Commit ef7ebed4 authored by unknown's avatar unknown

Code cleanups during review of pushed code


sql/mysql_priv.h:
  Added 'const' to some arguments
sql/sp_head.cc:
  Added comments
  code cleanup
  acceess -> access
sql/sql_acl.cc:
  Simply code by making check_routine_level_acl() available also in embedded server
sql/sql_acl.h:
  Added 'const' to some arguments
sql/sql_parse.cc:
  Added 'const' to some arguments
  Fixed the check_rounte_level_acl() is always called
  (old code didn't properly check access privilges if grant_option was not set)
sql/sql_show.cc:
  Simplify usage of get_field()
  Now we can always call check_some_routine_access()
sql/sql_udf.cc:
  Don't give warnings for suspicios UDF's if --log-warnings isn't given
sql/table.cc:
  Simplify usage of get_field()
parent 722ffa87
...@@ -453,7 +453,7 @@ bool check_procedure_access(THD *thd,ulong want_access,char *db,char *name, ...@@ -453,7 +453,7 @@ bool check_procedure_access(THD *thd,ulong want_access,char *db,char *name,
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table); bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
bool check_merge_table_access(THD *thd, char *db, bool check_merge_table_access(THD *thd, char *db,
TABLE_LIST *table_list); TABLE_LIST *table_list);
bool check_some_routine_access(THD *thd, char *db, char *name); bool check_some_routine_access(THD *thd, const char *db, const char *name);
bool multi_update_precheck(THD *thd, TABLE_LIST *tables); bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count); bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count);
bool mysql_multi_update_prepare(THD *thd); bool mysql_multi_update_prepare(THD *thd);
......
...@@ -1015,23 +1015,31 @@ sp_head::restore_thd_mem_root(THD *thd) ...@@ -1015,23 +1015,31 @@ sp_head::restore_thd_mem_root(THD *thd)
} }
bool check_show_routine_acceess(THD *thd, sp_head *sp, bool *full_access) /*
Check if a user has access right to a routine
SYNOPSIS
check_show_routine_access()
thd Thread handler
sp SP
full_access Set to 1 if the user has SELECT right to the
'mysql.proc' able or is the owner of the routine
RETURN
0 ok
1 error
*/
bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
{ {
TABLE_LIST tables; TABLE_LIST tables;
bzero((char*) &tables,sizeof(tables)); bzero((char*) &tables,sizeof(tables));
tables.db= (char*) "mysql"; tables.db= (char*) "mysql";
tables.table_name= tables.alias= (char*) "proc"; tables.table_name= tables.alias= (char*) "proc";
*full_access= !check_table_access(thd, SELECT_ACL, &tables, 1); *full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1) ||
if (!(*full_access)) (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
*full_access= (!strcmp(sp->m_definer_user.str, thd->priv_user) && !strcmp(sp->m_definer_host.str, thd->priv_host)));
!strcmp(sp->m_definer_host.str, thd->priv_host)); if (!*full_access)
if (!(*full_access)) return check_some_routine_access(thd, sp->m_db.str, sp->m_name.str);
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
return check_some_routine_access(thd, (char * )sp->m_db.str,
(char * ) sp->m_name.str);
#endif
}
return 0; return 0;
} }
...@@ -1055,7 +1063,7 @@ sp_head::show_create_procedure(THD *thd) ...@@ -1055,7 +1063,7 @@ sp_head::show_create_procedure(THD *thd)
LINT_INIT(sql_mode_str); LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len); LINT_INIT(sql_mode_len);
if (check_show_routine_acceess(thd, this, &full_access)) if (check_show_routine_access(thd, this, &full_access))
return 1; return 1;
old_sql_mode= thd->variables.sql_mode; old_sql_mode= thd->variables.sql_mode;
...@@ -1128,7 +1136,7 @@ sp_head::show_create_function(THD *thd) ...@@ -1128,7 +1136,7 @@ sp_head::show_create_function(THD *thd)
LINT_INIT(sql_mode_str); LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len); LINT_INIT(sql_mode_len);
if (check_show_routine_acceess(thd, this, &full_access)) if (check_show_routine_access(thd, this, &full_access))
return 1; return 1;
old_sql_mode= thd->variables.sql_mode; old_sql_mode= thd->variables.sql_mode;
......
...@@ -3594,11 +3594,11 @@ err: ...@@ -3594,11 +3594,11 @@ err:
name Routine name name Routine name
RETURN RETURN
1 error
0 Ok 0 Ok
1 error
*/ */
bool check_routine_level_acl(THD *thd, char *db, char *name) bool check_routine_level_acl(THD *thd, const char *db, const char *name)
{ {
bool no_routine_acl= 1; bool no_routine_acl= 1;
if (grant_option) if (grant_option)
...@@ -5570,4 +5570,16 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, ...@@ -5570,4 +5570,16 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
grant->privilege|= grant->grant_table->privs; grant->privilege|= grant->grant_table->privs;
} }
} }
#else /* NO_EMBEDDED_ACCESS_CHECKS */
/****************************************************************************
Dummy wrappers when we don't have any access checks
****************************************************************************/
bool check_routine_level_acl(THD *thd, const char *db, const char *name)
{
return FALSE;
}
#endif #endif
...@@ -219,7 +219,7 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, ...@@ -219,7 +219,7 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
const char *db, const char *table); const char *db, const char *table);
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name); bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name);
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name); bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name);
bool check_routine_level_acl(THD *thd, char *db, char *name); bool check_routine_level_acl(THD *thd, const char *db, const char *name);
#ifdef NO_EMBEDDED_ACCESS_CHECKS #ifdef NO_EMBEDDED_ACCESS_CHECKS
#define check_grant(A,B,C,D,E,F) 0 #define check_grant(A,B,C,D,E,F) 0
......
...@@ -4760,7 +4760,7 @@ check_procedure_access(THD *thd, ulong want_access,char *db, char *name, ...@@ -4760,7 +4760,7 @@ check_procedure_access(THD *thd, ulong want_access,char *db, char *name,
1 error 1 error
*/ */
bool check_some_routine_access(THD *thd, char *db, char *name) bool check_some_routine_access(THD *thd, const char *db, const char *name)
{ {
ulong save_priv; ulong save_priv;
if (thd->master_access & SHOW_PROC_ACLS) if (thd->master_access & SHOW_PROC_ACLS)
...@@ -4768,12 +4768,7 @@ bool check_some_routine_access(THD *thd, char *db, char *name) ...@@ -4768,12 +4768,7 @@ bool check_some_routine_access(THD *thd, char *db, char *name)
if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) || if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) ||
(save_priv & SHOW_PROC_ACLS)) (save_priv & SHOW_PROC_ACLS))
return FALSE; return FALSE;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (grant_option)
return check_routine_level_acl(thd, db, name); return check_routine_level_acl(thd, db, name);
#endif
return FALSE;
} }
......
...@@ -2481,13 +2481,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table, ...@@ -2481,13 +2481,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
definer= get_field(thd->mem_root, proc_table->field[11]); definer= get_field(thd->mem_root, proc_table->field[11]);
if (!full_access) if (!full_access)
full_access= !strcmp(sp_user, definer); full_access= !strcmp(sp_user, definer);
if (!full_access) if (!full_access && check_some_routine_access(thd, sp_db, sp_name))
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (check_some_routine_access(thd, (char * )sp_db, (char * )sp_name))
return; return;
#endif
}
if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC && if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC &&
proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE || proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE ||
...@@ -2499,36 +2494,30 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table, ...@@ -2499,36 +2494,30 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0)) if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0))
{ {
table->field[3]->store(sp_name, strlen(sp_name), cs); table->field[3]->store(sp_name, strlen(sp_name), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[3], &tmp_string); get_field(thd->mem_root, proc_table->field[3], &tmp_string);
table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[2]->store(sp_db, strlen(sp_db), cs); table->field[2]->store(sp_db, strlen(sp_db), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[2], &tmp_string); get_field(thd->mem_root, proc_table->field[2], &tmp_string);
table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION) if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION)
{ {
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[9], &tmp_string); get_field(thd->mem_root, proc_table->field[9], &tmp_string);
table->field[5]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[5]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[5]->set_notnull(); table->field[5]->set_notnull();
} }
if (full_access) if (full_access)
{ {
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[10], &tmp_string); get_field(thd->mem_root, proc_table->field[10], &tmp_string);
table->field[7]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[7]->store(tmp_string.ptr(), tmp_string.length(), cs);
} }
table->field[6]->store("SQL", 3, cs); table->field[6]->store("SQL", 3, cs);
table->field[10]->store("SQL", 3, cs); table->field[10]->store("SQL", 3, cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[6], &tmp_string); get_field(thd->mem_root, proc_table->field[6], &tmp_string);
table->field[11]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[11]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[5]->val_int() == SP_CONTAINS_SQL) if (proc_table->field[5]->val_int() == SP_CONTAINS_SQL)
{ {
table->field[12]->store("CONTAINS SQL", 12 , cs); table->field[12]->store("CONTAINS SQL", 12 , cs);
} }
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[7], &tmp_string); get_field(thd->mem_root, proc_table->field[7], &tmp_string);
table->field[14]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[14]->store(tmp_string.ptr(), tmp_string.length(), cs);
bzero((char *)&time, sizeof(time)); bzero((char *)&time, sizeof(time));
...@@ -2537,10 +2526,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table, ...@@ -2537,10 +2526,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
bzero((char *)&time, sizeof(time)); bzero((char *)&time, sizeof(time));
((Field_timestamp *) proc_table->field[13])->get_time(&time); ((Field_timestamp *) proc_table->field[13])->get_time(&time);
table->field[16]->store_time(&time, MYSQL_TIMESTAMP_DATETIME); table->field[16]->store_time(&time, MYSQL_TIMESTAMP_DATETIME);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[14], &tmp_string); get_field(thd->mem_root, proc_table->field[14], &tmp_string);
table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[15], &tmp_string); get_field(thd->mem_root, proc_table->field[15], &tmp_string);
table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs); table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[19]->store(definer, strlen(definer), cs); table->field[19]->store(definer, strlen(definer), cs);
......
...@@ -110,15 +110,15 @@ static char *init_syms(udf_func *tmp, char *nm) ...@@ -110,15 +110,15 @@ static char *init_syms(udf_func *tmp, char *nm)
*/ */
if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE) if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE)
{ {
if (opt_allow_suspicious_udfs) if (!opt_allow_suspicious_udfs)
sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), nm);
else
return nm; return nm;
if (current_thd->variables.log_warnings)
sql_print_warning(ER(ER_CANT_FIND_DL_ENTRY), nm);
} }
return 0; return 0;
} }
extern "C" byte* get_hash_key(const byte *buff,uint *length, extern "C" byte* get_hash_key(const byte *buff,uint *length,
my_bool not_used __attribute__((unused))) my_bool not_used __attribute__((unused)))
{ {
...@@ -127,9 +127,10 @@ extern "C" byte* get_hash_key(const byte *buff,uint *length, ...@@ -127,9 +127,10 @@ extern "C" byte* get_hash_key(const byte *buff,uint *length,
return (byte*) udf->name.str; return (byte*) udf->name.str;
} }
/* /*
** Read all predeclared functions from mysql.func and accept all that Read all predeclared functions from mysql.func and accept all that
** can be used. can be used.
*/ */
void udf_init() void udf_init()
......
...@@ -1390,8 +1390,12 @@ bool get_field(MEM_ROOT *mem, Field *field, String *res) ...@@ -1390,8 +1390,12 @@ bool get_field(MEM_ROOT *mem, Field *field, String *res)
field->val_str(&str); field->val_str(&str);
if (!(length= str.length())) if (!(length= str.length()))
{
res->length(0);
return 1; return 1;
to= strmake_root(mem, str.ptr(), length); }
if (!(to= strmake_root(mem, str.ptr(), length)))
length= 0; // Safety fix
res->set(to, length, ((Field_str*)field)->charset()); res->set(to, length, ((Field_str*)field)->charset());
return 0; return 0;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment