Commit 442e0f01 authored by Ramil Kalimullin's avatar Ramil Kalimullin

Manual merge.

parents baa8f012 422621a4
...@@ -645,7 +645,7 @@ void cleanup_items(Item *item) ...@@ -645,7 +645,7 @@ void cleanup_items(Item *item)
*/ */
static static
int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name) int mysql_table_dump(THD *thd, LEX_STRING *db, LEX_STRING *table_name)
{ {
TABLE* table; TABLE* table;
TABLE_LIST* table_list; TABLE_LIST* table_list;
...@@ -659,7 +659,7 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name) ...@@ -659,7 +659,7 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name)
if (!(table_list = (TABLE_LIST*) thd->calloc(sizeof(TABLE_LIST)))) if (!(table_list = (TABLE_LIST*) thd->calloc(sizeof(TABLE_LIST))))
DBUG_RETURN(1); // out of memory DBUG_RETURN(1); // out of memory
table_list->db= db->str; table_list->db= db->str;
table_list->table_name= table_list->alias= tbl_name; table_list->table_name= table_list->alias= table_name->str;
table_list->lock_type= TL_READ_NO_INSERT; table_list->lock_type= TL_READ_NO_INSERT;
table_list->prev_global= &table_list; // can be removed after merge with 4.1 table_list->prev_global= &table_list; // can be removed after merge with 4.1
...@@ -670,8 +670,16 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name) ...@@ -670,8 +670,16 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name)
goto err; goto err;
/* purecov: end */ /* purecov: end */
} }
if (!table_name->length ||
check_table_name(table_name->str, table_name->length, TRUE))
{
my_error(ER_WRONG_TABLE_NAME, MYF(0),
table_name->str ? table_name->str : "NULL");
error= 1;
goto err;
}
if (lower_case_table_names) if (lower_case_table_names)
my_casedn_str(files_charset_info, tbl_name); my_casedn_str(files_charset_info, table_name->str);
if (!(table=open_ltable(thd, table_list, TL_READ_NO_INSERT, 0))) if (!(table=open_ltable(thd, table_list, TL_READ_NO_INSERT, 0)))
DBUG_RETURN(1); DBUG_RETURN(1);
...@@ -679,7 +687,7 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name) ...@@ -679,7 +687,7 @@ int mysql_table_dump(THD *thd, LEX_STRING *db, char *tbl_name)
if (check_one_table_access(thd, SELECT_ACL, table_list)) if (check_one_table_access(thd, SELECT_ACL, table_list))
goto err; goto err;
thd->free_list = 0; thd->free_list = 0;
thd->set_query(tbl_name, (uint) strlen(tbl_name)); thd->set_query(table_name->str, table_name->length);
if ((error = mysqld_dump_create_info(thd, table_list, -1))) if ((error = mysqld_dump_create_info(thd, table_list, -1)))
{ {
my_error(ER_GET_ERRNO, MYF(0), my_errno); my_error(ER_GET_ERRNO, MYF(0), my_errno);
...@@ -1039,8 +1047,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, ...@@ -1039,8 +1047,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
#endif #endif
case COM_TABLE_DUMP: case COM_TABLE_DUMP:
{ {
char *tbl_name; LEX_STRING db, table;
LEX_STRING db;
/* Safe because there is always a trailing \0 at the end of the packet */ /* Safe because there is always a trailing \0 at the end of the packet */
uint db_len= *(uchar*) packet; uint db_len= *(uchar*) packet;
if (db_len + 1 > packet_length || db_len > NAME_LEN) if (db_len + 1 > packet_length || db_len > NAME_LEN)
...@@ -1065,9 +1072,10 @@ bool dispatch_command(enum enum_server_command command, THD *thd, ...@@ -1065,9 +1072,10 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
break; break;
} }
db.length= db_len; db.length= db_len;
tbl_name= strmake(db.str, packet + 1, db_len)+1; table.length= tbl_len;
strmake(tbl_name, packet + db_len + 2, tbl_len); table.str= strmake(db.str, packet + 1, db_len) + 1;
if (mysql_table_dump(thd, &db, tbl_name) == 0) strmake(table.str, packet + db_len + 2, tbl_len);
if (mysql_table_dump(thd, &db, &table) == 0)
thd->main_da.disable_status(); thd->main_da.disable_status();
break; break;
} }
......
...@@ -18093,6 +18093,43 @@ static void test_bug53371() ...@@ -18093,6 +18093,43 @@ static void test_bug53371()
} }
static void test_bug53907()
{
int rc;
char buf[] = "\x4test\x14../client_test_db/t1";
myheader("test_bug53907");
rc= mysql_query(mysql, "DROP TABLE IF EXISTS t1");
myquery(rc);
rc= mysql_query(mysql, "DROP DATABASE IF EXISTS bug53907");
myquery(rc);
rc= mysql_query(mysql, "DROP USER 'testbug'@localhost");
rc= mysql_query(mysql, "CREATE TABLE t1 (a INT)");
myquery(rc);
rc= mysql_query(mysql, "CREATE DATABASE bug53907");
myquery(rc);
rc= mysql_query(mysql, "GRANT SELECT ON bug53907.* to 'testbug'@localhost");
myquery(rc);
rc= mysql_change_user(mysql, "testbug", NULL, "bug53907");
myquery(rc);
rc= simple_command(mysql, COM_TABLE_DUMP, buf, sizeof(buf), 0);
fprintf(stderr, ">>>>>>>>> %d\n", mysql_errno(mysql));
DIE_UNLESS(mysql_errno(mysql) == 1103); /* ER_WRONG_TABLE_NAME */
rc= mysql_change_user(mysql, opt_user, opt_password, current_db);
myquery(rc);
rc= mysql_query(mysql, "DROP TABLE t1");
myquery(rc);
rc= mysql_query(mysql, "DROP DATABASE bug53907");
myquery(rc);
rc= mysql_query(mysql, "DROP USER 'testbug'@localhost");
myquery(rc);
}
/** /**
Bug#42373: libmysql can mess a connection at connect Bug#42373: libmysql can mess a connection at connect
...@@ -18484,6 +18521,7 @@ static struct my_tests_st my_tests[]= { ...@@ -18484,6 +18521,7 @@ static struct my_tests_st my_tests[]= {
{ "test_bug20023", test_bug20023 }, { "test_bug20023", test_bug20023 },
{ "test_bug45010", test_bug45010 }, { "test_bug45010", test_bug45010 },
{ "test_bug53371", test_bug53371 }, { "test_bug53371", test_bug53371 },
{ "test_bug53907", test_bug53907 },
{ "test_bug31418", test_bug31418 }, { "test_bug31418", test_bug31418 },
{ "test_bug31669", test_bug31669 }, { "test_bug31669", test_bug31669 },
{ "test_bug28386", test_bug28386 }, { "test_bug28386", test_bug28386 },
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment