diff options
| author | Kristofer Pettersson <kristofer.pettersson@sun.com> | 2009-05-29 15:37:54 +0200 |
|---|---|---|
| committer | Kristofer Pettersson <kristofer.pettersson@sun.com> | 2009-05-29 15:37:54 +0200 |
| commit | a64555543285881b3183f63913fa00b296479715 (patch) | |
| tree | 3f0740c847b9b9f5d738f4d4900fbc3424a82154 /sql/sql_class.cc | |
| parent | 45bacdc48112941b2c37fa6ab00072a13b550bc9 (diff) | |
| download | mariadb-git-a64555543285881b3183f63913fa00b296479715.tar.gz | |
Bug#44658 Create procedure makes server crash when user does not have ALL privilege
MySQL crashes if a user without proper privileges attempts to create a procedure.
The crash happens because more than one error state is pushed onto the Diagnostic
area. In this particular case the user is denied to implicitly create a new user
account with the implicitly granted privileges ALTER- and EXECUTE ROUTINE.
The new account is needed if the original user account contained a host mask.
A user account with a host mask is a distinct user account in this context.
An alternative would be to first get the most permissive user account which
include the current user connection and then assign privileges to that
account. This behavior change is considered out of scope for this bug patch.
The implicit assignment of privileges when a user creates a stored routine is a
considered to be a feature for user convenience and as such it is not
a critical operation. Any failure to complete this operation is thus considered
non-fatal (an error becomes a warning).
The patch back ports a stack implementation of the internal error handler interface.
This enables the use of multiple error handlers so that it is possible to intercept
and cancel errors thrown by lower layers. This is needed as a error handler already
is used in the call stack emitting the errors which needs to be converted.
Diffstat (limited to 'sql/sql_class.cc')
| -rw-r--r-- | sql/sql_class.cc | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/sql/sql_class.cc b/sql/sql_class.cc index cf5fdcf27a7..a853ad103ea 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -674,31 +674,40 @@ THD::THD() void THD::push_internal_handler(Internal_error_handler *handler) { - /* - TODO: The current implementation is limited to 1 handler at a time only. - THD and sp_rcontext need to be modified to use a common handler stack. - */ - DBUG_ASSERT(m_internal_handler == NULL); - m_internal_handler= handler; + if (m_internal_handler) + { + handler->m_prev_internal_handler= m_internal_handler; + m_internal_handler= handler; + } + else + { + m_internal_handler= handler; + } } bool THD::handle_error(uint sql_errno, const char *message, MYSQL_ERROR::enum_warning_level level) { - if (m_internal_handler) + if (!m_internal_handler) + return FALSE; + + for (Internal_error_handler *error_handler= m_internal_handler; + error_handler; + error_handler= m_internal_handler->m_prev_internal_handler) { - return m_internal_handler->handle_error(sql_errno, message, level, this); + if (error_handler->handle_error(sql_errno, message, level, this)) + return TRUE; } - return FALSE; // 'FALSE', as per coding style + return FALSE; } void THD::pop_internal_handler() { DBUG_ASSERT(m_internal_handler != NULL); - m_internal_handler= NULL; + m_internal_handler= m_internal_handler->m_prev_internal_handler; } extern "C" |