Skip to content

M
MariaDB
Commit 5c8a1249 authored by Kentoku SHIBA's avatar Kentoku SHIBA
Browse files
Options

MDEV-20827 Wrong param parsing in spider_direct_sql() when param contain comma

parent 010fd61a
Hide whitespace changes
Inline Side-by-side
Showing with 213 additions and 33 deletions
storage/spider/mysql-test/spider/bugfix/include/direct_sql_with_comma_pwd_deinit.inc 0 → 100644
View file @ 5c8a1249
--connection child2_1
DROP USER tu@'%';
--disable_warnings
--disable_query_log
--disable_result_log
--source ../t/test_deinit.inc
--enable_result_log
--enable_query_log
--enable_warnings
storage/spider/mysql-test/spider/bugfix/include/direct_sql_with_comma_pwd_init.inc 0 → 100644
View file @ 5c8a1249
--disable_warnings
--disable_query_log
--disable_result_log
--source ../t/test_init.inc
--enable_result_log
--enable_query_log
--enable_warnings
let $DIRECT_SQL_COMMAND=
SELECT spider_direct_sql('SELECT 22', 'tmp_a', 'srv "s_2_1", database "test", password "pass,1234", user "tu"');
--connection child2_1
GRANT ALL ON *.* TO tu@'%' IDENTIFIED BY 'pass,1234';
storage/spider/mysql-test/spider/bugfix/r/direct_sql_with_comma_pwd.result 0 → 100644
View file @ 5c8a1249
for master_1
for child2
child2_1
child2_2
child2_3
for child3
connection child2_1;
GRANT ALL ON *.* TO tu@'%' IDENTIFIED BY 'pass,1234';
drop and create databases
connection master_1;
CREATE DATABASE auto_test_local;
USE auto_test_local;
CREATE TEMPORARY TABLE tmp_a (
pkey int NOT NULL,
PRIMARY KEY (pkey)
) MASTER_1_ENGINE2
SELECT spider_direct_sql('SELECT 22', 'tmp_a', 'srv "s_2_1", database "test", password "pass,1234", user "tu"');
spider_direct_sql('SELECT 22', 'tmp_a', 'srv "s_2_1", database "test", password "pass,1234", user "tu"')
1
SELECT pkey FROM tmp_a;
pkey
22
deinit
connection master_1;
DROP DATABASE IF EXISTS auto_test_local;
connection child2_1;
DROP USER tu@'%';
for master_1
for child2
child2_1
child2_2
child2_3
for child3
end of test
storage/spider/mysql-test/spider/bugfix/t/direct_sql_with_comma_pwd.cnf 0 → 100644
View file @ 5c8a1249
!include include/default_mysqld.cnf
!include ../my_1_1.cnf
!include ../my_2_1.cnf
storage/spider/mysql-test/spider/bugfix/t/direct_sql_with_comma_pwd.test 0 → 100644
View file @ 5c8a1249
--source ../include/direct_sql_with_comma_pwd_init.inc
--echo
--echo drop and create databases
--connection master_1
--disable_warnings
CREATE DATABASE auto_test_local;
USE auto_test_local;
--enable_warnings
--disable_query_log
echo CREATE TEMPORARY TABLE tmp_a (
pkey int NOT NULL,
PRIMARY KEY (pkey)
) MASTER_1_ENGINE2;
eval CREATE TEMPORARY TABLE tmp_a (
pkey int NOT NULL,
PRIMARY KEY (pkey)
) $MASTER_1_ENGINE2;
--enable_query_log
eval $DIRECT_SQL_COMMAND;
SELECT pkey FROM tmp_a;
--echo
--echo deinit
--disable_warnings
--connection master_1
DROP DATABASE IF EXISTS auto_test_local;
--enable_warnings
--source ../include/direct_sql_with_comma_pwd_deinit.inc
--echo
--echo end of test
storage/spider/spd_copy_tables.cc
View file @ 5c8a1249
......@@ -216,7 +216,7 @@ int spider_udf_parse_copy_tables_param(
) {
int error_num = 0;
char *param_string = NULL;
char *sprit_ptr[2];
char *sprit_ptr;
char *tmp_ptr, *tmp_ptr2, *start_ptr;
int title_length;
SPIDER_PARAM_STRING_PARSE param_string_parse;
......@@ -243,23 +243,17 @@ int spider_udf_parse_copy_tables_param(
}
DBUG_PRINT("info",("spider param_string=%s", param_string));
sprit_ptr[0] = param_string;
sprit_ptr = param_string;
param_string_parse.init(param_string, ER_SPIDER_INVALID_UDF_PARAM_NUM);
while (sprit_ptr[0])
while (sprit_ptr)
{
if ((sprit_ptr[1] = strchr(sprit_ptr[0], ',')))
{
*sprit_ptr[1] = '\0';
sprit_ptr[1]++;
}
tmp_ptr = sprit_ptr[0];
sprit_ptr[0] = sprit_ptr[1];
tmp_ptr = sprit_ptr;
while (*tmp_ptr == ' ' || *tmp_ptr == '\r' ||
*tmp_ptr == '\n' || *tmp_ptr == '\t')
tmp_ptr++;
if (*tmp_ptr == '\0')
continue;
break;
title_length = 0;
start_ptr = tmp_ptr;
......@@ -272,6 +266,11 @@ int spider_udf_parse_copy_tables_param(
start_ptr++;
}
param_string_parse.set_param_title(tmp_ptr, tmp_ptr + title_length);
if ((error_num = param_string_parse.get_next_parameter_head(
start_ptr, &sprit_ptr)))
{
goto error;
}
switch (title_length)
{
......
storage/spider/spd_direct_sql.cc
View file @ 5c8a1249
......@@ -1115,7 +1115,7 @@ int spider_udf_parse_direct_sql_param(
) {
int error_num = 0, roop_count;
char *param_string = NULL;
char *sprit_ptr[2];
char *sprit_ptr;
char *tmp_ptr, *tmp_ptr2, *start_ptr;
int title_length;
SPIDER_PARAM_STRING_PARSE param_string_parse;
......@@ -1154,23 +1154,17 @@ int spider_udf_parse_direct_sql_param(
}
DBUG_PRINT("info",("spider param_string=%s", param_string));
sprit_ptr[0] = param_string;
sprit_ptr = param_string;
param_string_parse.init(param_string, ER_SPIDER_INVALID_UDF_PARAM_NUM);
while (sprit_ptr[0])
while (sprit_ptr)
{
if ((sprit_ptr[1] = strchr(sprit_ptr[0], ',')))
{
*sprit_ptr[1] = '\0';
sprit_ptr[1]++;
}
tmp_ptr = sprit_ptr[0];
sprit_ptr[0] = sprit_ptr[1];
tmp_ptr = sprit_ptr;
while (*tmp_ptr == ' ' || *tmp_ptr == '\r' ||
*tmp_ptr == '\n' || *tmp_ptr == '\t')
tmp_ptr++;
if (*tmp_ptr == '\0')
continue;
break;
title_length = 0;
start_ptr = tmp_ptr;
......@@ -1183,6 +1177,11 @@ int spider_udf_parse_direct_sql_param(
start_ptr++;
}
param_string_parse.set_param_title(tmp_ptr, tmp_ptr + title_length);
if ((error_num = param_string_parse.get_next_parameter_head(
start_ptr, &sprit_ptr)))
{
goto error;
}
switch (title_length)
{
......
storage/spider/spd_table.cc
View file @ 5c8a1249
......@@ -1978,7 +1978,7 @@ int spider_parse_connect_info(
) {
int error_num = 0;
char *connect_string = NULL;
char *sprit_ptr[2];
char *sprit_ptr;
char *tmp_ptr, *tmp_ptr2, *start_ptr;
int roop_count;
int title_length;
......@@ -2171,23 +2171,17 @@ int spider_parse_connect_info(
break;
}
sprit_ptr[0] = connect_string;
sprit_ptr = connect_string;
connect_string_parse.init(connect_string, ER_SPIDER_INVALID_CONNECT_INFO_NUM);
while (sprit_ptr[0])
while (sprit_ptr)
{
if ((sprit_ptr[1] = strchr(sprit_ptr[0], ',')))
{
*sprit_ptr[1] = '\0';
sprit_ptr[1]++;
}
tmp_ptr = sprit_ptr[0];
sprit_ptr[0] = sprit_ptr[1];
tmp_ptr = sprit_ptr;
while (*tmp_ptr == ' ' || *tmp_ptr == '\r' ||
*tmp_ptr == '\n' || *tmp_ptr == '\t')
tmp_ptr++;
if (*tmp_ptr == '\0')
continue;
break;
title_length = 0;
start_ptr = tmp_ptr;
......@@ -2200,6 +2194,11 @@ int spider_parse_connect_info(
start_ptr++;
}
connect_string_parse.set_param_title(tmp_ptr, tmp_ptr + title_length);
if ((error_num = connect_string_parse.get_next_parameter_head(
start_ptr, &sprit_ptr)))
{
goto error;
}
switch (title_length)
{
......
storage/spider/spd_table.h
View file @ 5c8a1249
......@@ -180,6 +180,94 @@ typedef struct st_spider_param_string_parse
DBUG_RETURN(error_num);
}
inline int get_next_parameter_head(char *st, char **nx)
{
DBUG_ENTER("get_next_parameter_head");
char *sq = strchr(st, '\'');
char *dq = strchr(st, '"');
if (!sq && !dq)
{
DBUG_RETURN(print_param_error());
}
else if (!sq || sq > dq)
{
while (1)
{
++dq;
if (*dq == '\\')
{
++dq;
}
else if (*dq == '"')
{
break;
}
else if (*dq == '\0')
{
DBUG_RETURN(print_param_error());
}
}
while (1)
{
++dq;
if (*dq == '\0')
{
*nx = dq;
break;
}
else if (*dq == ',')
{
*dq = '\0';
*nx = dq + 1;
break;
}
else if (*dq != ' ' && *dq != '\r' && *dq != '\n' && *dq != '\t')
{
DBUG_RETURN(print_param_error());
}
}
}
else
{
while (1)
{
++sq;
if (*sq == '\\')
{
++sq;
}
else if (*sq == '\'')
{
break;
}
else if (*sq == '\0')
{
DBUG_RETURN(print_param_error());
}
}
while (1)
{
++sq;
if (*sq == '\0')
{
*nx = sq;
break;
}
else if (*sq == ',')
{
*sq = '\0';
*nx = sq + 1;
break;
}
else if (*sq != ' ' && *sq != '\r' && *sq != '\n' && *sq != '\t')
{
DBUG_RETURN(print_param_error());
}
}
}
DBUG_RETURN(0);
}
/**
Restore the current parameter's input delimiter characters in the
parameter string. They were NULLed during parameter parsing.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7