AS c1; - UTF8 query (for INFORMATION_SCHEMA): CREATE VIEW v1 AS SELECT 'Hello' AS c1; client/mysqldump.c: Set original character set and collation before dumping definition query. include/my_sys.h: Move out-parameter to the end of list. mysql-test/lib/mtr_report.pl: Ignore server-warnings during the test case. mysql-test/r/create.result: Update result file. mysql-test/r/ctype_cp932_binlog_stm.result: Update result file. mysql-test/r/events.result: Update result file. mysql-test/r/events_bugs.result: Update result file. mysql-test/r/events_grant.result: Update result file. mysql-test/r/func_in.result: Update result file. mysql-test/r/gis.result: Update result file. mysql-test/r/grant.result: Update result file. mysql-test/r/information_schema.result: Update result file. mysql-test/r/information_schema_db.result: Update result file. mysql-test/r/lowercase_view.result: Update result file. mysql-test/r/mysqldump.result: Update result file. mysql-test/r/ndb_sp.result: Update result file. mysql-test/r/ps.result: Update result file. mysql-test/r/rpl_replicate_do.result: Update result file. mysql-test/r/rpl_sp.result: Update result file. mysql-test/r/rpl_trigger.result: Update result file. mysql-test/r/rpl_view.result: Update result file. mysql-test/r/show_check.result: Update result file. mysql-test/r/skip_grants.result: Update result file. mysql-test/r/sp-destruct.result: Update result file. mysql-test/r/sp-error.result: Update result file. mysql-test/r/sp-security.result: Update result file. mysql-test/r/sp.result: Update result file. mysql-test/r/sql_mode.result: Update result file. mysql-test/r/system_mysql_db.result: Update result file. mysql-test/r/temp_table.result: Update result file. mysql-test/r/trigger-compat.result: Update result file. mysql-test/r/trigger-grant.result: Update result file. mysql-test/r/trigger.result: Update result file. mysql-test/r/view.result: Update result file. mysql-test/r/view_grant.result: Update result file. mysql-test/t/events.test: Update test case (new columns added). mysql-test/t/information_schema.test: Update test case (new columns added). mysql-test/t/show_check.test: Test case for SHOW CREATE TRIGGER in prepared statements and stored routines. mysql-test/t/sp-destruct.test: Update test case (new columns added). mysql-test/t/sp.test: Update test case (new columns added). mysql-test/t/view.test: Update test. mysys/charset.c: Move out-parameter to the end of list. scripts/mysql_system_tables.sql: Add new columns to mysql.proc and mysql.event. scripts/mysql_system_tables_fix.sql: Add new columns to mysql.proc and mysql.event. sql/event_data_objects.cc: Support new attributes for events. sql/event_data_objects.h: Support new attributes for events. sql/event_db_repository.cc: Support new attributes for events. sql/event_db_repository.h: Support new attributes for events. sql/events.cc: Add new columns to SHOW CREATE event resultset. sql/mysql_priv.h: 1. Introduce Object_creation_ctx; 2. Introduce SHOW CREATE TRIGGER; 3. Introduce auxilary functions. sql/sp.cc: Add support for new store routines attributes. sql/sp_head.cc: Add support for new store routines attributes. sql/sp_head.h: Add support for new store routines attributes. sql/sql_lex.cc: Generate UTF8-body on parsing/lexing. sql/sql_lex.h: 1. Generate UTF8-body on parsing/lexing. 2. Introduce SHOW CREATE TRIGGER. sql/sql_parse.cc: Introduce SHOW CREATE TRIGGER. sql/sql_partition.cc: Update parse_sql(). sql/sql_prepare.cc: Update parse_sql(). sql/sql_show.cc: Support new attributes for views sql/sql_trigger.cc: Support new attributes for views sql/sql_trigger.h: Support new attributes for views sql/sql_view.cc: Support new attributes for views sql/sql_yacc.yy: 1. Add SHOW CREATE TRIGGER statement. 2. Generate UTF8-body for views, stored routines, triggers and events. sql/table.cc: Introduce Object_creation_ctx. sql/table.h: Introduce Object_creation_ctx. sql/share/errmsg.txt: Add new errors. mysql-test/include/ddl_i18n.check_events.inc: Aux file for test suite. mysql-test/include/ddl_i18n.check_sp.inc: Aux file for test suite. mysql-test/include/ddl_i18n.check_triggers.inc: Aux file for test suite. mysql-test/include/ddl_i18n.check_views.inc: Aux file for test suite. mysql-test/include/have_cp1251.inc: Aux file for test suite. mysql-test/include/have_cp866.inc: Aux file for test suite. mysql-test/include/have_koi8r.inc: Aux file for test suite. mysql-test/include/have_utf8.inc: Aux file for test suite. mysql-test/r/ddl_i18n_koi8r.result: Result file. mysql-test/r/ddl_i18n_utf8.result: Result file. mysql-test/r/have_cp1251.require: Aux file for test suite. mysql-test/r/have_cp866.require: Aux file for test suite. mysql-test/r/have_koi8r.require: Aux file for test suite. mysql-test/r/have_utf8.require: Aux file for test suite. mysql-test/t/ddl_i18n_koi8r.test: Complete koi8r test case for the CS patch. mysql-test/t/ddl_i18n_utf8.test: Complete utf8 test case for the CS patch. --- mysql-test/r/information_schema_db.result | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'mysql-test/r/information_schema_db.result') diff --git a/mysql-test/r/information_schema_db.result b/mysql-test/r/information_schema_db.result index 94ebc213122..a0fd33ac068 100644 --- a/mysql-test/r/information_schema_db.result +++ b/mysql-test/r/information_schema_db.result @@ -132,11 +132,11 @@ show fields from testdb_1.v6; Field Type Null Key Default Extra f1 char(4) YES NULL show create view testdb_1.v6; -View Create View -v6 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v6` AS select `t1`.`f1` AS `f1` from `t1` +View Create View character_set_client collation_connection +v6 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v6` AS select `t1`.`f1` AS `f1` from `t1` latin1 latin1_swedish_ci show create view testdb_1.v7; -View Create View -v7 CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2` +View Create View character_set_client collation_connection +v7 CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2` latin1 latin1_swedish_ci Warnings: Warning 1356 View 'testdb_1.v7' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them show fields from testdb_1.v7; @@ -153,22 +153,22 @@ show fields from testdb_1.v5; Field Type Null Key Default Extra f1 char(4) YES NULL show create view testdb_1.v5; -View Create View -v5 CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_1`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v5` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` +View Create View character_set_client collation_connection +v5 CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_1`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v5` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` latin1 latin1_swedish_ci show fields from testdb_1.v6; Field Type Null Key Default Extra f1 char(4) YES NULL show create view testdb_1.v6; -View Create View -v6 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v6` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` +View Create View character_set_client collation_connection +v6 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v6` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` latin1 latin1_swedish_ci show fields from testdb_1.v7; Field Type Null Key Default Extra f1 null YES NULL Warnings: Note 1449 There is no 'no_such_user'@'no_such_host' registered show create view testdb_1.v7; -View Create View -v7 CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2` +View Create View character_set_client collation_connection +v7 CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2` latin1 latin1_swedish_ci Warnings: Warning 1356 View 'testdb_1.v7' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them revoke insert(f1) on v3 from testdb_2@localhost; @@ -200,8 +200,8 @@ show fields from testdb_1.v1; Field Type Null Key Default Extra f1 char(4) YES NULL show create view v2; -View Create View -v2 CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_2`@`localhost` SQL SECURITY DEFINER VIEW `test`.`v2` AS select `v1`.`f1` AS `f1` from `testdb_1`.`v1` +View Create View character_set_client collation_connection +v2 CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_2`@`localhost` SQL SECURITY DEFINER VIEW `test`.`v2` AS select `v1`.`f1` AS `f1` from `testdb_1`.`v1` latin1 latin1_swedish_ci show create view testdb_1.v1; ERROR 42000: SHOW VIEW command denied to user 'testdb_2'@'localhost' for table 'v1' select table_name from information_schema.columns a @@ -211,7 +211,7 @@ v2 select view_definition from information_schema.views a where a.table_name = 'v2'; view_definition -/* ALGORITHM=UNDEFINED */ select `v1`.`f1` AS `f1` from `testdb_1`.`v1` +select f1 from testdb_1.v1 select view_definition from information_schema.views a where a.table_name = 'testdb_1.v1'; view_definition -- cgit v1.2.1 From 82d28fada7dc928564aefac802400c6684c11917 Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 3 Aug 2007 03:14:05 +0500 Subject: WL#3732 Information schema optimization client/mysqldump.c: table type compare is changed to case insensitive mysql-test/r/information_schema.result: test result mysql-test/r/information_schema_db.result: result fix mysql-test/suite/ndb/r/ndb_alter_table.result: result fix mysql-test/suite/ndb/r/ndb_temporary.result: result fix mysql-test/t/information_schema.test: test case sql/ha_ndbcluster.cc: char* variables are changed to LEX_STRING sql/ha_ndbcluster.h: char* variables are changed to LEX_STRING sql/ha_ndbcluster_binlog.cc: char* variables are changed to LEX_STRING sql/handler.cc: char* variables are changed to LEX_STRING sql/handler.h: char* variables are changed to LEX_STRING sql/sql_base.cc: Modified functions which are used during open table process according to table opening method and requested_object. sql/sql_select.cc: Add support for I_S tables into select_describe() function sql/sql_show.cc: 1. Added initialization of 'open_method' to 'st_field_info' structs. 2. Added initialization of 'i_s_requested_object' to 'ST_SCHEMA_TABLE' structs. 3. New function which calculates database name and table name values from 'where' condition if it's possible void get_lookup_field_values(THD *thd, COND *cond, TABLE_LIST *table, LOOKUP_FIELD_VALUES *lookup_field_vals); 4. New function which set table open method setup_table_open_method(TABLE_LIST *tables, ST_SCHEMA_TABLE *schema_table, enum enum_schema_tables schema_table_idx) 5. New function int make_db_list(THD *thd, List *files, LOOKUP_FIELD_VALUES *lookup_field_vals, bool *with_i_schema) 6. New function int make_table_name_list(THD *thd, List *files, LEX *lex, LOOKUP_FIELD_VALUES *lookup_field_vals, bool with_i_schema, LEX_STRING *db_name) 7. Modified 'get_all_tables' function according to new schema(see wl#3732). sql/sql_show.h: char* variables are changed to LEX_STRING sql/table.cc: Modified functions which are used during open table process according to table opening method and requested_object. sql/table.h: 1. added new constants(open_method) #define SKIP_OPEN_TABLE 0 #define OPEN_FRM_ONLY 1 #define OPEN_FULL_TABLE 2 2. Added new field 'open_method' into struct st_field_info; uint open_method; 3. Added new field into ST_SCHEMA_TABLE struct uint i_s_requested_object; /* the object we need to open(TABLE | VIEW) */. 4. Added new field to TABLE_LIST struct. uint i_s_requested_object; This field is set from ST_SCHEMA_TABLE.i_s_requested_object for processed table before opening. 5. Added new fields to TABLE_LIST struct, used for 'explain select' for I_S table bool has_db_lookup_value; bool has_table_lookup_value; uint table_open_method; sql/unireg.h: added new constants --- mysql-test/r/information_schema_db.result | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mysql-test/r/information_schema_db.result') diff --git a/mysql-test/r/information_schema_db.result b/mysql-test/r/information_schema_db.result index a0fd33ac068..e5a5a583de3 100644 --- a/mysql-test/r/information_schema_db.result +++ b/mysql-test/r/information_schema_db.result @@ -74,11 +74,11 @@ drop table t1; select table_name, table_type, table_comment from information_schema.tables where table_schema='inf%' and func2(); table_name table_type table_comment -v1 VIEW View 'inf%.v1' references invalid table(s) or column(s) or function(s) or define +v1 VIEW VIEW select table_name, table_type, table_comment from information_schema.tables where table_schema='inf%' and func2(); table_name table_type table_comment -v1 VIEW View 'inf%.v1' references invalid table(s) or column(s) or function(s) or define +v1 VIEW VIEW drop view v1; drop function func1; drop function func2; -- cgit v1.2.1 From 29ee5ed0a04a2db4e5e23a359a3acf9b4e474ab0 Mon Sep 17 00:00:00 2001 From: unknown Date: Mon, 20 Aug 2007 11:23:08 +0500 Subject: Bug#27629 Possible security flaw in INFORMATION_SCHEMA and SHOW statements added SUPER_ACL check for I_S.TRIGGERS mysql-test/r/information_schema.result: result fix mysql-test/r/information_schema_db.result: result fix mysql-test/t/information_schema.test: test case sql/sql_show.cc: added SUPER_ACL check for I_S.TRIGGERS --- mysql-test/r/information_schema_db.result | 2 -- 1 file changed, 2 deletions(-) (limited to 'mysql-test/r/information_schema_db.result') diff --git a/mysql-test/r/information_schema_db.result b/mysql-test/r/information_schema_db.result index 2d330dda333..dd1f0295277 100644 --- a/mysql-test/r/information_schema_db.result +++ b/mysql-test/r/information_schema_db.result @@ -140,13 +140,11 @@ create view v2 as select f1 from testdb_1.v1; create view v4 as select f1,f2 from testdb_1.v3; show fields from testdb_1.v5; Field Type Null Key Default Extra -f1 char(4) YES NULL show create view testdb_1.v5; View Create View v5 CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_1`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v5` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` show fields from testdb_1.v6; Field Type Null Key Default Extra -f1 char(4) YES NULL show create view testdb_1.v6; View Create View v6 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v6` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1` -- cgit v1.2.1