db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5357) SQLJ.INSTALL_JAR shouldn't use identifier as file name
Date Mon, 05 Mar 2012 16:45:58 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13222444#comment-13222444
] 

Dag H. Wanvik commented on DERBY-5357:
--------------------------------------

diffstat and detailed patch comments (derby-5357-2):

 impl/sql/execute/JarUtil.java                    |  153 +++++++++++++++++++++--
 impl/sql/catalog/DataDictionaryImpl.java         |   85 ++++++++++++
 impl/store/raw/RawStore.java                     |   57 ++++++--
 iapi/sql/dictionary/DataDescriptorGenerator.java |   38 +++--
 iapi/services/io/FileUtil.java                   |   16 ++
 iapi/store/access/FileResource.java              |    5 
 impl/db/BasicDatabase.java                       |    3 
 impl/sql/catalog/DD_Version.java                 |    7 +
 impl/store/raw/data/RFResource.java              |    8 +

M java/engine/org/apache/derby/impl/sql/execute/JarUtil.java

mkExternalName now always takes uuid as argument. 

New methods: 
   - mkExternalNameInternal: used during upgrade to be able to construct both old an new style
names
   - upgradeJar: upgrade one jar file to new style (>= 10.9)
   - removeOldDirs: Upgrade code: Remove the old directories names with contents (pre-10.9
style).

M java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java

New methods:
   - getAllSysfileDescriptors: used by upgrade code: Return a list of all {@FileInfoDescriptor}s
in SYSFILES scan.
   - upgradeJarStorage: used by upgrade code. Called by the upgrade code to upgrade the way
we store jar files in the database. We now use UUID as part of the file name and sanitize
the SQL (schema, schema object) parts of the file name to avoid problems with path delimiters.
Also, we henceforth use no schema subdirectories since there is no chance of name collision
with the UUID.

M java/engine/org/apache/derby/impl/store/raw/RawStore.java

Modified backup code to handle new as well as old scheme (in soft
upgrade mode).


M java/engine/org/apache/derby/iapi/services/io/FileUtil.java

New method:
   - sanitizeSqlIdAsFilename: Since quoted SQL identifiers may contain any character, we cannot
use an SQL identifier as a file name unconditionally. Return a safe (unexploitable) file name
by replacing '/' or '\' with underscore, so one can't access a non-intended directory. <em>Note</em>:
we need to replace both to make database portable from Windows to *nix or vice versa.


M java/engine/org/apache/derby/iapi/store/access/FileResource.java
M java/engine/org/apache/derby/impl/store/raw/data/RFResource.java


New method:
   - getAsFile(String name) to be able to delete old directories during upgrade.


M java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java

Add a line to call upgradeJarStorage when hard upgrading


M java/engine/org/apache/derby/impl/db/BasicDatabase.java

Interface adjustment.

M java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java

interface adjustment

                
> SQLJ.INSTALL_JAR shouldn't use identifier as file name
> ------------------------------------------------------
>
>                 Key: DERBY-5357
>                 URL: https://issues.apache.org/jira/browse/DERBY-5357
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.9.0.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Dag H. Wanvik
>              Labels: derby_triage10_9
>         Attachments: derby-5357-2.diff, derby-5357-2.stat, derby-5357.diff, derby-5357.stat
>
>
> When installing a jar file with the SQLJ.INSTALL_JAR procedure, it will copy the jar
file to a subdirectory of the database directory. The name of the stored jar file is based
on the qualified name specified by the second parameter in the procedure, and becomes something
like: <DBDIR>/jar/<SCHEMA>/<JAR_NAME>.jar.<VERSION>
> This naming scheme is problematic because the qualified name of the jar file is an SQL
identifier and may contain any characters, also characters with special meaning to the underlying
file system.
> One example is this call:
> ij> call sqlj.install_jar('/path/to/toursdb.jar', 'APP."../../../x/jar"', 0);
> 0 rows inserted/updated/deleted
> On Unix-like systems, this will install the jar in a subdirectory of the database directory's
parent directory, which is clearly unfortunate as the database directory should be self-contained
(an assumption used when taking backup of a database using operating system commands, or when
moving the database to another location).
> There's probably also a possibility that INSTALL_JAR fails if the identifier contains
a character that's not allowed in file names on the platform.
> It would be better if the jars were stored in a file whose name is independent of the
identifier used, so that any valid SQL identifier could be used to name a jar file in the
database without causing problems.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message