Commit ef7ebed4 authored by unknown's avatar unknown
Browse files

Code cleanups during review of pushed code 


sql/mysql_priv.h:
  Added 'const' to some arguments
sql/sp_head.cc:
  Added comments
  code cleanup
  acceess -> access
sql/sql_acl.cc:
  Simply code by making check_routine_level_acl() available also in embedded server
sql/sql_acl.h:
  Added 'const' to some arguments
sql/sql_parse.cc:
  Added 'const' to some arguments
  Fixed the check_rounte_level_acl() is always called
  (old code didn't properly check access privilges if grant_option was not set)
sql/sql_show.cc:
  Simplify usage of get_field()
  Now we can always call check_some_routine_access()
sql/sql_udf.cc:
  Don't give warnings for suspicios UDF's if --log-warnings isn't given
sql/table.cc:
  Simplify usage of get_field()
parent 722ffa87

sql/mysql_priv.h

+1 −1
Original line number Diff line number Diff line
@@ -453,7 +453,7 @@ bool check_procedure_access(THD *thd,ulong want_access,char *db,char *name, 
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);

bool check_merge_table_access(THD *thd, char *db,

			      TABLE_LIST *table_list);

bool check_some_routine_access(THD *thd, char *db, char *name);

bool check_some_routine_access(THD *thd, const char *db, const char *name);

bool multi_update_precheck(THD *thd, TABLE_LIST *tables);

bool multi_delete_precheck(THD *thd, TABLE_LIST *tables, uint *table_count);

bool mysql_multi_update_prepare(THD *thd);

sql/sp_head.cc

+22 −14
Original line number Diff line number Diff line
@@ -1015,23 +1015,31 @@ sp_head::restore_thd_mem_root(THD *thd) 
}





bool check_show_routine_acceess(THD *thd, sp_head *sp, bool *full_access)

/*

  Check if a user has access right to a routine



  SYNOPSIS

    check_show_routine_access()

    thd			Thread handler

    sp			SP

    full_access		Set to 1 if the user has SELECT right to the

			'mysql.proc' able or is the owner of the routine

  RETURN

    0  ok

    1  error

*/



bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)

{

  TABLE_LIST tables;

  bzero((char*) &tables,sizeof(tables));

  tables.db= (char*) "mysql";

  tables.table_name= tables.alias= (char*) "proc";

  *full_access= !check_table_access(thd, SELECT_ACL, &tables, 1);

  if (!(*full_access))

    *full_access= (!strcmp(sp->m_definer_user.str, thd->priv_user) &&

                   !strcmp(sp->m_definer_host.str, thd->priv_host));

  if (!(*full_access))

  {

#ifndef NO_EMBEDDED_ACCESS_CHECKS

    return check_some_routine_access(thd, (char * )sp->m_db.str,

                                     (char * ) sp->m_name.str);

#endif

  }

  *full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1) ||

                 (!strcmp(sp->m_definer_user.str, thd->priv_user) &&

                  !strcmp(sp->m_definer_host.str, thd->priv_host)));

  if (!*full_access)

    return check_some_routine_access(thd, sp->m_db.str, sp->m_name.str);

  return 0;

}
@@ -1055,7 +1063,7 @@ sp_head::show_create_procedure(THD *thd) 
  LINT_INIT(sql_mode_str);

  LINT_INIT(sql_mode_len);



  if (check_show_routine_acceess(thd, this, &full_access))

  if (check_show_routine_access(thd, this, &full_access))

    return 1;

  

  old_sql_mode= thd->variables.sql_mode;
@@ -1128,7 +1136,7 @@ sp_head::show_create_function(THD *thd) 
  LINT_INIT(sql_mode_str);

  LINT_INIT(sql_mode_len);



  if (check_show_routine_acceess(thd, this, &full_access))

  if (check_show_routine_access(thd, this, &full_access))

    return 1;



  old_sql_mode= thd->variables.sql_mode;

sql/sql_acl.cc

+15 −3
Original line number Diff line number Diff line
@@ -3594,11 +3594,11 @@ bool check_grant_procedure(THD *thd, ulong want_access, 
   name         Routine name



  RETURN

   1            error

   0            Ok 

   1            error

*/



bool check_routine_level_acl(THD *thd, char *db, char *name)

bool check_routine_level_acl(THD *thd, const char *db, const char *name)

{

  bool no_routine_acl= 1;

  if (grant_option)
@@ -5570,4 +5570,16 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, 
    grant->privilege|= grant->grant_table->privs;

  }

}



#else /* NO_EMBEDDED_ACCESS_CHECKS */



/****************************************************************************

 Dummy wrappers when we don't have any access checks

****************************************************************************/



bool check_routine_level_acl(THD *thd, const char *db, const char *name)

{

  return FALSE;

}



#endif

sql/sql_acl.h

+1 −1
Original line number Diff line number Diff line
@@ -219,7 +219,7 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, 
                                     const char *db, const char *table);

bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name);

bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name);

bool check_routine_level_acl(THD *thd, char *db, char *name);

bool check_routine_level_acl(THD *thd, const char *db, const char *name);



#ifdef NO_EMBEDDED_ACCESS_CHECKS

#define check_grant(A,B,C,D,E,F) 0

sql/sql_parse.cc

+2 −7
Original line number Diff line number Diff line
@@ -4760,7 +4760,7 @@ check_procedure_access(THD *thd, ulong want_access,char *db, char *name, 
    1            error

*/



bool check_some_routine_access(THD *thd, char *db, char *name)

bool check_some_routine_access(THD *thd, const char *db, const char *name)

{

  ulong save_priv;

  if (thd->master_access & SHOW_PROC_ACLS)
@@ -4768,12 +4768,7 @@ bool check_some_routine_access(THD *thd, char *db, char *name) 
  if (!check_access(thd, SHOW_PROC_ACLS, db, &save_priv, 0, 1) ||

      (save_priv & SHOW_PROC_ACLS))

    return FALSE;

#ifndef NO_EMBEDDED_ACCESS_CHECKS

  if (grant_option)

  return check_routine_level_acl(thd, db, name);

#endif



  return FALSE;

}