1. 24 Jul, 2006 1 commit
  2. 21 Jul, 2006 1 commit
  3. 20 Jul, 2006 1 commit
  4. 17 Jul, 2006 2 commits
  5. 13 Jul, 2006 2 commits
    • kroki/tomash@moonlight.intranet's avatar
      Merge moonlight.intranet:/home/tomash/src/mysql_ab/mysql-5.0 · a3ea06db
      kroki/tomash@moonlight.intranet authored
      into  moonlight.intranet:/home/tomash/src/mysql_ab/mysql-5.0-bug18630
      a3ea06db
    • kroki/tomash@moonlight.intranet's avatar
      Bug#18630: Arguments of suid routine calculated in wrong security · 4272d1ef
      kroki/tomash@moonlight.intranet authored
                 context.
      
      Routine arguments were evaluated in the security context of the routine
      itself, not in the caller's context.
      
      The bug is fixed the following way:
      
        - Item_func_sp::find_and_check_access() has been split into two
          functions: Item_func_sp::find_and_check_access() itself only
          finds the function and check that the caller have EXECUTE privilege
          on it.  New function set_routine_security_ctx() changes security
          context for SUID routines and checks that definer have EXECUTE
          privilege too.
      
        - new function sp_head::execute_trigger() is called from
          Table_triggers_list::process_triggers() instead of
          sp_head::execute_function(), and is effectively just as the
          sp_head::execute_function() is, with all non-trigger related code
          removed, and added trigger-specific security context switch.
      
        - call to Item_func_sp::find_and_check_access() stays outside
          of sp_head::execute_function(), and there is a code in
          sql_parse.cc before the call to sp_head::execute_procedure() that
          checks that the caller have EXECUTE privilege, but both
          sp_head::execute_function() and sp_head::execute_procedure() call
          set_routine_security_ctx() after evaluating their parameters,
          and restore the context after the body is executed.
      4272d1ef
  6. 12 Jul, 2006 3 commits
  7. 11 Jul, 2006 8 commits
  8. 10 Jul, 2006 21 commits
  9. 09 Jul, 2006 1 commit
    • aelkin/elkin@dsl-hkigw8-feb1fb00-100.dhcp.inet.fi's avatar
      BUG#20919 temp tables closing fails when binlog is off · fadbdf27
      closing temp tables through end_thread
      had a flaw in binlog-off branch of close_temporary_tables where
      next table to close was reset via table->next
       for (table= thd->temporary_tables; table; table= table->next)
      which was wrong since the current table instance got destoyed at
      	close_temporary(table, 1);
      
      The fix adapts binlog-on branch method to engage the loop's internal 'next' variable which holds table->next prior table's destoying.
      fadbdf27