Code cleanups during review of pushed code

sql/mysql_priv.h: Added 'const' to some arguments sql/sp_head.cc: Added comments code cleanup acceess -> access sql/sql_acl.cc: Simply code by making check_routine_level_acl() available also in embedded server sql/sql_acl.h: Added 'const' to some arguments sql/sql_parse.cc: Added 'const' to some arguments Fixed the check_rounte_level_acl() is always called (old code didn't properly check access privilges if grant_option was not set) sql/sql_show.cc: Simplify usage of get_field() Now we can always call check_some_routine_access() sql/sql_udf.cc: Don't give warnings for suspicios UDF's if --log-warnings isn't given sql/table.cc: Simplify usage of get_field()

Code cleanups during review of pushed code
sql/mysql_priv.h: Added 'const' to some arguments sql/sp_head.cc: Added comments code cleanup acceess -> access sql/sql_acl.cc: Simply code by making check_routine_level_acl() available also in embedded server sql/sql_acl.h: Added 'const' to some arguments sql/sql_parse.cc: Added 'const' to some arguments Fixed the check_rounte_level_acl() is always called (old code didn't properly check access privilges if grant_option was not set) sql/sql_show.cc: Simplify usage of get_field() Now we can always call check_some_routine_access() sql/sql_udf.cc: Don't give warnings for suspicios UDF's if --log-warnings isn't given sql/table.cc: Simplify usage of get_field()
56af0e38 · unknown · 31e2b4ea · 56af0e38 · 56af0e38 · 56af0e38
Commit 56af0e38 authored Mar 15, 2005 by unknown
8 changed files
--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@@ -453,7 +453,7 @@ bool check_procedure_access(THD *thd,ulong want_access,char *db,char *name,
 bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
 bool check_merge_table_access(THD *thd, char *db,
 			      TABLE_LIST *table_list);
-bool check_some_routine_access(THD *thd, char *db, char *name);
+bool check_some_routine_access(THD *thd, const char *db, const char *name);
 bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
 bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count);
 bool mysql_multi_update_prepare(THD *thd);

--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -1015,23 +1015,31 @@ sp_head::restore_thd_mem_root(THD *thd)
 }
-bool check_show_routine_acceess(THD *thd, sp_head *sp, bool *full_access)
+/*
+  Check if a user has access right to a routine
+  SYNOPSIS
+    check_show_routine_access()
+    thd			Thread handler
+    sp			SP
+    full_access		Set to 1 if the user has SELECT right to the
+			'mysql.proc' able or is the owner of the routine
+  RETURN
+    0  ok
+    1  error
+*/
+bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
 {
  TABLE_LIST tables;
  bzero((char*) &tables,sizeof(tables));
  tables.db= (char*) "mysql";
  tables.table_name= tables.alias= (char*) "proc";
-  *full_access= !check_table_access(thd, SELECT_ACL, &tables, 1);
+  *full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1) ||
-  if (!(*full_access))
+                 (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
-    *full_access= (!strcmp(sp->m_definer_user.str, thd->priv_user) &&
+                  !strcmp(sp->m_definer_host.str, thd->priv_host)));
-                   !strcmp(sp->m_definer_host.str, thd->priv_host));
+  if (!*full_access)
-  if (!(*full_access))
+    return check_some_routine_access(thd, sp->m_db.str, sp->m_name.str);
-  {
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
-    return check_some_routine_access(thd, (char * )sp->m_db.str,
-                                     (char * ) sp->m_name.str);
-#endif
-  }
  return 0;
 }
@@ -1055,7 +1063,7 @@ sp_head::show_create_procedure(THD *thd)
  LINT_INIT(sql_mode_str);
  LINT_INIT(sql_mode_len);
-  if (check_show_routine_acceess(thd, this, &full_access))
+  if (check_show_routine_access(thd, this, &full_access))
    return 1;
  old_sql_mode= thd->variables.sql_mode;
@@ -1128,7 +1136,7 @@ sp_head::show_create_function(THD *thd)
  LINT_INIT(sql_mode_str);
  LINT_INIT(sql_mode_len);
-  if (check_show_routine_acceess(thd, this, &full_access))
+  if (check_show_routine_access(thd, this, &full_access))
    return 1;
  old_sql_mode= thd->variables.sql_mode;

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -2125,7 +2125,7 @@ static GRANT_NAME *name_hash_search(HASH *name_hash,
 inline GRANT_NAME *
 proc_hash_search(const char *host, const char *ip, const char *db,
-		  const char *user, const char *tname, bool exact)
+                 const char *user, const char *tname, bool exact)
 {
  return (GRANT_TABLE*) name_hash_search(&proc_priv_hash, host, ip, db,
 					 user, tname, exact);
@@ -3594,11 +3594,11 @@ bool check_grant_procedure(THD *thd, ulong want_access,
   name         Routine name
  RETURN
-   1            error
   0            Ok 
+   1            error
 */
-bool check_routine_level_acl(THD *thd, char *db, char *name)
+bool check_routine_level_acl(THD *thd, const char *db, const char *name)
 {
  bool no_routine_acl= 1;
  if (grant_option)
@@ -5570,4 +5570,16 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
    grant->privilege|= grant->grant_table->privs;
  }
 }
+#else /* NO_EMBEDDED_ACCESS_CHECKS */
+/****************************************************************************
+ Dummy wrappers when we don't have any access checks
+****************************************************************************/
+bool check_routine_level_acl(THD *thd, const char *db, const char *name)
+{
+  return FALSE;
+}
 #endif
--- a/sql/sql_acl.h
+++ b/sql/sql_acl.h
@@ -219,7 +219,7 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
                                     const char *db, const char *table);
 bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name);
 bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name);
-bool check_routine_level_acl(THD *thd, char *db, char *name);
+bool check_routine_level_acl(THD *thd, const char *db, const char *name);
 #ifdef NO_EMBEDDED_ACCESS_CHECKS
 #define check_grant(A,B,C,D,E,F) 0

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -4760,7 +4760,7 @@ check_procedure_access(THD *thd, ulong want_access,char *db, char *name,
    1            error
 */
-bool check_some_routine_access(THD *thd, char *db, char *name)
+bool check_some_routine_access(THD *thd, const char *db, const char *name)
 {
  ulong save_priv;
  if (thd->master_access & SHOW_PROC_ACLS)
@@ -4768,12 +4768,7 @@ bool check_some_routine_access(THD *thd, char *db, char *name)
  if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) ||
      (save_priv & SHOW_PROC_ACLS))
    return FALSE;
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
+  return check_routine_level_acl(thd, db, name);
-  if (grant_option)
-    return check_routine_level_acl(thd, db, name);
-#endif
-  return FALSE;
 }

--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -2481,13 +2481,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
  definer= get_field(thd->mem_root, proc_table->field[11]);
  if (!full_access)
    full_access= !strcmp(sp_user, definer);
-  if (!full_access)
+  if (!full_access && check_some_routine_access(thd, sp_db, sp_name))
-  {
+    return;
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
-    if (check_some_routine_access(thd, (char * )sp_db, (char * )sp_name))
-      return;
-#endif
-  }
  if (lex->orig_sql_command == SQLCOM_SHOW_STATUS_PROC &&
      proc_table->field[2]->val_int() == TYPE_ENUM_PROCEDURE ||
@@ -2499,36 +2494,30 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
    if (!wild || !wild[0] || !wild_compare(sp_name, wild, 0))
    {
      table->field[3]->store(sp_name, strlen(sp_name), cs);
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[3], &tmp_string);
      table->field[0]->store(tmp_string.ptr(), tmp_string.length(), cs);
      table->field[2]->store(sp_db, strlen(sp_db), cs);
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[2], &tmp_string);
      table->field[4]->store(tmp_string.ptr(), tmp_string.length(), cs);
      if (proc_table->field[2]->val_int() == TYPE_ENUM_FUNCTION)
      {
-        tmp_string.length(0);
        get_field(thd->mem_root, proc_table->field[9], &tmp_string);
        table->field[5]->store(tmp_string.ptr(), tmp_string.length(), cs);
        table->field[5]->set_notnull();
      }
      if (full_access)
      {
-        tmp_string.length(0);
        get_field(thd->mem_root, proc_table->field[10], &tmp_string);
        table->field[7]->store(tmp_string.ptr(), tmp_string.length(), cs);
      }
      table->field[6]->store("SQL", 3, cs);
      table->field[10]->store("SQL", 3, cs);
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[6], &tmp_string);
      table->field[11]->store(tmp_string.ptr(), tmp_string.length(), cs);
      if (proc_table->field[5]->val_int() == SP_CONTAINS_SQL)
      {
        table->field[12]->store("CONTAINS SQL", 12 , cs);
      }
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[7], &tmp_string);
      table->field[14]->store(tmp_string.ptr(), tmp_string.length(), cs);
      bzero((char *)&time, sizeof(time));
@@ -2537,10 +2526,8 @@ void store_schema_proc(THD *thd, TABLE *table, TABLE *proc_table,
      bzero((char *)&time, sizeof(time));
      ((Field_timestamp *) proc_table->field[13])->get_time(&time);
      table->field[16]->store_time(&time, MYSQL_TIMESTAMP_DATETIME);
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[14], &tmp_string);
      table->field[17]->store(tmp_string.ptr(), tmp_string.length(), cs);
-      tmp_string.length(0);
      get_field(thd->mem_root, proc_table->field[15], &tmp_string);
      table->field[18]->store(tmp_string.ptr(), tmp_string.length(), cs);
      table->field[19]->store(definer, strlen(definer), cs);

--- a/sql/sql_udf.cc
+++ b/sql/sql_udf.cc
@@ -110,15 +110,15 @@ static char *init_syms(udf_func *tmp, char *nm)
  */
  if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE)
  {
-    if (opt_allow_suspicious_udfs)
+    if (!opt_allow_suspicious_udfs)
-      sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), nm);
-    else
      return nm;
+    if (current_thd->variables.log_warnings)
+      sql_print_warning(ER(ER_CANT_FIND_DL_ENTRY), nm);
  }
  return 0;
 }
 extern "C" byte* get_hash_key(const byte *buff,uint *length,
 			      my_bool not_used __attribute__((unused)))
 {
@@ -127,9 +127,10 @@ extern "C" byte* get_hash_key(const byte *buff,uint *length,
  return (byte*) udf->name.str;
 }
 /*
-** Read all predeclared functions from mysql.func and accept all that
+  Read all predeclared functions from mysql.func and accept all that
-** can be used.
+  can be used.
 */
 void udf_init()

--- a/sql/table.cc
+++ b/sql/table.cc
@@ -1390,8 +1390,12 @@ bool get_field(MEM_ROOT *mem, Field *field, String *res)
  field->val_str(&str);
  if (!(length= str.length()))
+  {
+    res->length(0);
    return 1;
-  to= strmake_root(mem, str.ptr(), length);
+  }
+  if (!(to= strmake_root(mem, str.ptr(), length)))
+    length= 0;                                  // Safety fix
  res->set(to, length, ((Field_str*)field)->charset());
  return 0;
 }