Commit 56af0e38 authored by unknown's avatar unknown

Code cleanups during review of pushed code


sql/mysql_priv.h:
  Added 'const' to some arguments
sql/sp_head.cc:
  Added comments
  code cleanup
  acceess -> access
sql/sql_acl.cc:
  Simply code by making check_routine_level_acl() available also in embedded server
sql/sql_acl.h:
  Added 'const' to some arguments
sql/sql_parse.cc:
  Added 'const' to some arguments
  Fixed the check_rounte_level_acl() is always called
  (old code didn't properly check access privilges if grant_option was not set)
sql/sql_show.cc:
  Simplify usage of get_field()
  Now we can always call check_some_routine_access()
sql/sql_udf.cc:
  Don't give warnings for suspicios UDF's if --log-warnings isn't given
sql/table.cc:
  Simplify usage of get_field()
parent 31e2b4ea
......@@ -453,7 +453,7 @@ bool check_procedure_access(THD *thd,ulong want_access,char *db,char *name,
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
bool check_merge_table_access(THD *thd, char *db,
TABLE_LIST *table_list);
bool check_some_routine_access(THD *thd, char *db, char *name);
bool check_some_routine_access(THD *thd, const char *db, const char *name);
bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count);
bool mysql_multi_update_prepare(THD *thd);
......
......@@ -1015,23 +1015,31 @@ sp_head::restore_thd_mem_root(THD *thd)
}
bool check_show_routine_acceess(THD *thd, sp_head *sp, bool *full_access)
/*
Check if a user has access right to a routine
SYNOPSIS
check_show_routine_access()
thd Thread handler
sp SP
full_access Set to 1 if the user has SELECT right to the
'mysql.proc' able or is the owner of the routine
RETURN
0 ok
1 error
*/
bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
{
TABLE_LIST tables;
bzero((char*) &tables,sizeof(tables));
tables.db= (char*) "mysql";
tables.table_name= tables.alias= (char*) "proc";
*full_access= !check_table_access(thd, SELECT_ACL, &tables, 1);
if (!(*full_access))
*full_access= (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
!strcmp(sp->m_definer_host.str, thd->priv_host));
if (!(*full_access))
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
return check_some_routine_access(thd, (char * )sp->m_db.str,
(char * ) sp->m_name.str);
#endif
}
*full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1) ||
(!strcmp(sp->m_definer_user.str, thd->priv_user) &&
!strcmp(sp->m_definer_host.str, thd->priv_host)));
if (!*full_access)
return check_some_routine_access(thd, sp->m_db.str, sp->m_name.str);
return 0;
}
......@@ -1055,7 +1063,7 @@ sp_head::show_create_procedure(THD *thd)
LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len);
if (check_show_routine_acceess(thd, this, &full_access))
if (check_show_routine_access(thd, this, &full_access))
return 1;
old_sql_mode= thd->variables.sql_mode;
......@@ -1128,7 +1136,7 @@ sp_head::show_create_function(THD *thd)
LINT_INIT(sql_mode_str);
LINT_INIT(sql_mode_len);
if (check_show_routine_acceess(thd, this, &full_access))
if (check_show_routine_access(thd, this, &full_access))
return 1;
old_sql_mode= thd->variables.sql_mode;
......
......@@ -2125,7 +2125,7 @@ static GRANT_NAME *name_hash_search(HASH *name_hash,
inline GRANT_NAME *
proc_hash_search(const char *host, const char *ip, const char *db,
const char *user, const char *tname, bool exact)
const char *user, const char *tname, bool exact)
{
return (GRANT_TABLE*) name_hash_search(&proc_priv_hash, host, ip, db,
user, tname, exact);
......@@ -3594,11 +3594,11 @@ bool check_grant_procedure(THD *thd, ulong want_access,
name Routine name
RETURN
1 error
0 Ok
1 error
*/
bool check_routine_level_acl(THD *thd, char *db, char *name)
bool check_routine_level_acl(THD *thd, const char *db, const char *name)
{
bool no_routine_acl= 1;
if (grant_option)
......@@ -5570,4 +5570,16 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
grant->privilege|= grant->grant_table->privs;
}
}
#else /* NO_EMBEDDED_ACCESS_CHECKS */
/****************************************************************************
Dummy wrappers when we don't have any access checks
****************************************************************************/
bool check_routine_level_acl(THD *thd, const char *db, const char *name)
{
return FALSE;
}
#endif
......@@ -219,7 +219,7 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
const char *db, const char *table);
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name);
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name);
bool check_routine_level_acl(THD *thd, char *db, char *name);
bool check_routine_level_acl(THD *thd, const char *db, const char *name);
#ifdef NO_EMBEDDED_ACCESS_CHECKS
#define check_grant(A,B,C,D,E,F) 0
......
......@@ -4760,7 +4760,7 @@ check_procedure_access(THD *thd, ulong want_access,char *db, char *name,
1 error
*/
bool check_some_routine_access(THD *thd, char *db, char *name)
bool check_some_routine_access(THD *thd, const char *db, const char *name)
{
ulong save_priv;
if (thd->master_access & SHOW_PROC_ACLS)
......@@ -4768,12 +4768,7 @@ bool check_some_routine_access(THD *thd, char *db, char *name)
if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) ||
(save_priv & SHOW_PROC_ACLS))
return FALSE;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (grant_option)
return check_routine_level_acl(thd, db, name);
#endif
return FALSE;
return check_routine_level_acl(thd, db, name);
}
......
......@@ -2481,13 +2481,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
definer= get_field(thd->mem_root, proc_table->field[11]);
if (!full_access)
full_access= !strcmp(sp_user, definer);
if (!full_access)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (check_some_routine_access(thd, (char * )sp_db, (char * )sp_name))
return;
#endif
}
if (!full_access && check_some_routine_access(thd, sp_db, sp_name))
return;
if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC &&
proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE ||
......@@ -2499,36 +2494,30 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0))
{
table->field[3]->store(sp_name, strlen(sp_name), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[3], &tmp_string);
table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[2]->store(sp_db, strlen(sp_db), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[2], &tmp_string);
table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION)
{
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[9], &tmp_string);
table->field[5]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[5]->set_notnull();
}
if (full_access)
{
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[10], &tmp_string);
table->field[7]->store(tmp_string.ptr(), tmp_string.length(), cs);
}
table->field[6]->store("SQL", 3, cs);
table->field[10]->store("SQL", 3, cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[6], &tmp_string);
table->field[11]->store(tmp_string.ptr(), tmp_string.length(), cs);
if (proc_table->field[5]->val_int() == SP_CONTAINS_SQL)
{
table->field[12]->store("CONTAINS SQL", 12 , cs);
}
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[7], &tmp_string);
table->field[14]->store(tmp_string.ptr(), tmp_string.length(), cs);
bzero((char *)&time, sizeof(time));
......@@ -2537,10 +2526,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
bzero((char *)&time, sizeof(time));
((Field_timestamp *) proc_table->field[13])->get_time(&time);
table->field[16]->store_time(&time, MYSQL_TIMESTAMP_DATETIME);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[14], &tmp_string);
table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs);
tmp_string.length(0);
get_field(thd->mem_root, proc_table->field[15], &tmp_string);
table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs);
table->field[19]->store(definer, strlen(definer), cs);
......
......@@ -110,15 +110,15 @@ static char *init_syms(udf_func *tmp, char *nm)
*/
if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE)
{
if (opt_allow_suspicious_udfs)
sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), nm);
else
if (!opt_allow_suspicious_udfs)
return nm;
if (current_thd->variables.log_warnings)
sql_print_warning(ER(ER_CANT_FIND_DL_ENTRY), nm);
}
return 0;
}
extern "C" byte* get_hash_key(const byte *buff,uint *length,
my_bool not_used __attribute__((unused)))
{
......@@ -127,9 +127,10 @@ extern "C" byte* get_hash_key(const byte *buff,uint *length,
return (byte*) udf->name.str;
}
/*
** Read all predeclared functions from mysql.func and accept all that
** can be used.
Read all predeclared functions from mysql.func and accept all that
can be used.
*/
void udf_init()
......
......@@ -1390,8 +1390,12 @@ bool get_field(MEM_ROOT *mem, Field *field, String *res)
field->val_str(&str);
if (!(length= str.length()))
{
res->length(0);
return 1;
to= strmake_root(mem, str.ptr(), length);
}
if (!(to= strmake_root(mem, str.ptr(), length)))
length= 0; // Safety fix
res->set(to, length, ((Field_str*)field)->charset());
return 0;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment