From 9ad51c631c7ef6d5ed4bea0b6171a98502844c81 Mon Sep 17 00:00:00 2001
From: unknown <dlenev@brandersnatch.localdomain>
Date: Thu, 9 Dec 2004 13:31:46 +0300
Subject: Fix for bug #6765 "Implicit access to time zone description tables
requires privileges for them if some table or column level grants present"
(with after-review fixes).
We should set SELECT_ACL for implicitly opened tables in
my_tz_check_n_skip_implicit_tables() to be able to bypass privilege
checking in check_grant(). Also we should exclude those tables from
privilege checking in multi-update.
mysql-test/r/timezone2.result:
Extended test for bug #6116 "SET time_zone := ... requires access to
mysql.time_zone tables"
Added test for bug #6765 "Implicit access to time zone description
tables requires privileges for them if some table or column level grants
present"
mysql-test/t/timezone2.test:
Extended test for bug #6116 "SET time_zone := ... requires access to
mysql.time_zone tables"
Added test for bug #6765 "Implicit access to time zone description
tables requires privileges for them if some table or column level grants
present"
sql/item_geofunc.cc:
sql_acl.h is now included via mysql_priv.h
sql/item_strfunc.cc:
sql_acl.h is now included via mysql_priv.h
sql/log.cc:
sql_acl.h is now included via mysql_priv.h
sql/mysql_priv.h:
Now we have to include sql_acl.h before tztime.h, since
my_tz_check_n_skip_implicit_tables() defined there requires
SELECT_ACL constant defined in sql_acl.h.
sql/mysqld.cc:
sql_acl.h is now included via mysql_priv.h
sql/repl_failsafe.cc:
sql_acl.h is now included via mysql_priv.h
sql/set_var.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_acl.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_base.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_cache.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_class.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_db.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_derived.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_do.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_insert.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_parse.cc:
check_one_table_access(): Tweaked comments.
multi_update_precheck(): Added skipping of implicitly opened tables
during privilege checking.
sql/sql_prepare.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_repl.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_show.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_update.cc:
sql_acl.h is now included via mysql_priv.h
sql/sql_yacc.yy:
sql_acl.h is now included via mysql_priv.h
sql/tztime.h:
my_tz_check_n_skip_implicit_tables():
We should set SELECT_ACL for implictly opened tables to be able to
bypass privilege checking in check_grant().
---
sql/sql_insert.cc | 1 -
1 file changed, 1 deletion(-)
(limited to 'sql/sql_insert.cc')
diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc
index d590d3b5093..f191a4b327a 100644
--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -18,7 +18,6 @@
/* Insert of records */
#include "mysql_priv.h"
-#include "sql_acl.h"
static int check_null_fields(THD *thd,TABLE *entry);
#ifndef EMBEDDED_LIBRARY
--
cgit v1.2.1
From 46364ddb1978802ad9bf5418738b03d0cfe8bd61 Mon Sep 17 00:00:00 2001
From: unknown <acurtis@pcgem.rdg.cyberkinetica.com>
Date: Mon, 13 Dec 2004 12:26:28 +0000
Subject: WL#2274 - INSERT..SELECT..UPDATE UPDATE clause conflicts with
SELECT for use of item_list field. Alter UPDATE clause to use new lex field
update_list Tests included
mysql-test/r/insert_update.result:
WL#2274
New tests for INSERT..SELECT..UPDATE
mysql-test/t/insert_update.test:
WL#2274
New tests for INSERT..SELECT..UPDATE
sql/mysql_priv.h:
Remove function - insert_select_precheck()
sql/sql_class.h:
WL#2274
New constructor for class select_insert
sql/sql_insert.cc:
WL#2274
Move code into mysql_prepare_insert
Add checks as param values may be NULL
sql/sql_lex.cc:
WL#2274
initialize lex->update_list
sql/sql_lex.h:
WL#2274
New field in LEX: update_list
sql/sql_parse.cc:
WL#2274
INSERT..UPDATE clause now populates lex->update_list
Remove redundant function: insert_select_precheck()
sql/sql_prepare.cc:
WL#2274
invoke insert_precheck() instead of insert_select_precheck()
sql/sql_yacc.yy:
WL#2274
Enable INSERT..SELECT..UPDATE syntax
New rule - insert_update_list, to populate lex->update_list
---
sql/sql_insert.cc | 27 +++++++++++++++------------
1 file changed, 15 insertions(+), 12 deletions(-)
(limited to 'sql/sql_insert.cc')
diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc
index 768acb0cf9e..ce64890523a 100644
--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -197,15 +197,6 @@ int mysql_insert(THD *thd,TABLE_LIST *table_list,
thd->used_tables=0;
values= its++;
- if (duplic == DUP_UPDATE && !table->insert_values)
- {
- /* it should be allocated before Item::fix_fields() */
- table->insert_values=
- (byte *)alloc_root(thd->mem_root, table->rec_buff_length);
- if (!table->insert_values)
- goto abort;
- }
-
if (mysql_prepare_insert(thd, table_list, insert_table_list, table,
fields, values, update_fields,
update_values, duplic))
@@ -448,14 +439,24 @@ int mysql_prepare_insert(THD *thd, TABLE_LIST *table_list,
enum_duplicates duplic)
{
DBUG_ENTER("mysql_prepare_insert");
- if (check_insert_fields(thd, table, fields, *values, 1) ||
+ if (duplic == DUP_UPDATE && !table->insert_values)
+ {
+ /* it should be allocated before Item::fix_fields() */
+ table->insert_values=
+ (byte *)alloc_root(thd->mem_root, table->rec_buff_length);
+ if (!table->insert_values)
+ DBUG_RETURN(-1);
+ }
+ if ((values && check_insert_fields(thd, table, fields, *values, 1)) ||
setup_tables(insert_table_list) ||
- setup_fields(thd, 0, insert_table_list, *values, 0, 0, 0) ||
+ (values && setup_fields(thd, 0, insert_table_list, *values, 0, 0, 0)) ||
(duplic == DUP_UPDATE &&
(setup_fields(thd, 0, insert_table_list, update_fields, 1, 0, 0) ||
setup_fields(thd, 0, insert_table_list, update_values, 1, 0, 0))))
DBUG_RETURN(-1);
- if (find_real_table_in_list(table_list->next,
+ if ((thd->lex->sql_command==SQLCOM_INSERT ||
+ thd->lex->sql_command==SQLCOM_REPLACE) &&
+ find_real_table_in_list(table_list->next,
table_list->db, table_list->real_name))
{
my_error(ER_UPDATE_TABLE_USED, MYF(0), table_list->real_name);
@@ -550,8 +551,10 @@ int write_record(TABLE *table,COPY_INFO *info)
that matches, is updated. If update causes a conflict again,
an error is returned
*/
+ DBUG_ASSERT(table->insert_values != NULL);
store_record(table,insert_values);
restore_record(table,record[1]);
+ DBUG_ASSERT(info->update_fields->elements==info->update_values->elements);
if (fill_record(*info->update_fields, *info->update_values, 0))
goto err;
if ((error=table->file->update_row(table->record[1],table->record[0])))
--
cgit v1.2.1