db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r545178 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/sql/compile/ testing/org/apache/derbyTesting/functionTests/tests/lang/ testing/org/apache/derbyTesting/junit/
Date Thu, 07 Jun 2007 13:41:57 GMT
Author: djd
Date: Thu Jun  7 06:41:56 2007
New Revision: 545178

URL: http://svn.apache.org/viewvc?view=rev&rev=545178
Log: (empty)

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/StaticMethodCallNode.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/StaticMethodCallNode.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/StaticMethodCallNode.java?view=diff&rev=545178&r1=545177&r2=545178
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/StaticMethodCallNode.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/StaticMethodCallNode.java
Thu Jun  7 06:41:56 2007
@@ -187,42 +187,35 @@
 			CompilerContext cc = getCompilerContext();
 
 			// look for a routine
-			if (ad == null) {
 
-				String schemaName = procedureName != null ?
-									procedureName.getSchemaName() : null;
-									
-				boolean noSchema = schemaName == null;
-
-				SchemaDescriptor sd = getSchemaDescriptor(schemaName, schemaName != null);
-
-
-				resolveRoutine(fromList, subqueryList, aggregateVector, sd);
+			String schemaName = procedureName.getSchemaName();
+								
+			boolean noSchema = schemaName == null;
+
+			SchemaDescriptor sd = getSchemaDescriptor(schemaName, schemaName != null);
+
+            // The field methodName is used by resolveRoutine and
+            // is set to the name of the routine (procedureName.getTableName()).
+			resolveRoutine(fromList, subqueryList, aggregateVector, sd);
+			
+			if (ad == null && noSchema && !forCallStatement)
+			{
+				// Resolve to a built-in SYSFUN function but only
+				// if this is a function call and the call
+				// was not qualified. E.g. COS(angle). The
+				// SYSFUN functions are not in SYSALIASES but
+				// an in-memory table, set up in DataDictioanryImpl.
+				sd = getSchemaDescriptor("SYSFUN", true);
 				
-				if (ad == null && noSchema && !forCallStatement)
-				{
-					// Resolve to a built-in SYSFUN function but only
-					// if this is a function call and the call
-					// was not qualified. E.g. COS(angle). The
-					// SYSFUN functions are not in SYSALIASES but
-					// an in-memory table, set up in DataDictioanryImpl.
-					sd = getSchemaDescriptor("SYSFUN", true);
-					
-					resolveRoutine(fromList, subqueryList, aggregateVector, sd);
-				}
-	
+				resolveRoutine(fromList, subqueryList, aggregateVector, sd);
 			}
+	
 
-			/* Throw exception if no alias found */
+			/* Throw exception if no routine found */
 			if (ad == null)
 			{
-				Object errName;
-				if (procedureName == null)
-					errName = methodName;
-				else
-					errName = procedureName;
-
-				throw StandardException.newException(SQLState.LANG_NO_SUCH_METHOD_ALIAS, errName);
+				throw StandardException.newException(
+                        SQLState.LANG_NO_SUCH_METHOD_ALIAS, procedureName);
 			}
 	
 
@@ -233,8 +226,24 @@
 
 			methodName = ad.getAliasInfo().getMethodName();
 			javaClassName = ad.getJavaClassName();
+            
+            // DERBY-2330 Do not allow a routine to resolve to
+            // a Java method that is part of the Derby runtime code base.
+            // This is a security measure to stop user-defined routines
+            // bypassing security by making calls directly to Derby's
+            // internal methods. E.g. open a table's conglomerate
+            // directly and read the file, bypassing any authorization.
+            // This is a simpler mechanism than analyzing all of
+            // Derby's public static methods and ensuring they have
+            // no Security holes.
+            if (javaClassName.startsWith("org.apache.derby."))
+            {
+                if (!sd.isSystemSchema())
+                    throw StandardException.newException(
+                        SQLState.LANG_TYPE_DOESNT_EXIST2, (Throwable) null,
+                        javaClassName);
+            }
 		}
-
 
 		verifyClassExist(javaClassName);
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java?view=diff&rev=545178&r1=545177&r2=545178
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RoutineSecurityTest.java
Thu Jun  7 06:41:56 2007
@@ -170,6 +170,42 @@
     }
     
     /**
+     * Check that a user routine cannot resolve to a
+     * internal derby class, currently limited to not
+     * resolving to any class in the org.apache.derby namespace.
+     */
+    public void testInternalClass() throws SQLException
+    {
+        Statement s = createStatement();
+        
+        s.executeUpdate(
+                "CREATE FUNCTION HACK_DERBY(PROPERTY_KEY VARCHAR(60)) " +
+                "RETURNS VARCHAR(60) " +
+                "EXTERNAL NAME 'org.apache.derby.catalog.SystemProcedures.SYSCS_GET_DATABASE_PROPERTY'
" +
+                "LANGUAGE JAVA PARAMETER STYLE JAVA");
+        
+        s.executeUpdate(
+                "CREATE PROCEDURE HACK_DERBY_2() " +
+                "EXTERNAL NAME 'org.apache.derby.catalog.SystemProcedures.SYSCS_UNFREEZE_DATABASE'
" +
+                "LANGUAGE JAVA PARAMETER STYLE JAVA");
+        
+        // Some random potential Derby class to ensure the checks
+        // are not limited to the catalog class.
+        s.executeUpdate(
+                "CREATE PROCEDURE HACK_DERBY_3() " +
+                "EXTERNAL NAME 'org.apache.derby.any.clazz.method' " +
+                "LANGUAGE JAVA PARAMETER STYLE JAVA");
+
+
+        s.close();
+        
+        assertCompileError("42X51", "VALUES HACK_DERBY(?)");
+        assertCompileError("42X51", "CALL HACK_DERBY_2()");
+        assertCompileError("42X51", "CALL HACK_DERBY_3()");       
+
+    }
+    
+    /**
      * Test for a security exception within a routine.
      * Current test is that the SQLException returned
      * to the client has SQLState 38000 and wraps a

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java?view=diff&rev=545178&r1=545177&r2=545178
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/junit/BaseJDBCTestCase.java Thu
Jun  7 06:41:56 2007
@@ -643,7 +643,11 @@
                  * error should occur before the execution-time error
                  * about unbound parameters.
                  */
-                pSt.execute();
+                try {
+                    pSt.execute();
+                } finally {
+                    pSt.close();
+                }
             }
             fail("expected compile error: " + sqlState);
         } catch (SQLException se) {



Mime
View raw message