hcq/oceanbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

bugfix: alter user resource/public/connect identified by pwd core

Browse Source
This commit is contained in:
obdev
2022-11-29 15:07:58 +00:00
committed by ob-robot
parent 9acd492531
commit bb66f574c7
2 changed files with 31 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/sql/resolver/dcl/ob_set_password_resolver.cpp
View File

@ -78,9 +78,15 @@ int ObSetPasswordResolver::resolve(const ParseNode &parse_tree)
ObString host_name;
const ObString &session_user_name = session_info_->get_user_name();
const ObString &session_host_name = session_info_->get_host_name();
bool is_valid = false;
if (NULL != node->children_[0]) {
ParseNode *user_hostname_node = node->children_[0];
if (OB_ISNULL(user_hostname_node->children_[0])) {
if (OB_FAIL(check_role_as_user(user_hostname_node, is_valid))) {
LOG_WARN("failed to check role as user", K(ret));
} else if (!is_valid) {
ret = OB_USER_NOT_EXIST;
LOG_ORACLE_USER_ERROR(OB_USER_NOT_EXIST, int(user_hostname_node->str_len_), user_hostname_node->str_value_);
} else if (OB_ISNULL(user_hostname_node->children_[0])) {
ret = OB_INVALID_ARGUMENT;
LOG_WARN("username should not be NULL", K(ret));
} else {
@ -322,3 +328,26 @@ int ObSetPasswordResolver::resolve_oracle_password_strength(common::ObString &us
}
return ret;
}
/*
bugfix : https://work.aone.alibaba-inc.com/issue/46244474
alter user resource identified by password core cause by invalid memory access
*/
int ObSetPasswordResolver::check_role_as_user(ParseNode *user_hostname_node, bool &is_valid) {
is_valid = false;
int ret = OB_SUCCESS;
if (OB_ISNULL(user_hostname_node)) {
ret = OB_ERR_UNEXPECTED;
LOG_WARN("failed to check_role_as_user, user_hostname_node is NULL", K(ret));
} else if (!lib::is_oracle_mode() || T_VARCHAR != user_hostname_node->type_) {
is_valid = true;
} else {
ObString node_str(user_hostname_node->str_len_, user_hostname_node->str_value_);
if (0 != node_str.case_compare(OB_ORA_RESOURCE_ROLE_NAME) &&
0 != node_str.case_compare(OB_ORA_PUBLIC_ROLE_NAME) &&
0 != node_str.case_compare(OB_ORA_CONNECT_ROLE_NAME)) {
is_valid = true;
}
}
return ret;
}

1
src/sql/resolver/dcl/ob_set_password_resolver.h
View File

@ -39,6 +39,7 @@ private:
int resolve_oracle_password_strength(common::ObString &user_name,
common::ObString &hostname,
common::ObString &password);
int check_role_as_user(ParseNode *user_hostname_node, bool &is_valid);
private:
const static uint64_t MAX_CONNECTIONS = 4294967295;
// disallow copy