diff options
| author | Brandon Nesterenko <brandon.nesterenko@mariadb.com> | 2022-04-26 19:51:42 -0600 |
|---|---|---|
| committer | Brandon Nesterenko <brandon.nesterenko@mariadb.com> | 2022-04-29 17:01:05 -0600 |
| commit | 960223da39e6e7704b3b0e2de9fda404cc5f8d51 (patch) | |
| tree | 101c69694eac4ebd4a306131cdadcdf66392bf93 /sql/set_var.h | |
| parent | 388032e99057449219d4a943b4407e36c42ec4af (diff) | |
| download | mariadb-git-10.2-MDEV-28294-pre-exec.tar.gz | |
MDEV-28294: set default role bypasses Replicate_Wild_Ignore_Table: mysql.%10.2-MDEV-28294-pre-exec
Problem:
========
When replicating SET DEFAULT ROLE, the pre-update check (i.e. that
in set_var_default_role::check()) tries to validate the existence of
the given rules/user even when the targeted tables are ignored. When
previously issued CREATE USER/ROLE commands are ignored by the
replica because of the replication filtering rules, this results in
an error because the targeted data does not exist.
Solution:
========
Before checking that the given rules/user exist of a SET DEFAULT
ROLE command, first ensure that the mysql.user and
mysql.roles_mapping tables are not excluded by replication filters.
Reviewed By
===========
Andrei Elkin <andrei.elkin@mariadb.com>
Diffstat (limited to 'sql/set_var.h')
| -rw-r--r-- | sql/set_var.h | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/sql/set_var.h b/sql/set_var.h index b43e8f96c59..1bdefab0003 100644 --- a/sql/set_var.h +++ b/sql/set_var.h @@ -274,6 +274,21 @@ public: virtual int update(THD *thd)=0; /* To set the value */ virtual int light_check(THD *thd) { return check(thd); } /* for PS */ virtual bool is_system() { return FALSE; } + + /* + Output any tables that will be modified during the update process. This is + used for rpl_filter validation to ignore SET commands which should not be + replicated. + + @param tables [out] The address of the pointer which should be updated to + reference the list of modified tables. Will be NULL if no + tables will be modified. + + */ + virtual void get_modified_tables(TABLE_LIST **tables) + { + *tables= NULL; + } }; @@ -325,11 +340,15 @@ public: class set_var_password: public set_var_base { LEX_USER *user; + TABLE_LIST user_table; public: set_var_password(LEX_USER *user_arg) :user(user_arg) - {} + { + user_table.next_local= user_table.next_global= NULL; + } int check(THD *thd); int update(THD *thd); + void get_modified_tables(TABLE_LIST **tables); }; /* For SET ROLE */ @@ -351,11 +370,16 @@ class set_var_default_role: public set_var_base LEX_USER *user, *real_user; LEX_STRING role; const char *real_role; + TABLE_LIST roles_mapping_table; public: set_var_default_role(LEX_USER *user_arg, LEX_STRING role_arg) : - user(user_arg), role(role_arg) {} + user(user_arg), role(role_arg) + { + roles_mapping_table.next_local= roles_mapping_table.next_global= NULL; + } int check(THD *thd); int update(THD *thd); + void get_modified_tables(TABLE_LIST **tables); }; /* For SET NAMES and SET CHARACTER SET */ |