You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by rh...@apache.org on 2013/05/31 15:22:12 UTC

svn commit: r1488201 - in /db/derby/code/branches/10.9: ./ java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java

Author: rhillegas
Date: Fri May 31 13:22:11 2013
New Revision: 1488201

URL: http://svn.apache.org/r1488201
Log:
DERBY-6221: Port 1487946 from trunk to 10.9 branch.

Modified:
    db/derby/code/branches/10.9/   (props changed)
    db/derby/code/branches/10.9/java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java
    db/derby/code/branches/10.9/java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java

Propchange: db/derby/code/branches/10.9/
------------------------------------------------------------------------------
  Merged /db/derby/code/trunk:r1487946

Modified: db/derby/code/branches/10.9/java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.9/java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java?rev=1488201&r1=1488200&r2=1488201&view=diff
==============================================================================
--- db/derby/code/branches/10.9/java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java (original)
+++ db/derby/code/branches/10.9/java/engine/org/apache/derby/impl/sql/compile/FromBaseTable.java Fri May 31 13:22:11 2013
@@ -2786,7 +2786,33 @@ public class FromBaseTable extends FromT
 									FromList fromList)
 								throws StandardException
 	{
-		/* Generate the referenced table map */
+        //
+        // We're done with binding, so we should know which columns
+        // are referenced. We check to see if SYSUSERS.PASSWORD is referenced.
+        // Even the DBO is not allowed to SELECT that column.
+        // This is to prevent us from instantiating the password as a
+        // String. See DERBY-866.
+        // We do this check before optimization because the optimizer may
+        // change the result column list as it experiments with different access paths.
+        // At preprocess() time, the result column list should be the columns in the base
+        // table.
+        //
+        if ( authorizeSYSUSERS )
+        {
+            int passwordColNum = SYSUSERSRowFactory.PASSWORD_COL_NUM;
+
+            FormatableBitSet    refCols = resultColumns.getReferencedFormatableBitSet( false, true, false );
+
+            if (
+                (refCols.getLength() >= passwordColNum ) && refCols.isSet( passwordColNum - 1 )
+               )
+            {
+                throw StandardException.newException
+                    ( SQLState.HIDDEN_COLUMN, SYSUSERSRowFactory.TABLE_NAME, SYSUSERSRowFactory.PASSWORD_COL_NAME );
+            }
+        }
+        
+        /* Generate the referenced table map */
 		referencedTableMap = new JBitSet(numTables);
 		referencedTableMap.set(tableNumber);
 
@@ -3261,31 +3287,7 @@ public class FromBaseTable extends FromT
 	public void generate(ActivationClassBuilder acb,
 								MethodBuilder mb)
 							throws StandardException
-	{
-        //
-        // By now the map of referenced columns has been filled in.
-        // We check to see if SYSUSERS.PASSWORD is referenced.
-        // Even the DBO is not allowed to SELECT that column.
-        // This is to prevent us from instantiating the password as a
-        // String. The char[] inside the String can hang around, unzeroed
-        // and be read by a memory-sniffer. See DERBY-866.
-        //
-        if ( authorizeSYSUSERS )
-        {
-            int passwordColNum = SYSUSERSRowFactory.PASSWORD_COL_NUM;
-            
-            if (
-                ( referencedCols == null ) || // select * from sys.sysusers results in a null referecedCols
-                (
-                 (referencedCols.getLength() >= passwordColNum ) && referencedCols.isSet( passwordColNum - 1 )
-                )
-               )
-            {
-                throw StandardException.newException
-                    ( SQLState.HIDDEN_COLUMN, SYSUSERSRowFactory.TABLE_NAME, SYSUSERSRowFactory.PASSWORD_COL_NAME );
-            }
-        }
-        
+	{        
 		generateResultSet( acb, mb );
 
 		/*

Modified: db/derby/code/branches/10.9/java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/branches/10.9/java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java?rev=1488201&r1=1488200&r2=1488201&view=diff
==============================================================================
--- db/derby/code/branches/10.9/java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java (original)
+++ db/derby/code/branches/10.9/java/testing/org/apache/derbyTesting/functionTests/tests/lang/DBOAccessTest.java Fri May 31 13:22:11 2013
@@ -188,6 +188,9 @@ public class DBOAccessTest extends Gener
         goodStatement( dboConnection, "create view v2 as select username, hashingscheme, lastmodified from sys.sysusers" );
         if ( authorizationIsOn() ) { goodStatement( dboConnection, "grant select on v2 to public" ); }
 
+        goodStatement( dboConnection, "create view v3 as select username, hashingscheme, lastmodified from sys.sysusers where password is null" );
+        if ( authorizationIsOn() ) { goodStatement( dboConnection, "grant select on v3 to public" ); }
+
         vetDBO_OKProbes( dboConnection, true );
         vetDBO_OKProbes( janetConnection, !authorizationIsOn() );
 
@@ -202,6 +205,8 @@ public class DBOAccessTest extends Gener
         vetUserProbes( conn, shouldSucceed, "select count(*) from sys.sysusers", ONLY_DBO );
         vetUserProbes( conn, shouldSucceed, "select username, hashingscheme, lastmodified from sys.sysusers", ONLY_DBO );
         vetUserProbes( conn, shouldSucceed, "select username from sys.sysusers", ONLY_DBO );
+        vetUserProbes( conn, shouldSucceed, "select username, lastmodified from sys.sysusers", ONLY_DBO );
+        vetUserProbes( conn, shouldSucceed, "select username, lastmodified from sys.sysusers where username = 'FRED'", ONLY_DBO );
 
         // can't use views to subvert authorization checks
         vetUserProbes( conn, shouldSucceed, "select count(*) from test_dbo.v2", ONLY_DBO );
@@ -218,6 +223,8 @@ public class DBOAccessTest extends Gener
         vetUserProbes( conn, shouldSucceed, "select password from sys.sysusers", expectedSQLState );
         vetUserProbes( conn, shouldSucceed, "select username, password from sys.sysusers", expectedSQLState );
         vetUserProbes( conn, shouldSucceed, "select username from sys.sysusers where password = 'foo'", expectedSQLState );
+        vetUserProbes( conn, shouldSucceed, "select username, lastmodified from sys.sysusers where password is not null", expectedSQLState );
+        vetUserProbes( conn, shouldSucceed, "select * from test_dbo.v3", expectedSQLState );
     }
     private void    vetUserProbes
         ( Connection conn, boolean shouldSucceed, String query, String expectedSQLState )