Merge sanja.is.com.ua:/home/bell/mysql/bk/mysql-5.0

into sanja.is.com.ua:/home/bell/mysql/bk/work-bug6-5.0 BitKeeper/etc/config: Auto merged sql/item.cc: Auto merged sql/item.h: Auto merged sql/item_strfunc.cc: Auto merged sql/item_strfunc.h: Auto merged sql/sql_yacc.yy: Auto merged mysql-test/r/sp-security.result: merge mysql-test/r/view.result: merge mysql-test/t/sp-security.test: merge mysql-test/t/view.test: merge sql/item_cmpfunc.cc: merge sql/sql_class.h: merge

Merge sanja.is.com.ua:/home/bell/mysql/bk/mysql-5.0
into sanja.is.com.ua:/home/bell/mysql/bk/work-bug6-5.0 BitKeeper/etc/config: Auto merged sql/item.cc: Auto merged sql/item.h: Auto merged sql/item_strfunc.cc: Auto merged sql/item_strfunc.h: Auto merged sql/sql_yacc.yy: Auto merged mysql-test/r/sp-security.result: merge mysql-test/r/view.result: merge mysql-test/t/sp-security.test: merge mysql-test/t/view.test: merge sql/item_cmpfunc.cc: merge sql/sql_class.h: merge
213c0540 · unknown · d49ddbd7 · e84229b0 · 213c0540 · 213c0540
Commit 213c0540 authored Jul 16, 2005 by unknown
12 changed files
--- a/mysql-test/r/sp-security.result
+++ b/mysql-test/r/sp-security.result
@@ -212,3 +212,27 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
 drop function bug_9503;
 use test;
 drop database mysqltest;
+use test;
+select current_user();
+current_user()
+root@localhost
+select user();
+user()
+root@localhost
+create procedure bug7291_0 () sql security invoker select current_user(), user();
+create procedure bug7291_1 () sql security definer call bug7291_0();
+create procedure bug7291_2 () sql security invoker call bug7291_0();
+grant execute on procedure bug7291_0 to user1@localhost;
+grant execute on procedure bug7291_1 to user1@localhost;
+grant execute on procedure bug7291_2 to user1@localhost;
+call bug7291_2();
+current_user()	user()
+user1@localhost	user1@localhost
+call bug7291_1();
+current_user()	user()
+root@localhost	user1@localhost
+drop procedure bug7291_1;
+drop procedure bug7291_2;
+drop procedure bug7291_0;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
+drop user user1@localhost;
--- a/mysql-test/r/view.result
+++ b/mysql-test/r/view.result
@@ -1831,6 +1831,31 @@ select * from v1;
 t
 01:00
 drop view v1;
+create table t1 (a timestamp default now());
+create table t2 (b timestamp default now());
+create view v1 as select a,b,t1.a < now() from t1,t2 where t1.a < now();
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED VIEW `test`.`v1` AS select sql_no_cache `test`.`t1`.`a` AS `a`,`test`.`t2`.`b` AS `b`,(`test`.`t1`.`a` < now()) AS `t1.a < now()` from `test`.`t1` join `test`.`t2` where (`test`.`t1`.`a` < now())
+drop view v1;
+drop table t1, t2;
+CREATE TABLE t1 ( a varchar(50) );
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = CURRENT_USER();
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED VIEW `test`.`v1` AS select sql_no_cache `test`.`t1`.`a` AS `a` from `test`.`t1` where (`test`.`t1`.`a` = current_user())
+DROP VIEW v1;
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = VERSION();
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED VIEW `test`.`v1` AS select `test`.`t1`.`a` AS `a` from `test`.`t1` where (`test`.`t1`.`a` = version())
+DROP VIEW v1;
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = DATABASE();
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED VIEW `test`.`v1` AS select sql_no_cache `test`.`t1`.`a` AS `a` from `test`.`t1` where (`test`.`t1`.`a` = database())
+DROP VIEW v1;
+DROP TABLE t1;
 CREATE TABLE t1 (col1 time);
 CREATE TABLE t2 (col1 time);
 CREATE VIEW v1 AS SELECT CONVERT_TZ(col1,'GMT','MET') FROM t1;

--- a/mysql-test/t/sp-security.test
+++ b/mysql-test/t/sp-security.test
@@ -341,3 +341,33 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
 drop function bug_9503;
 use test;
 drop database mysqltest;
+
+#
+# correct value from current_user() in function run from "security definer"
+# (BUG#7291)
+#
+connection con1root;
+use test;
+
+select current_user();
+select user();
+create procedure bug7291_0 () sql security invoker select current_user(), user();
+create procedure bug7291_1 () sql security definer call bug7291_0();
+create procedure bug7291_2 () sql security invoker call bug7291_0();
+grant execute on procedure bug7291_0 to user1@localhost;
+grant execute on procedure bug7291_1 to user1@localhost;
+grant execute on procedure bug7291_2 to user1@localhost;
+
+connect (user1,localhost,user1,,);
+connection user1;
+
+call bug7291_2();
+call bug7291_1();
+
+connection con1root;
+drop procedure bug7291_1;
+drop procedure bug7291_2;
+drop procedure bug7291_0;
+disconnect user1;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
+drop user user1@localhost;
--- a/mysql-test/t/view.test
+++ b/mysql-test/t/view.test
@@ -1673,6 +1673,27 @@ create view v1 as SELECT TIME_FORMAT(SEC_TO_TIME(3600),'%H:%i') as t;
 select * from v1;
 drop view v1;

+#
+# evaluation constant functions in WHERE (BUG#4663)
+#
+create table t1 (a timestamp default now());
+create table t2 (b timestamp default now());
+create view v1 as select a,b,t1.a < now() from t1,t2 where t1.a < now();
+SHOW CREATE VIEW v1;
+drop view v1;
+drop table t1, t2;
+CREATE TABLE t1 ( a varchar(50) );
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = CURRENT_USER();
+SHOW CREATE VIEW v1;
+DROP VIEW v1;
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = VERSION();
+SHOW CREATE VIEW v1;
+DROP VIEW v1;
+CREATE VIEW v1 AS SELECT * FROM t1 WHERE a = DATABASE();
+SHOW CREATE VIEW v1;
+DROP VIEW v1;
+DROP TABLE t1;
+
 #
 # checking views after some view with error (BUG#11337)
 #

--- a/sql/item.cc
+++ b/sql/item.cc
@@ -663,6 +663,33 @@ Item *Item_string::safe_charset_converter(CHARSET_INFO *tocs)
 }


+Item *Item_static_string_func::safe_charset_converter(CHARSET_INFO *tocs)
+{
+  Item_string *conv;
+  uint conv_errors;
+  String tmp, cstr, *ostr= val_str(&tmp);
+  cstr.copy(ostr->ptr(), ostr->length(), ostr->charset(), tocs, &conv_errors);
+  if (conv_errors ||
+      !(conv= new Item_static_string_func(func_name,
+                                          cstr.ptr(), cstr.length(),
+                                          cstr.charset(),
+                                          collation.derivation)))
+  {
+    /*
+      Safe conversion is not possible (or EOM).
+      We could not convert a string into the requested character set
+      without data loss. The target charset does not cover all the
+      characters from the string. Operation cannot be done correctly.
+    */
+    return NULL;
+  }
+  conv->str_value.copy();
+  /* Ensure that no one is going to change the result string */
+  conv->str_value.mark_as_const();
+  return conv;
+}
+
+
 bool Item_string::eq(const Item *item, bool binary_cmp) const
 {
  if (type() == item->type() && item->basic_const_item())

--- a/sql/item.h
+++ b/sql/item.h
@@ -1314,6 +1314,7 @@ public:
                          Derivation dv= DERIVATION_COERCIBLE)
    :Item_string(NullS, str, length, cs, dv), func_name(name_par)
  {}
+  Item *safe_charset_converter(CHARSET_INFO *tocs);
  void print(String *str) { str->append(func_name); }
 };


--- a/sql/item_cmpfunc.cc
+++ b/sql/item_cmpfunc.cc
@@ -237,32 +237,35 @@ void Item_bool_func2::fix_length_and_dec()
    set_cmp_func();
    return;
  }
-    
-  Item *real_item= args[0]->real_item();
-  if (real_item->type() == FIELD_ITEM)
+
+  if (!thd->is_context_analysis_only())
  {
-    Field *field= ((Item_field*) real_item)->field;
-    if (field->can_be_compared_as_longlong())
+    Item *real_item= args[0]->real_item();
+    if (real_item->type() == FIELD_ITEM)
    {
-      if (convert_constant_item(thd, field,&args[1]))
+      Field *field=((Item_field*) real_item)->field;
+      if (field->can_be_compared_as_longlong())
      {
-	cmp.set_cmp_func(this, tmp_arg, tmp_arg+1,
-			 INT_RESULT);		// Works for all types.
-	return;
+        if (convert_constant_item(thd, field,&args[1]))
+        {
+          cmp.set_cmp_func(this, tmp_arg, tmp_arg+1,
+                           INT_RESULT);		// Works for all types.
+          return;
+        }
      }
    }
-  }
-  real_item= args[1]->real_item();
-  if (real_item->type() == FIELD_ITEM)
-  {
-    Field *field= ((Item_field*) real_item)->field;
-    if (field->can_be_compared_as_longlong())
+    real_item= args[1]->real_item();
+    if (real_item->type() == FIELD_ITEM /* && !real_item->const_item() */)
    {
-      if (convert_constant_item(thd, field,&args[0]))
+      Field *field=((Item_field*) real_item)->field;
+      if (field->can_be_compared_as_longlong())
      {
-	cmp.set_cmp_func(this, tmp_arg, tmp_arg+1,
-			 INT_RESULT); // Works for all types.
-	return;
+        if (convert_constant_item(thd, field,&args[0]))
+        {
+          cmp.set_cmp_func(this, tmp_arg, tmp_arg+1,
+                           INT_RESULT); // Works for all types.
+          return;
+        }
      }
    }
  }
@@ -990,7 +993,8 @@ void Item_func_between::fix_length_and_dec()
  if (args[0]->type() == FIELD_ITEM)
  {
    Field *field=((Item_field*) args[0])->field;
-    if (field->can_be_compared_as_longlong())
+    if (!thd->is_context_analysis_only() &&
+        field->can_be_compared_as_longlong())
    {
      /*
        The following can't be recoded with || as convert_constant_item

--- a/sql/item_create.cc
+++ b/sql/item_create.cc
@@ -299,16 +299,8 @@ Item *create_func_pow(Item* a, Item *b)

 Item *create_func_current_user()
 {
-  THD *thd=current_thd;
-  char buff[HOSTNAME_LENGTH+USERNAME_LENGTH+2];
-  uint length;
-
-  thd->lex->safe_to_cache_query= 0;
-  length= (uint) (strxmov(buff, thd->priv_user, "@", thd->priv_host, NullS) -
-		  buff);
-  return new Item_static_string_func("current_user()",
-                                     thd->memdup(buff, length), length,
-                                     system_charset_info);
+  current_thd->lex->safe_to_cache_query= 0;
+  return new Item_func_user(TRUE);
 }

 Item *create_func_radians(Item *a)

--- a/sql/item_strfunc.cc
+++ b/sql/item_strfunc.cc
@@ -1552,9 +1552,11 @@ Item *Item_func_sysconst::safe_charset_converter(CHARSET_INFO *tocs)
  uint conv_errors;
  String tmp, cstr, *ostr= val_str(&tmp);
  cstr.copy(ostr->ptr(), ostr->length(), ostr->charset(), tocs, &conv_errors);
-  if (conv_errors || !(conv= new Item_string(cstr.ptr(), cstr.length(),
-                                             cstr.charset(),
-                                             collation.derivation)))
+  if (conv_errors ||
+      !(conv= new Item_static_string_func(fully_qualified_func_name(),
+                                          cstr.ptr(), cstr.length(),
+                                          cstr.charset(),
+                                          collation.derivation)))
  {
    return NULL;
  }
@@ -1584,13 +1586,24 @@ String *Item_func_user::val_str(String *str)
  DBUG_ASSERT(fixed == 1);
  THD          *thd=current_thd;
  CHARSET_INFO *cs= system_charset_info;
-  const char   *host= thd->host_or_ip;
+  const char   *host, *user;
  uint		res_length;

+  if (is_current)
+  {
+    user= thd->priv_user;
+    host= thd->priv_host;
+  }
+  else
+  {
+    user= thd->user;
+    host= thd->host_or_ip;
+  }
+
  // For system threads (e.g. replication SQL thread) user may be empty
-  if (!thd->user)
+  if (!user)
    return &my_empty_string;
-  res_length= (strlen(thd->user)+strlen(host)+2) * cs->mbmaxlen;
+  res_length= (strlen(user)+strlen(host)+2) * cs->mbmaxlen;

  if (str->alloc(res_length))
  {
@@ -1598,12 +1611,13 @@ String *Item_func_user::val_str(String *str)
    return 0;
  }
  res_length=cs->cset->snprintf(cs, (char*)str->ptr(), res_length, "%s@%s",
-			  thd->user, host);
+			        user, host);
  str->length(res_length);
  str->set_charset(cs);
  return str;
 }

+
 void Item_func_soundex::fix_length_and_dec()
 {
  collation.set(args[0]->collation);

--- a/sql/item_strfunc.h
+++ b/sql/item_strfunc.h
@@ -357,8 +357,15 @@ public:
  Item_func_sysconst()
  { collation.set(system_charset_info,DERIVATION_SYSCONST); }
  Item *safe_charset_converter(CHARSET_INFO *tocs);
+  /*
+    Used to create correct Item name in new converted item in
+    safe_charset_converter, return string representation of this function
+    call
+  */
+  virtual const char *fully_qualified_func_name() const = 0;
 };

+
 class Item_func_database :public Item_func_sysconst
 {
 public:
@@ -370,18 +377,27 @@ public:
    maybe_null=1;
  }
  const char *func_name() const { return "database"; }
+  const char *fully_qualified_func_name() const { return "database()"; }
 };

+
 class Item_func_user :public Item_func_sysconst
 {
+  bool is_current;
+
 public:
-  Item_func_user() :Item_func_sysconst() {}
+  Item_func_user(bool is_current_arg)
+    :Item_func_sysconst(), is_current(is_current_arg) {}
  String *val_str(String *);
-  void fix_length_and_dec() 
-  { 
-    max_length= (USERNAME_LENGTH+HOSTNAME_LENGTH+1)*system_charset_info->mbmaxlen;
+  void fix_length_and_dec()
+  {
+    max_length= ((USERNAME_LENGTH + HOSTNAME_LENGTH + 1) *
+                 system_charset_info->mbmaxlen);
  }
-  const char *func_name() const { return "user"; }
+  const char *func_name() const
+    { return is_current ? "current_user" : "user"; }
+  const char *fully_qualified_func_name() const
+    { return is_current ? "current_user()" : "user()"; }
 };



--- a/sql/sql_class.h
+++ b/sql/sql_class.h
@@ -1467,6 +1467,8 @@ public:
             (variables.sql_mode & MODE_STRICT_ALL_TABLES)));
  }
  void set_status_var_init();
+  bool is_context_analysis_only()
+    { return current_arena->is_stmt_prepare() || lex->view_prepare_mode; }
  bool push_open_tables_state();
  void pop_open_tables_state();
 };

--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -4806,7 +4806,7 @@ simple_expr:
 	| UNIX_TIMESTAMP '(' expr ')'
 	  { $$= new Item_func_unix_timestamp($3); }
 	| USER '(' ')'
-	  { $$= new Item_func_user(); Lex->safe_to_cache_query=0; }
+	  { $$= new Item_func_user(FALSE); Lex->safe_to_cache_query=0; }
 	| UTC_DATE_SYM optional_braces
 	  { $$= new Item_func_curdate_utc(); Lex->safe_to_cache_query=0;}
 	| UTC_TIME_SYM optional_braces