|
From: <di...@us...> - 2012-01-20 10:23:38
|
Revision: 53900
http://firebird.svn.sourceforge.net/firebird/?rev=53900&view=rev
Author: dimitr
Date: 2012-01-20 10:23:31 +0000 (Fri, 20 Jan 2012)
Log Message:
-----------
Disallowed deletions from RDB$DATABASE. This fixes the only problematic part of CORE-3735: Unprivileged user can delete from RDB$DATABASE, RDB$COLLATIONS, RDB$CHARACTER_SETS. The implemented solution could be used to protect other system tables from direct modifications.
Modified Paths:
--------------
firebird/trunk/lang_helpers/gds_codes.ftn
firebird/trunk/lang_helpers/gds_codes.pas
firebird/trunk/src/include/gen/codetext.h
firebird/trunk/src/include/gen/iberror.h
firebird/trunk/src/include/gen/msgs.h
firebird/trunk/src/include/gen/sql_code.h
firebird/trunk/src/include/gen/sql_state.h
firebird/trunk/src/jrd/vio.cpp
firebird/trunk/src/msgs/facilities2.sql
firebird/trunk/src/msgs/messages2.sql
firebird/trunk/src/msgs/system_errors2.sql
Modified: firebird/trunk/lang_helpers/gds_codes.ftn
===================================================================
--- firebird/trunk/lang_helpers/gds_codes.ftn 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/lang_helpers/gds_codes.ftn 2012-01-20 10:23:31 UTC (rev 53900)
@@ -1470,6 +1470,8 @@
PARAMETER (GDS__ss_out_of_bounds = 335545028)
INTEGER*4 GDS__missing_data_structures
PARAMETER (GDS__missing_data_structures = 335545029)
+ INTEGER*4 GDS__protect_sys_tab
+ PARAMETER (GDS__protect_sys_tab = 335545030)
INTEGER*4 GDS__gfix_db_name
PARAMETER (GDS__gfix_db_name = 335740929)
INTEGER*4 GDS__gfix_invalid_sw
Modified: firebird/trunk/lang_helpers/gds_codes.pas
===================================================================
--- firebird/trunk/lang_helpers/gds_codes.pas 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/lang_helpers/gds_codes.pas 2012-01-20 10:23:31 UTC (rev 53900)
@@ -742,6 +742,7 @@
gds_ee_blr_mismatch_length = 335545027;
gds_ss_out_of_bounds = 335545028;
gds_missing_data_structures = 335545029;
+ gds_protect_sys_tab = 335545030;
gds_gfix_db_name = 335740929;
gds_gfix_invalid_sw = 335740930;
gds_gfix_incmp_sw = 335740932;
Modified: firebird/trunk/src/include/gen/codetext.h
===================================================================
--- firebird/trunk/src/include/gen/codetext.h 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/include/gen/codetext.h 2012-01-20 10:23:31 UTC (rev 53900)
@@ -731,6 +731,7 @@
{"ee_blr_mismatch_length", 335545027},
{"ss_out_of_bounds", 335545028},
{"missing_data_structures", 335545029},
+ {"protect_sys_tab", 335545030},
{"gfix_db_name", 335740929},
{"gfix_invalid_sw", 335740930},
{"gfix_incmp_sw", 335740932},
Modified: firebird/trunk/src/include/gen/iberror.h
===================================================================
--- firebird/trunk/src/include/gen/iberror.h 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/include/gen/iberror.h 2012-01-20 10:23:31 UTC (rev 53900)
@@ -765,6 +765,7 @@
const ISC_STATUS isc_ee_blr_mismatch_length = 335545027L;
const ISC_STATUS isc_ss_out_of_bounds = 335545028L;
const ISC_STATUS isc_missing_data_structures = 335545029L;
+const ISC_STATUS isc_protect_sys_tab = 335545030L;
const ISC_STATUS isc_gfix_db_name = 335740929L;
const ISC_STATUS isc_gfix_invalid_sw = 335740930L;
const ISC_STATUS isc_gfix_incmp_sw = 335740932L;
@@ -1206,7 +1207,7 @@
const ISC_STATUS isc_trace_switch_param_miss = 337182758L;
const ISC_STATUS isc_trace_param_act_notcompat = 337182759L;
const ISC_STATUS isc_trace_mandatory_switch_miss = 337182760L;
-const ISC_STATUS isc_err_max = 1150;
+const ISC_STATUS isc_err_max = 1151;
#else /* c definitions */
@@ -1941,6 +1942,7 @@
#define isc_ee_blr_mismatch_length 335545027L
#define isc_ss_out_of_bounds 335545028L
#define isc_missing_data_structures 335545029L
+#define isc_protect_sys_tab 335545030L
#define isc_gfix_db_name 335740929L
#define isc_gfix_invalid_sw 335740930L
#define isc_gfix_incmp_sw 335740932L
@@ -2382,7 +2384,7 @@
#define isc_trace_switch_param_miss 337182758L
#define isc_trace_param_act_notcompat 337182759L
#define isc_trace_mandatory_switch_miss 337182760L
-#define isc_err_max 1150
+#define isc_err_max 1151
#endif
Modified: firebird/trunk/src/include/gen/msgs.h
===================================================================
--- firebird/trunk/src/include/gen/msgs.h 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/include/gen/msgs.h 2012-01-20 10:23:31 UTC (rev 53900)
@@ -734,6 +734,7 @@
{335545027, "External BLR message mismatch: length = @1, expected @2"}, /* ee_blr_mismatch_length */
{335545028, "Subscript @1 out of bounds [@2, @3]"}, /* ss_out_of_bounds */
{335545029, "Install incomplete, please read chapter \"Initializing security database\" in Quick Start Guide"}, /* missing_data_structures */
+ {335545030, "@1 operation is not allowed for system table @2"}, /* protect_sys_tab */
{335740929, "data base file name (@1) already given"}, /* gfix_db_name */
{335740930, "invalid switch @1"}, /* gfix_invalid_sw */
{335740932, "incompatible switch combination"}, /* gfix_incmp_sw */
Modified: firebird/trunk/src/include/gen/sql_code.h
===================================================================
--- firebird/trunk/src/include/gen/sql_code.h 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/include/gen/sql_code.h 2012-01-20 10:23:31 UTC (rev 53900)
@@ -730,6 +730,7 @@
{335545027, -901}, /* 707 ee_blr_mismatch_length */
{335545028, -406}, /* 708 ss_out_of_bounds */
{335545029, -902}, /* 709 missing_data_structures */
+ {335545030, -902}, /* 710 protect_sys_tab */
{335740929, -901}, /* 1 gfix_db_name */
{335740930, -901}, /* 2 gfix_invalid_sw */
{335740932, -901}, /* 4 gfix_incmp_sw */
Modified: firebird/trunk/src/include/gen/sql_state.h
===================================================================
--- firebird/trunk/src/include/gen/sql_state.h 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/include/gen/sql_state.h 2012-01-20 10:23:31 UTC (rev 53900)
@@ -730,6 +730,7 @@
{335545027, "42000"}, // 707 ee_blr_mismatch_length
{335545028, "42000"}, // 708 ss_out_of_bounds
{335545029, "28000"}, // 709 missing_data_structures
+ {335545030, "42000"}, // 710 protect_sys_tab
{335740929, "00000"}, // 1 gfix_db_name
{335740930, "00000"}, // 2 gfix_invalid_sw
{335740932, "00000"}, // 4 gfix_incmp_sw
Modified: firebird/trunk/src/jrd/vio.cpp
===================================================================
--- firebird/trunk/src/jrd/vio.cpp 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/jrd/vio.cpp 2012-01-20 10:23:31 UTC (rev 53900)
@@ -132,6 +132,7 @@
static int prepare_update(thread_db*, jrd_tra*, SLONG, record_param*,
record_param*, record_param*, PageStack&, bool);
+static void protect_system_table(thread_db*, const jrd_rel*, const char*, bool = false);
static void purge(thread_db*, record_param*);
static Record* replace_gc_record(jrd_rel*, Record**, USHORT);
static void replace_record(thread_db*, record_param*, PageStack*, const jrd_tra*);
@@ -1327,6 +1328,10 @@
switch ((RIDS) relation->rel_id)
{
+ case rel_database:
+ protect_system_table(tdbb, relation, "DELETE", true);
+ break;
+
case rel_relations:
if (EVL_field(0, rpb->rpb_record, f_rel_name, &desc))
{
@@ -5260,6 +5265,38 @@
}
+static void protect_system_table(thread_db* tdbb,
+ const jrd_rel* relation,
+ const char* operation,
+ bool force_flag)
+{
+/**************************************
+ *
+ * p r o t e c t _ s y s t e m _ t a b l e
+ *
+ **************************************
+ *
+ * Functional description
+ * Disallow modifications on system tables for everyone except
+ * the GBAK restore process and internal (system) requests used
+ * by the engine itself.
+ *
+ **************************************/
+ const Attachment* const attachment = tdbb->getAttachment();
+ const jrd_req* const request = tdbb->getRequest();
+
+ if (force_flag ||
+ (!(attachment->att_flags & ATT_gbak_attachment) &&
+ !(request->getStatement()->flags & JrdStatement::FLAG_INTERNAL)))
+ {
+ fb_assert(relation->rel_flags & REL_scanned);
+
+ status_exception::raise(Arg::Gds(isc_protect_sys_tab) <<
+ Arg::Str(operation) << Arg::Str(relation->rel_name));
+ }
+}
+
+
static void purge(thread_db* tdbb, record_param* rpb)
{
/**************************************
Modified: firebird/trunk/src/msgs/facilities2.sql
===================================================================
--- firebird/trunk/src/msgs/facilities2.sql 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/msgs/facilities2.sql 2012-01-20 10:23:31 UTC (rev 53900)
@@ -1,7 +1,7 @@
/* MAX_NUMBER is the next number to be used, always one more than the highest message number. */
set bulk_insert INSERT INTO FACILITIES (LAST_CHANGE, FACILITY, FAC_CODE, MAX_NUMBER) VALUES (?, ?, ?, ?);
--
-('2011-12-22 18:36:31', 'JRD', 0, 710)
+('2012-01-20 11:48:31', 'JRD', 0, 711)
('2012-01-19 04:56:37', 'QLI', 1, 532)
('2009-07-16 05:26:11', 'GFIX', 3, 121)
('1996-11-07 13:39:40', 'GPRE', 4, 1)
Modified: firebird/trunk/src/msgs/messages2.sql
===================================================================
--- firebird/trunk/src/msgs/messages2.sql 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/msgs/messages2.sql 2012-01-20 10:23:31 UTC (rev 53900)
@@ -817,6 +817,7 @@
('ee_blr_mismatch_length', NULL, 'met.epp', NULL, 0, 707, NULL, 'External BLR message mismatch: length = @1, expected @2', NULL, NULL)
('ss_out_of_bounds', NULL, 'sdl.cpp', NULL, 0, 708, NULL, 'Subscript @1 out of bounds [@2, @3]', NULL, NULL)
('missing_data_structures', NULL, 'server.cpp', NULL, 0, 709, NULL, 'Install incomplete, please read chapter "Initializing security database" in Quick Start Guide', NULL, NULL)
+('protect_sys_tab', NULL, 'vio.cpp', NULL, 0, 710, NULL, '@1 operation is not allowed for system table @2', NULL, NULL)
-- QLI
(NULL, NULL, NULL, NULL, 1, 0, NULL, 'expected type', NULL, NULL);
(NULL, NULL, NULL, NULL, 1, 1, NULL, 'bad block type', NULL, NULL);
Modified: firebird/trunk/src/msgs/system_errors2.sql
===================================================================
--- firebird/trunk/src/msgs/system_errors2.sql 2012-01-20 03:39:43 UTC (rev 53899)
+++ firebird/trunk/src/msgs/system_errors2.sql 2012-01-20 10:23:31 UTC (rev 53900)
@@ -715,6 +715,7 @@
(-901, '42', '000', 0, 707, 'ee_blr_mismatch_length', NULL, NULL)
(-406, '42', '000', 0, 708, 'ss_out_of_bounds', NULL, NULL)
(-902, '28', '000', 0, 709, 'missing_data_structures', NULL, NULL)
+(-902, '42', '000', 0, 710, 'protect_sys_tab', NULL, NULL)
-- GFIX
(-901, '00', '000', 3, 1, 'gfix_db_name', NULL, NULL)
(-901, '00', '000', 3, 2, 'gfix_invalid_sw', NULL, NULL)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|