• malff/marcsql@weblab.(none)'s avatar
    Bug#25411 (trigger code truncated), PART II · a508260b
    malff/marcsql@weblab.(none) authored
    Bug 28127 (Some valid identifiers names are not parsed correctly)
    Bug 26302 (MySQL server cuts off trailing "*/" from comments in SP/func)
    
    This patch is the second part of a major cleanup, required to fix
    Bug 25411 (trigger code truncated).
    
    The root cause of the issue stems from the function skip_rear_comments,
    which was a work around to remove "extra" "*/" characters from the query
    text, when parsing a query and reusing the text fragments to represent a
    view, trigger, function or stored procedure.
    The reason for this work around is that "special comments",
    like /*!50002 XXX */, were not parsed properly, so that a query like:
      AAA /*!50002 BBB */ CCC
    would be seen by the parser as "AAA BBB */ CCC" when the current version
    is greater or equal to 5.0.2
    
    The root cause of this stems from how special comments are parsed.
    Special comments are really out-of-bound text that appear inside a query,
    that affects how the parser behave.
    In nature, /*!50002 XXX */ in MySQL is similar to the C concept
    of preprocessing :
      #if VERSION >= 50002
      XXX
      #endif
    
    Depending on the current VERSION of the server, either the special comment
    should be expanded or it should be ignored, but in all cases the "text" of
    the query should be re-written to strip the "/*!50002" and "*/" markers,
    which does not belong to the SQL language itself.
    
    Prior to this fix, these markers would leak into :
    - the storage format for VIEW,
    - the storage format for FUNCTION,
    - the storage format for FUNCTION parameters, in mysql.proc (param_list),
    - the storage format for PROCEDURE,
    - the storage format for PROCEDURE parameters, in mysql.proc (param_list),
    - the storage format for TRIGGER,
    - the binary log used for replication.
    
    In all cases, not only this cause format corruption, but also provide a vector
    for dormant security issues, by allowing to tunnel code that will be activated
    after an upgrade.
    
    The proper solution is to deal with special comments strictly during parsing,
    when accepting a query from the outside world.
    Once a query is parsed and an object is created with a persistant
    representation, this object should not arbitrarily mutate after an upgrade.
    In short, special comments are a useful but limited feature for MYSQLdump,
    when used at an *interface* level to facilitate import/export,
    but bloating the server *internal* storage format is *not* the proper way
    to deal with configuration management of the user logic.
    
    With this fix:
    - the Lex_input_stream class now acts as a comment pre-processor,
    and either expands or ignore special comments on the fly.
    - MYSQLlex and sql_yacc.yy have been cleaned up to strictly use the
    public interface of Lex_input_stream. In particular, how the input stream
    accepts or rejects a character is private to Lex_input_stream, and the
    internal buffer pointers of that class are strictly private, and should not
    be tempered with during parsing.
    
    This caused many changes mostly in sql_lex.cc.
    
    During the code cleanup in case MY_LEX_NUMBER_IDENT,
    Bug 28127 (Some valid identifiers names are not parsed correctly)
    was found and fixed.
    
    By parsing special comments properly, and removing the function
    'skip_rear_comments' [sic],
    Bug 26302 (MySQL server cuts off trailing "*/" from comments in SP/func)
    has been fixed as well.
    a508260b
sp_head.cc 94.3 KB