1. 13 Jul, 2006 1 commit
    • unknown's avatar
      Bug#18630: Arguments of suid routine calculated in wrong security · 06bf59ad
      unknown authored
                 context.
      
      Routine arguments were evaluated in the security context of the routine
      itself, not in the caller's context.
      
      The bug is fixed the following way:
      
        - Item_func_sp::find_and_check_access() has been split into two
          functions: Item_func_sp::find_and_check_access() itself only
          finds the function and check that the caller have EXECUTE privilege
          on it.  New function set_routine_security_ctx() changes security
          context for SUID routines and checks that definer have EXECUTE
          privilege too.
      
        - new function sp_head::execute_trigger() is called from
          Table_triggers_list::process_triggers() instead of
          sp_head::execute_function(), and is effectively just as the
          sp_head::execute_function() is, with all non-trigger related code
          removed, and added trigger-specific security context switch.
      
        - call to Item_func_sp::find_and_check_access() stays outside
          of sp_head::execute_function(), and there is a code in
          sql_parse.cc before the call to sp_head::execute_procedure() that
          checks that the caller have EXECUTE privilege, but both
          sp_head::execute_function() and sp_head::execute_procedure() call
          set_routine_security_ctx() after evaluating their parameters,
          and restore the context after the body is executed.
      
      
      mysql-test/r/sp-security.result:
        Add test case for bug#18630: Arguments of suid routine calculated
        in wrong security context.
      mysql-test/t/sp-security.test:
        Add result for bug#18630: Arguments of suid routine calculated
        in wrong security context.
      sql/item_func.cc:
        Do not change security context before executing the function, as it
        will be changed after argument evaluation.
        Do not change security context in Item_func_sp::find_and_check_access().
      sql/item_func.h:
        Change prototype for Item_func_sp::find_and_check_access().
      sql/sp_head.cc:
        Add set_routine_security_ctx() function.
        Add sp_head::execute_trigger() method.
        Change security context in sp_head::execute_trigger(), and in
        sp_head::execute_function() and sp_head::execute_procedure()
        after argument evaluation.
        Move pop_all_cursors() call to sp_head::execute().
      sql/sp_head.h:
        Add declaration for sp_head::execute_trigger() and
        set_routine_security_ctx().
      sql/sql_parse.cc:
        Do not change security context before executing the procedure, as it
        will be changed after argument evaluation.
      sql/sql_trigger.cc:
        Call new sp_head::execute_trigger() instead of
        sp_head::execute_function(), which is responsible to switch
        security context.
      06bf59ad
  2. 30 Jun, 2006 1 commit
    • unknown's avatar
      Bug#17226: Variable set in cursor on first iteration is assigned · fc085d77
      unknown authored
                 second iterations value
      
      During assignment to the BLOB variable in routine body the value
      wasn't copied.
      
      
      mysql-test/r/sp-vars.result:
        Add result for bug#17226.
      mysql-test/t/sp-vars.test:
        Add test case for bug#17226.
      sql/field_conv.cc:
        Honor copy_blobs flag.
      fc085d77
  3. 29 Jun, 2006 19 commits
  4. 28 Jun, 2006 19 commits
    • unknown's avatar
      Merge mysql.com:/home/tomash/src/mysql_ab/mysql-5.0 · 48d1dc74
      unknown authored
      into  mysql.com:/home/tomash/src/mysql_ab/mysql-5.0-bug10946
      
      
      mysql-test/r/trigger.result:
        Auto merged
      mysql-test/t/trigger.test:
        Auto merged
      sql/sql_trigger.cc:
        Auto merged
      48d1dc74
    • unknown's avatar
      Bug#10946: Confusing error messeges in the case of duplicate trigger definition · 837c9719
      unknown authored
      It was hard to distinguish case, when one was unable to create trigger
      on the table because trigger with same action time and event already
      existed for this table, from the case, when one tried to create trigger
      with name which was already occupied by some other trigger, since in
      both these cases we emitted ER_TRG_ALREADY_EXISTS error and message.
      Now we emit ER_NOT_SUPPORTED_YET error with appropriate additional
      message in the first case. There is no sense in introducing separate
      error for this situation since we plan to get rid of this limitation
      eventually.
      
      
      mysql-test/r/trigger.result:
        Update result for new error message.
      mysql-test/t/trigger.test:
        Update test for new error code.
      sql/sql_trigger.cc:
        If there is already a trigger with the same activation time, report an
        "Unsupported yet" error.
      837c9719
    • unknown's avatar
      A fix for Bug#19022 "Memory bug when switching db during trigger execution". · 88843709
      unknown authored
      No test case as the bug is in an existing test case (rpl_trigger.test
      when it is run under valgrind).
      The warning was caused by memory corruption in replication slave: thd->db
      was pointing at a stack address that was previously used by 
      sp_head::execute()::old_db. This happened because mysql_change_db
      behaved differently in replication slave and did not make a copy of the 
      argument to assign to thd->db. 
      The solution is to always free the old value of thd->db and allocate a new
      copy, regardless whether we're running in a replication slave or not.
      
      
      sql/log_event.cc:
        Move rewrite_db to log_event.cc, the only place where it is used.
      sql/slave.cc:
        Move rewrite_db to log_event.cc
      sql/slave.h:
        Remove an unneeded declaration.
      sql/sql_class.h:
        Fix set_db to always free the old db, even if the argument is NULL.
        Add a comment.
      sql/sql_db.cc:
        Always make a deep copy of the argument in mysql_change_db, even 
        if running in a replication slave. This is necessary because 
        sp_use_new_db (stored procedures) assumes that mysql_change_db always makes
        a deep copy of the argument, and thus passes a pointer to stack into it.
        This assumption was true for all cases except the replication slave thread.
      88843709
    • unknown's avatar
      BUG #19773 · 9016a6be
      unknown authored
      Pushbuild fixes to result file, test, and header file for federated.
      
      
      mysql-test/r/federated.result:
        BUG #19773
        
        Pushbuild fixes - result file had hard-coded port
      mysql-test/t/federated.test:
        BUG #19773
        
        Pushbuild fixes Test was missing --replace_result
      sql/ha_federated.h:
        BUG #19773
        
        HPUX and Windows failed with variable named row and *row in method declaration
      9016a6be
    • unknown's avatar
      Merge bk-internal:/home/bk/mysql-5.0-runtime · d127fa3b
      unknown authored
      into  mysql.com:/home/jimw/my/mysql-5.0-18005
      
      
      sql/sql_trigger.cc:
        Auto merged
      d127fa3b
    • unknown's avatar
      Merge pgalbraith@bk-internal.mysql.com:/home/bk/mysql-5.0 · 7f9a6aa9
      unknown authored
      into  govinda.patg.net:/home/patg/mysql-build/mysql-5.0-engines-bug19773
      
      
      sql/ha_federated.cc:
        Auto merged
      7f9a6aa9
    • unknown's avatar
      Merge xiphis.org:/home/antony/work2/p4-bug12096.2 · 76d0badd
      unknown authored
      into  xiphis.org:/home/antony/work2/p4-bug12096.2-merge
      
      
      configure.in:
        Auto merged
      sql/mysqld.cc:
        Auto merged
      76d0badd
    • unknown's avatar
      Merge mysql.com:/users/lthalmann/bkroot/mysql-5.0-rpl · 11d38c1d
      unknown authored
      into  mysql.com:/users/lthalmann/bk/MERGE/mysql-5.0-merge
      
      
      sql/ha_ndbcluster.cc:
        Auto merged
      11d38c1d
    • unknown's avatar
      BUG#20739. · 48b09e2a
      unknown authored
      In the Windows build files, the "Max nt" configuration for some reason
      had the mysql_client_test project disabled. Enable it.
      
      
      VC++Files/mysql.sln:
        The "Max nt" configuration for some reason had the mysql_client_test
        project disabled. Enable it.
      48b09e2a
    • unknown's avatar
      Disabled test case for Windows (BUG#20753) · 1fdccc89
      unknown authored
      1fdccc89
    • unknown's avatar
      Merge mysql.com:/home/stewart/Documents/MySQL/5.0/ndb · 7e4ae350
      unknown authored
      into  mysql.com:/home/stewart/Documents/MySQL/5.0/merge
      
      
      ndb/src/mgmsrv/ConfigInfo.cpp:
        Auto merged
      sql/ha_ndbcluster.cc:
        Auto merged
      7e4ae350
    • unknown's avatar
      BUG#20739 · ffaacf0d
      unknown authored
      Improved definition of mysys configuration for -nt builds.
      
      
      VC++Files/mysql.sln:
        Use the name 'nt' instead of 'Release' for configuration.
      VC++Files/mysys/mysys.vcproj:
        Use the name 'nt' instead of 'Release' for configuration.
        Use separate output files for NT and non-NT configurations.
      ffaacf0d
    • unknown's avatar
      Merge mysql.com:/home/stewart/Documents/MySQL/4.1/merge · 3e8cba8b
      unknown authored
      into  mysql.com:/home/stewart/Documents/MySQL/5.0/merge
      
      
      ndb/src/mgmsrv/ConfigInfo.cpp:
        Auto merged
      3e8cba8b
    • unknown's avatar
      BUG#19894 Data nodes fail during loading data if NoOfFragmentLogFiles=1 · a0837ece
      unknown authored
      change default minimum to 3
      
      bug is *very* timing dependent, unable to reproduce here, but theoretically possible.
      
      
      ndb/src/mgmsrv/ConfigInfo.cpp:
        change minimum NoOfFragmentLogFiles to 3
      a0837ece
    • unknown's avatar
      Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-5.0 · 2f45384b
      unknown authored
      into  mysql.com:/home/tnurnberg/mysql-5.0
      
      
      2f45384b
    • unknown's avatar
      Merge mysql.com:/home/tnurnberg/work/mysql-5.0-maint-19857 · 03ce4312
      unknown authored
      into  mysql.com:/home/tnurnberg/mysql-5.0
      
      
      03ce4312
    • unknown's avatar
      Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w · 5312b349
      unknown authored
        
      sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP,
      did so creating a user-entry with not password; mysql_routine_grant() would then
      write that "change" to the user-table.
      
      
      mysql-test/r/sp-security.result:
        prove that creating a stored procedure will not destroy the creator's password
      mysql-test/t/sp-security.test:
        prove that creating a stored procedure will not destroy the creator's password
      sql/sql_acl.cc:
        get password from ACLs, convert to correct format, and use it when
        forcing GRANTS for SPs
      5312b349
    • unknown's avatar
      BUG#20739: __NT__ not probably defined for mysys project. · f659c1b7
      unknown authored
      Make sure for the mysys project that __NT__ is defined in *nt solution
      configurations (but not in other configurations).
      
      
      VC++Files/mysql.sln:
        Define __NT__ in mysys for *nt configurations.
      VC++Files/mysys/mysys.vcproj:
        Add configurations with __NT__ defined.
      mysql-test/mysql-test-run.pl:
        Also allow testing a "Max nt" build.
      f659c1b7
    • unknown's avatar
      Adding __NT__ to Max Win32 configuration. · cd3dedc9
      unknown authored
      cd3dedc9