Merge mysql.com:/home/timka/mysql/src/5.0-virgin (1a7a8067) · Commits · Software / OSDI20 Artifacts / mariadb

sql/item.cc

+1 −1

Original line number	Diff line number	Diff line
		@@ -5165,7 +5165,7 @@ void Item_trigger_field::setup_field(THD thd, TABLE table)
		set field_idx properly.
		*/
		(void)find_field_in_table(thd, table, field_name, (uint) strlen(field_name),
		0, 0, &field_idx, 0);
		0, &field_idx);
		thd->set_query_id= save_set_query_id;
		triggers= table->triggers;
		}

sql/item.h

+42 −0

Original line number	Diff line number	Diff line
		@@ -326,6 +326,48 @@ struct Name_resolution_context: Sql_alloc
		};


		/*
		Store and restore the current state of a name resolution context.
		*/

		class Name_resolution_context_state
		{
		private:
		TABLE_LIST *save_table_list;
		TABLE_LIST *save_first_name_resolution_table;
		TABLE_LIST *save_next_name_resolution_table;
		bool save_resolve_in_select_list;

		public:
		TABLE_LIST *save_next_local;

		public:
		/* Save the state of a name resolution context. */
		void save_state(Name_resolution_context context, TABLE_LIST table_list)
		{
		save_table_list= context->table_list;
		save_first_name_resolution_table= context->first_name_resolution_table;
		save_next_name_resolution_table= (context->first_name_resolution_table) ?
		context->first_name_resolution_table->
		next_name_resolution_table :
		NULL;
		save_resolve_in_select_list= context->resolve_in_select_list;
		save_next_local= table_list->next_local;
		}

		/* Restore a name resolution context from saved state. */
		void restore_state(Name_resolution_context context, TABLE_LIST table_list)
		{
		table_list->next_local= save_next_local;
		context->table_list= save_table_list;
		context->first_name_resolution_table= save_first_name_resolution_table;
		if (context->first_name_resolution_table)
		context->first_name_resolution_table->
		next_name_resolution_table= save_next_name_resolution_table;
		context->resolve_in_select_list= save_resolve_in_select_list;
		}
		};

		/*************************************************************************/

		typedef bool (Item::Item_processor)(byte arg);

sql/mysql_priv.h

+9 −11

Original line number	Diff line number	Diff line
		@@ -791,18 +791,15 @@ find_field_in_tables(THD thd, Item_ident item,
		bool check_privileges, bool register_tree_change);
		Field *
		find_field_in_table_ref(THD thd, TABLE_LIST table_list,
		const char name, const char item_name,
		const char table_name, const char db_name,
		uint length, Item **ref,
		bool check_grants_table, bool check_grants_view,
		bool allow_rowid,
		const char *name, uint length,
		const char item_name, const char db_name,
		const char table_name, Item *ref,
		bool check_privileges, bool allow_rowid,
		uint *cached_field_index_ptr,
		bool register_tree_change, TABLE_LIST **actual_table);
		Field *
		find_field_in_table(THD thd, TABLE table, const char *name,
		uint length, bool check_grants, bool allow_rowid,
		uint *cached_field_index_ptr,
		Security_context *sctx);
		find_field_in_table(THD thd, TABLE table, const char *name, uint length,
		bool allow_rowid, uint *cached_field_index_ptr);

		#ifdef HAVE_OPENSSL
		#include <openssl/des.h>
		@@ -918,7 +915,8 @@ create_field * new_create_field(THD thd, char field_name, enum_field_types typ
		uint uint_geom_type);
		void store_position_for_column(const char *name);
		bool add_to_list(THD thd, SQL_LIST &list,Item group,bool asc);
		Name_resolution_context make_join_on_context(THD thd, TABLE_LIST *left_op,
		bool push_new_name_resolution_context(THD *thd,
		TABLE_LIST *left_op,
		TABLE_LIST *right_op);
		void add_join_on(TABLE_LIST b,Item expr);
		void add_join_natural(TABLE_LIST a,TABLE_LIST b,List<String> *using_fields);

sql/sql_acl.cc

+84 −20

Original line number	Diff line number	Diff line
		@@ -2761,8 +2761,9 @@ bool mysql_table_grant(THD thd, TABLE_LIST table_list,
		uint unused_field_idx= NO_CACHED_FIELD_INDEX;
		TABLE_LIST *dummy;
		Field *f=find_field_in_table_ref(thd, table_list, column->column.ptr(),
		column->column.length(),
		column->column.ptr(), NULL, NULL,
		column->column.length(), 0, 1, 1, 0,
		NULL, TRUE, FALSE,
		&unused_field_idx, FALSE, &dummy);
		if (f == (Field*)0)
		{
		@@ -3616,11 +3617,28 @@ bool check_grant(THD thd, ulong want_access, TABLE_LIST tables,
		}


		/*
		Check column rights in given security context

		SYNOPSIS
		check_grant_column()
		thd thread handler
		grant grant information structure
		db_name db name
		table_name table name
		name column name
		length column name length
		sctx security context

		RETURN
		FALSE OK
		TRUE access denied
		*/

		bool check_grant_column(THD thd, GRANT_INFO grant,
		const char db_name, const char table_name,
		const char *name, uint length, uint show_tables)
		const char name, uint length, Security_context sctx)
		{
		Security_context *sctx= thd->security_ctx;
		GRANT_TABLE *grant_table;
		GRANT_COLUMN *grant_column;
		ulong want_access= grant->want_privilege & ~grant->privilege;
		@@ -3651,18 +3669,9 @@ bool check_grant_column(THD thd, GRANT_INFO grant,
		rw_unlock(&LOCK_grant);
		DBUG_RETURN(0);
		}
		#ifdef NOT_USED
		if (show_tables && (grant_column \|\| grant->privilege & COL_ACLS))
		{
		rw_unlock(&LOCK_grant); /* purecov: deadcode */
		DBUG_RETURN(0); /* purecov: deadcode */
		}
		#endif

		err:
		rw_unlock(&LOCK_grant);
		if (!show_tables)
		{
		char command[128];
		get_privilege_desc(command, sizeof(command), want_access);
		my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
		@@ -3671,11 +3680,66 @@ bool check_grant_column(THD thd, GRANT_INFO grant,
		sctx->host_or_ip,
		name,
		table_name);
		}
		DBUG_RETURN(1);
		}


		/*
		Check the access right to a column depending on the type of table.

		SYNOPSIS
		check_column_grant_in_table_ref()
		thd thread handler
		table_ref table reference where to check the field
		name name of field to check
		length length of name

		DESCRIPTION
		Check the access rights to a column depending on the type of table
		reference where the column is checked. The function provides a
		generic interface to check column access rights that hides the
		heterogeneity of the column representation - whether it is a view
		or a stored table colum.

		RETURN
		FALSE OK
		TRUE access denied
		*/

		bool check_column_grant_in_table_ref(THD thd, TABLE_LIST table_ref,
		const char *name, uint length)
		{
		GRANT_INFO *grant;
		const char *db_name;
		const char *table_name;
		Security_context *sctx= test(table_ref->security_ctx) ?
		table_ref->security_ctx : thd->security_ctx;

		if (table_ref->view \|\| table_ref->field_translation)
		{
		/* View or derived information schema table. */
		grant= &(table_ref->grant);
		db_name= table_ref->view_db.str;
		table_name= table_ref->view_name.str;
		}
		else
		{
		/* Normal or temporary table. */
		TABLE *table= table_ref->table;
		grant= &(table->grant);
		db_name= table->s->db;
		table_name= table->s->table_name;
		}

		if (grant->want_privilege)
		return check_grant_column(thd, grant, db_name, table_name, name,
		length, sctx);
		else
		return FALSE;

		}


		bool check_grant_all_columns(THD thd, ulong want_access, GRANT_INFO grant,
		const char* db_name, const char *table_name,
		Field_iterator *fields)

sql/sql_acl.h

+3 −1

Original line number	Diff line number	Diff line
		@@ -204,7 +204,9 @@ bool check_grant(THD thd, ulong want_access, TABLE_LIST tables,
		uint show_command, uint number, bool dont_print_error);
		bool check_grant_column (THD thd, GRANT_INFO grant,
		const char db_name, const char table_name,
		const char *name, uint length, uint show_command=0);
		const char name, uint length, Security_context sctx);
		bool check_column_grant_in_table_ref(THD thd, TABLE_LIST table_ref,
		const char *name, uint length);
		bool check_grant_all_columns(THD thd, ulong want_access, GRANT_INFO grant,
		const char* db_name, const char *table_name,
		Field_iterator *fields);