Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
0ed4b9c0
Commit
0ed4b9c0
authored
Feb 24, 2003
by
venu@myvenu.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix for the prepared statement access checks
parent
245a6f84
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
5 deletions
+26
-5
sql/sql_prepare.cc
sql/sql_prepare.cc
+26
-5
No files found.
sql/sql_prepare.cc
View file @
0ed4b9c0
...
@@ -454,8 +454,17 @@ static bool mysql_test_insert_fields(PREP_STMT *stmt,
...
@@ -454,8 +454,17 @@ static bool mysql_test_insert_fields(PREP_STMT *stmt,
List_item
*
values
;
List_item
*
values
;
DBUG_ENTER
(
"mysql_test_insert_fields"
);
DBUG_ENTER
(
"mysql_test_insert_fields"
);
if
(
!
(
table
=
open_ltable
(
thd
,
table_list
,
table_list
->
lock_type
)))
my_bool
update
=
(
thd
->
lex
.
value_list
.
elements
?
UPDATE_ACL
:
0
);
DBUG_RETURN
(
1
);
ulong
privilege
=
(
thd
->
lex
.
duplicates
==
DUP_REPLACE
?
INSERT_ACL
|
DELETE_ACL
:
INSERT_ACL
|
update
);
if
(
check_access
(
thd
,
privilege
,
table_list
->
db
,
&
table_list
->
grant
.
privilege
)
||
(
grant_option
&&
check_grant
(
thd
,
privilege
,
table_list
))
||
open_and_lock_tables
(
thd
,
table_list
))
DBUG_RETURN
(
1
);
table
=
table_list
->
table
;
if
((
values
=
its
++
))
if
((
values
=
its
++
))
{
{
...
@@ -502,7 +511,10 @@ static bool mysql_test_upd_fields(PREP_STMT *stmt, TABLE_LIST *table_list,
...
@@ -502,7 +511,10 @@ static bool mysql_test_upd_fields(PREP_STMT *stmt, TABLE_LIST *table_list,
THD
*
thd
=
stmt
->
thd
;
THD
*
thd
=
stmt
->
thd
;
DBUG_ENTER
(
"mysql_test_upd_fields"
);
DBUG_ENTER
(
"mysql_test_upd_fields"
);
if
(
open_and_lock_tables
(
thd
,
table_list
))
if
(
check_access
(
thd
,
UPDATE_ACL
,
table_list
->
db
,
&
table_list
->
grant
.
privilege
)
||
(
grant_option
&&
check_grant
(
thd
,
UPDATE_ACL
,
table_list
))
||
open_and_lock_tables
(
thd
,
table_list
))
DBUG_RETURN
(
1
);
DBUG_RETURN
(
1
);
if
(
setup_tables
(
table_list
)
||
if
(
setup_tables
(
table_list
)
||
...
@@ -545,6 +557,15 @@ static bool mysql_test_select_fields(PREP_STMT *stmt, TABLE_LIST *tables,
...
@@ -545,6 +557,15 @@ static bool mysql_test_select_fields(PREP_STMT *stmt, TABLE_LIST *tables,
select_result
*
result
=
thd
->
lex
.
result
;
select_result
*
result
=
thd
->
lex
.
result
;
DBUG_ENTER
(
"mysql_test_select_fields"
);
DBUG_ENTER
(
"mysql_test_select_fields"
);
ulong
privilege
=
lex
->
exchange
?
SELECT_ACL
|
FILE_ACL
:
SELECT_ACL
;
if
(
tables
)
{
if
(
check_table_access
(
thd
,
privilege
,
tables
))
DBUG_RETURN
(
1
);
}
else
if
(
check_access
(
thd
,
privilege
,
"*any*"
))
DBUG_RETURN
(
1
);
if
((
&
lex
->
select_lex
!=
lex
->
all_selects_list
&&
if
((
&
lex
->
select_lex
!=
lex
->
all_selects_list
&&
lex
->
unit
.
create_total_list
(
thd
,
lex
,
&
tables
,
0
)))
lex
->
unit
.
create_total_list
(
thd
,
lex
,
&
tables
,
0
)))
DBUG_RETURN
(
1
);
DBUG_RETURN
(
1
);
...
@@ -716,8 +737,8 @@ static void init_stmt_execute(PREP_STMT *stmt)
...
@@ -716,8 +737,8 @@ static void init_stmt_execute(PREP_STMT *stmt)
TODO: When the new table structure is ready, then have a status bit
TODO: When the new table structure is ready, then have a status bit
to indicate the table is altered, and re-do the setup_*
to indicate the table is altered, and re-do the setup_*
and open the tables back.
and open the tables back.
*/
*/
if
(
tables
)
for
(;
tables
;
tables
=
tables
->
next
)
tables
->
table
=
0
;
//safety - nasty init
tables
->
table
=
0
;
//safety - nasty init
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment