| Server IP : 172.67.216.182 / Your IP : 108.162.226.159 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /www/server/mysql/src/sql/ |
Upload File : |
/* Copyright (c) 2000, 2023, Oracle and/or its affiliates.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, version 2.0,
as published by the Free Software Foundation.
This program is also distributed with certain software (including
but not limited to OpenSSL) that is licensed under separate terms,
as designated in a particular file or component or in included license
documentation. The authors of MySQL hereby grant you an additional
permission to link the program and your derivative works with the
separately licensed software that they have included with MySQL.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License, version 2.0, for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA */
/* This implements 'user defined functions' */
/*
Known bugs:
Memory for functions is never freed!
Shared libraries are not closed before mysqld exits;
- This is because we can't be sure if some threads are using
a function.
The bugs only affect applications that create and free a lot of
dynamic functions, so this shouldn't be a real problem.
*/
#include "sql_base.h" // close_mysql_tables
#include "sql_parse.h" // check_string_char_length
#include "sql_table.h" // write_bin_log
#include "records.h" // init_read_record, end_read_record
#include "lock.h" // MYSQL_LOCK_IGNORE_TIMEOUT
#include "log.h"
#include "sql_plugin.h" // check_valid_path
#ifdef HAVE_DLFCN_H
#include <dlfcn.h>
#endif
#ifdef HAVE_DLOPEN
#include <stdarg.h>
#include <hash.h>
static bool initialized = 0;
static MEM_ROOT mem;
static HASH udf_hash;
static mysql_rwlock_t THR_LOCK_udf;
static udf_func *add_udf(LEX_STRING *name, Item_result ret,
char *dl, Item_udftype typ);
static void del_udf(udf_func *udf);
static void *find_udf_dl(const char *dl);
static char *init_syms(udf_func *tmp, char *nm)
{
char *end;
if (!((tmp->func= (Udf_func_any) dlsym(tmp->dlhandle, tmp->name.str))))
return tmp->name.str;
end=my_stpcpy(nm,tmp->name.str);
if (tmp->type == UDFTYPE_AGGREGATE)
{
(void)my_stpcpy(end, "_clear");
if (!((tmp->func_clear= (Udf_func_clear) dlsym(tmp->dlhandle, nm))))
return nm;
(void)my_stpcpy(end, "_add");
if (!((tmp->func_add= (Udf_func_add) dlsym(tmp->dlhandle, nm))))
return nm;
}
(void) my_stpcpy(end,"_deinit");
tmp->func_deinit= (Udf_func_deinit) dlsym(tmp->dlhandle, nm);
(void) my_stpcpy(end,"_init");
tmp->func_init= (Udf_func_init) dlsym(tmp->dlhandle, nm);
/*
to prefent loading "udf" from, e.g. libc.so
let's ensure that at least one auxiliary symbol is defined
*/
if (!tmp->func_init && !tmp->func_deinit && tmp->type != UDFTYPE_AGGREGATE)
{
if (!opt_allow_suspicious_udfs)
return nm;
sql_print_warning(ER(ER_CANT_FIND_DL_ENTRY), nm);
}
return 0;
}
extern "C" uchar* get_hash_key(const uchar *buff, size_t *length,
my_bool not_used MY_ATTRIBUTE((unused)))
{
udf_func *udf=(udf_func*) buff;
*length=(uint) udf->name.length;
return (uchar*) udf->name.str;
}
static PSI_memory_key key_memory_udf_mem;
#ifdef HAVE_PSI_INTERFACE
static PSI_rwlock_key key_rwlock_THR_LOCK_udf;
static PSI_rwlock_info all_udf_rwlocks[]=
{
{ &key_rwlock_THR_LOCK_udf, "THR_LOCK_udf", PSI_FLAG_GLOBAL}
};
static PSI_memory_info all_udf_memory[]=
{
{ &key_memory_udf_mem, "udf_mem", PSI_FLAG_GLOBAL}
};
static void init_udf_psi_keys(void)
{
const char* category= "sql";
int count;
count= array_elements(all_udf_rwlocks);
mysql_rwlock_register(category, all_udf_rwlocks, count);
count= array_elements(all_udf_memory);
mysql_memory_register(category, all_udf_memory, count);
}
#endif
/*
Read all predeclared functions from mysql.func and accept all that
can be used.
*/
void udf_init()
{
udf_func *tmp;
TABLE_LIST tables;
READ_RECORD read_record_info;
TABLE *table;
int error;
DBUG_ENTER("ufd_init");
char db[]= "mysql"; /* A subject to casednstr, can't be constant */
if (initialized)
DBUG_VOID_RETURN;
#ifdef HAVE_PSI_INTERFACE
init_udf_psi_keys();
#endif
mysql_rwlock_init(key_rwlock_THR_LOCK_udf, &THR_LOCK_udf);
init_sql_alloc(key_memory_udf_mem, &mem, UDF_ALLOC_BLOCK_SIZE, 0);
THD *new_thd = new THD;
if (!new_thd ||
my_hash_init(&udf_hash,system_charset_info,32,0,0,get_hash_key, NULL, 0,
key_memory_udf_mem))
{
sql_print_error("Can't allocate memory for udf structures");
my_hash_free(&udf_hash);
free_root(&mem,MYF(0));
delete new_thd;
DBUG_VOID_RETURN;
}
initialized = 1;
new_thd->thread_stack= (char*) &new_thd;
new_thd->store_globals();
{
LEX_CSTRING db_lex_cstr= { STRING_WITH_LEN(db) };
new_thd->set_db(db_lex_cstr);
}
tables.init_one_table(db, sizeof(db)-1, "func", 4, "func", TL_READ);
if (open_and_lock_tables(new_thd, &tables, MYSQL_LOCK_IGNORE_TIMEOUT))
{
DBUG_PRINT("error",("Can't open udf table"));
sql_print_error("Can't open the mysql.func table. Please "
"run mysql_upgrade to create it.");
goto end;
}
table= tables.table;
if (init_read_record(&read_record_info, new_thd, table, NULL, 1, 1, FALSE))
goto end;
table->use_all_columns();
while (!(error= read_record_info.read_record(&read_record_info)))
{
DBUG_PRINT("info",("init udf record"));
LEX_STRING name;
name.str=get_field(&mem, table->field[0]);
// Check the name.str is NULL or not.
if (name.str == NULL)
{
sql_print_error("Invalid row in mysql.func table for column 'name'");
continue;
}
name.length = strlen(name.str);
char *dl_name= get_field(&mem, table->field[2]);
if (dl_name == NULL)
{
sql_print_error("Invalid row in mysql.func table for function '%.64s'",
name.str);
continue;
}
bool new_dl=0;
Item_udftype udftype=UDFTYPE_FUNCTION;
if (table->s->fields >= 4) // New func table
udftype=(Item_udftype) table->field[3]->val_int();
/*
Ensure that the .dll doesn't have a path
This is done to ensure that only approved dll from the system
directories are used (to make this even remotely secure).
On windows we must check both FN_LIBCHAR and '/'.
*/
LEX_CSTRING name_cstr= {name.str, name.length};
if (check_valid_path(dl_name, strlen(dl_name)) ||
check_string_char_length(name_cstr, "", NAME_CHAR_LEN,
system_charset_info, 1))
{
sql_print_error("Invalid row in mysql.func table for function '%.64s'",
name.str);
continue;
}
if (!(tmp= add_udf(&name,(Item_result) table->field[1]->val_int(),
dl_name, udftype)))
{
sql_print_error("Can't alloc memory for udf function: '%.64s'", name.str);
continue;
}
void *dl = find_udf_dl(tmp->dl);
if (dl == NULL)
{
char dlpath[FN_REFLEN];
strxnmov(dlpath, sizeof(dlpath) - 1, opt_plugin_dir, "/", tmp->dl,
NullS);
(void) unpack_filename(dlpath, dlpath);
if (!(dl= dlopen(dlpath, RTLD_NOW)))
{
const char *errmsg;
int error_number= dlopen_errno;
DLERROR_GENERATE(errmsg, error_number);
/* Print warning to log */
sql_print_error(ER(ER_CANT_OPEN_LIBRARY), tmp->dl, error_number, errmsg);
/* Keep the udf in the hash so that we can remove it later */
continue;
}
new_dl=1;
}
tmp->dlhandle = dl;
{
char buf[NAME_LEN+16], *missing;
if ((missing= init_syms(tmp, buf)))
{
sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), missing);
del_udf(tmp);
if (new_dl)
dlclose(dl);
}
}
}
if (error > 0)
sql_print_error("Got unknown error: %d", my_errno());
end_read_record(&read_record_info);
table->m_needs_reopen= TRUE; // Force close to free memory
end:
close_mysql_tables(new_thd);
delete new_thd;
DBUG_VOID_RETURN;
}
void udf_free()
{
/* close all shared libraries */
DBUG_ENTER("udf_free");
for (uint idx=0 ; idx < udf_hash.records ; idx++)
{
udf_func *udf=(udf_func*) my_hash_element(&udf_hash,idx);
if (udf->dlhandle) // Not closed before
{
/* Mark all versions using the same handler as closed */
for (uint j=idx+1 ; j < udf_hash.records ; j++)
{
udf_func *tmp=(udf_func*) my_hash_element(&udf_hash,j);
if (udf->dlhandle == tmp->dlhandle)
tmp->dlhandle=0; // Already closed
}
dlclose(udf->dlhandle);
}
}
my_hash_free(&udf_hash);
free_root(&mem,MYF(0));
if (initialized)
{
initialized= 0;
mysql_rwlock_destroy(&THR_LOCK_udf);
}
DBUG_VOID_RETURN;
}
static void del_udf(udf_func *udf)
{
DBUG_ENTER("del_udf");
if (!--udf->usage_count)
{
my_hash_delete(&udf_hash,(uchar*) udf);
using_udf_functions=udf_hash.records != 0;
}
else
{
/*
The functions is in use ; Rename the functions instead of removing it.
The functions will be automaticly removed when the least threads
doesn't use it anymore
*/
char *name= udf->name.str;
size_t name_length=udf->name.length;
udf->name.str=(char*) "*";
udf->name.length=1;
my_hash_update(&udf_hash,(uchar*) udf,(uchar*) name,name_length);
}
DBUG_VOID_RETURN;
}
void free_udf(udf_func *udf)
{
DBUG_ENTER("free_udf");
if (!initialized)
DBUG_VOID_RETURN;
mysql_rwlock_wrlock(&THR_LOCK_udf);
if (!--udf->usage_count)
{
/*
We come here when someone has deleted the udf function
while another thread still was using the udf
*/
my_hash_delete(&udf_hash,(uchar*) udf);
using_udf_functions=udf_hash.records != 0;
if (!find_udf_dl(udf->dl))
dlclose(udf->dlhandle);
}
mysql_rwlock_unlock(&THR_LOCK_udf);
DBUG_VOID_RETURN;
}
/* This is only called if using_udf_functions != 0 */
udf_func *find_udf(const char *name, size_t length,bool mark_used)
{
udf_func *udf=0;
DBUG_ENTER("find_udf");
if (!initialized)
DBUG_RETURN(NULL);
/* TODO: This should be changed to reader locks someday! */
if (mark_used)
mysql_rwlock_wrlock(&THR_LOCK_udf); /* Called during fix_fields */
else
mysql_rwlock_rdlock(&THR_LOCK_udf); /* Called during parsing */
if ((udf=(udf_func*) my_hash_search(&udf_hash,(uchar*) name,
length ? length : strlen(name))))
{
if (!udf->dlhandle)
udf=0; // Could not be opened
else if (mark_used)
udf->usage_count++;
}
mysql_rwlock_unlock(&THR_LOCK_udf);
DBUG_RETURN(udf);
}
static void *find_udf_dl(const char *dl)
{
DBUG_ENTER("find_udf_dl");
/*
Because only the function name is hashed, we have to search trough
all rows to find the dl.
*/
for (uint idx=0 ; idx < udf_hash.records ; idx++)
{
udf_func *udf=(udf_func*) my_hash_element(&udf_hash,idx);
if (!strcmp(dl, udf->dl) && udf->dlhandle != NULL)
DBUG_RETURN(udf->dlhandle);
}
DBUG_RETURN(0);
}
/* Assume that name && dl is already allocated */
static udf_func *add_udf(LEX_STRING *name, Item_result ret, char *dl,
Item_udftype type)
{
if (!name || !dl || !(uint) type || (uint) type > (uint) UDFTYPE_AGGREGATE)
return 0;
udf_func *tmp= (udf_func*) alloc_root(&mem, sizeof(udf_func));
if (!tmp)
return 0;
memset(tmp, 0, sizeof(*tmp));
tmp->name = *name; //dup !!
tmp->dl = dl;
tmp->returns = ret;
tmp->type = type;
tmp->usage_count=1;
if (my_hash_insert(&udf_hash,(uchar*) tmp))
return 0;
using_udf_functions=1;
return tmp;
}
/**
Create a user defined function.
@note Like implementations of other DDL/DML in MySQL, this function
relies on the caller to close the thread tables. This is done in the
end of dispatch_command().
*/
int mysql_create_function(THD *thd,udf_func *udf)
{
int error;
void *dl=0;
bool new_dl=0;
TABLE *table;
TABLE_LIST tables;
udf_func *u_d;
bool save_binlog_row_based;
DBUG_ENTER("mysql_create_function");
if (!initialized)
{
if (opt_noacl)
my_error(ER_CANT_INITIALIZE_UDF, MYF(0),
udf->name.str,
"UDFs are unavailable with the --skip-grant-tables option");
else
my_message(ER_OUT_OF_RESOURCES, ER(ER_OUT_OF_RESOURCES), MYF(0));
DBUG_RETURN(1);
}
/*
Ensure that the .dll doesn't have a path
This is done to ensure that only approved dll from the system
directories are used (to make this even remotely secure).
*/
if (check_valid_path(udf->dl, strlen(udf->dl)))
{
my_message(ER_UDF_NO_PATHS, ER(ER_UDF_NO_PATHS), MYF(0));
DBUG_RETURN(1);
}
LEX_CSTRING udf_name_cstr= {udf->name.str, udf->name.length};
if (check_string_char_length(udf_name_cstr, "", NAME_CHAR_LEN,
system_charset_info, 1))
{
my_error(ER_TOO_LONG_IDENT, MYF(0), udf->name.str);
DBUG_RETURN(1);
}
tables.init_one_table("mysql", 5, "func", 4, "func", TL_WRITE);
if (!(table= open_ltable(thd, &tables, TL_WRITE, MYSQL_LOCK_IGNORE_TIMEOUT)))
DBUG_RETURN(1);
/*
Turn off row binlogging of this statement and use statement-based
so that all supporting tables are updated for CREATE FUNCTION command.
*/
if ((save_binlog_row_based= thd->is_current_stmt_binlog_format_row()))
thd->clear_current_stmt_binlog_format_row();
mysql_rwlock_wrlock(&THR_LOCK_udf);
if ((my_hash_search(&udf_hash,(uchar*) udf->name.str, udf->name.length)))
{
my_error(ER_UDF_EXISTS, MYF(0), udf->name.str);
goto err;
}
if (!(dl = find_udf_dl(udf->dl)))
{
char dlpath[FN_REFLEN];
strxnmov(dlpath, sizeof(dlpath) - 1, opt_plugin_dir, "/", udf->dl, NullS);
(void) unpack_filename(dlpath, dlpath);
if (!(dl = dlopen(dlpath, RTLD_NOW)))
{
const char *errmsg;
int error_number= dlopen_errno;
DLERROR_GENERATE(errmsg, error_number);
DBUG_PRINT("error",("dlopen of %s failed, error: %d (%s)",
udf->dl, error_number, errmsg));
my_error(ER_CANT_OPEN_LIBRARY, MYF(0),
udf->dl, error_number, errmsg);
goto err;
}
new_dl=1;
}
udf->dlhandle=dl;
{
char buf[NAME_LEN+16], *missing;
if ((missing= init_syms(udf, buf)))
{
my_error(ER_CANT_FIND_DL_ENTRY, MYF(0), missing);
goto err;
}
}
udf->name.str=strdup_root(&mem,udf->name.str);
udf->dl=strdup_root(&mem,udf->dl);
if (!(u_d=add_udf(&udf->name,udf->returns,udf->dl,udf->type)))
goto err;
u_d->dlhandle = dl;
u_d->func=udf->func;
u_d->func_init=udf->func_init;
u_d->func_deinit=udf->func_deinit;
u_d->func_clear=udf->func_clear;
u_d->func_add=udf->func_add;
/* create entry in mysql.func table */
table->use_all_columns();
restore_record(table, s->default_values); // Default values for fields
table->field[0]->store(u_d->name.str, u_d->name.length, system_charset_info);
table->field[1]->store((longlong) u_d->returns, TRUE);
table->field[2]->store(u_d->dl, strlen(u_d->dl), system_charset_info);
if (table->s->fields >= 4) // If not old func format
table->field[3]->store((longlong) u_d->type, TRUE);
error = table->file->ha_write_row(table->record[0]);
if (error)
{
char errbuf[MYSYS_STRERROR_SIZE];
my_error(ER_ERROR_ON_WRITE, MYF(0), "mysql.func", error,
my_strerror(errbuf, sizeof(errbuf), error));
del_udf(u_d);
goto err;
}
mysql_rwlock_unlock(&THR_LOCK_udf);
/* Binlog the create function. */
if (write_bin_log(thd, true, thd->query().str, thd->query().length))
{
/* Restore the state of binlog format */
assert(!thd->is_current_stmt_binlog_format_row());
if (save_binlog_row_based)
thd->set_current_stmt_binlog_format_row();
DBUG_RETURN(1);
}
/* Restore the state of binlog format */
assert(!thd->is_current_stmt_binlog_format_row());
if (save_binlog_row_based)
thd->set_current_stmt_binlog_format_row();
DBUG_RETURN(0);
err:
if (new_dl)
dlclose(dl);
mysql_rwlock_unlock(&THR_LOCK_udf);
/* Restore the state of binlog format */
assert(!thd->is_current_stmt_binlog_format_row());
if (save_binlog_row_based)
thd->set_current_stmt_binlog_format_row();
DBUG_RETURN(1);
}
int mysql_drop_function(THD *thd,const LEX_STRING *udf_name)
{
TABLE *table;
TABLE_LIST tables;
udf_func *udf;
char *exact_name_str;
size_t exact_name_len;
bool save_binlog_row_based;
int error= 1;
DBUG_ENTER("mysql_drop_function");
if (!initialized)
{
if (opt_noacl)
my_error(ER_FUNCTION_NOT_DEFINED, MYF(0), udf_name->str);
else
my_message(ER_OUT_OF_RESOURCES, ER(ER_OUT_OF_RESOURCES), MYF(0));
DBUG_RETURN(1);
}
tables.init_one_table("mysql", 5, "func", 4, "func", TL_WRITE);
if (!(table= open_ltable(thd, &tables, TL_WRITE, MYSQL_LOCK_IGNORE_TIMEOUT)))
DBUG_RETURN(1);
/*
Turn off row binlogging of this statement and use statement-based
so that all supporting tables are updated for DROP FUNCTION command.
*/
if ((save_binlog_row_based= thd->is_current_stmt_binlog_format_row()))
thd->clear_current_stmt_binlog_format_row();
mysql_rwlock_wrlock(&THR_LOCK_udf);
if (!(udf=(udf_func*) my_hash_search(&udf_hash,(uchar*) udf_name->str,
(uint) udf_name->length)))
{
my_error(ER_FUNCTION_NOT_DEFINED, MYF(0), udf_name->str);
mysql_rwlock_unlock(&THR_LOCK_udf);
goto exit;
}
exact_name_str= udf->name.str;
exact_name_len= udf->name.length;
del_udf(udf);
/*
Close the handle if this was function that was found during boot or
CREATE FUNCTION and it's not in use by any other udf function
*/
if (udf->dlhandle && !find_udf_dl(udf->dl))
dlclose(udf->dlhandle);
mysql_rwlock_unlock(&THR_LOCK_udf);
table->use_all_columns();
table->field[0]->store(exact_name_str, exact_name_len, &my_charset_bin);
if (!table->file->ha_index_read_idx_map(table->record[0], 0,
table->field[0]->ptr,
HA_WHOLE_KEY,
HA_READ_KEY_EXACT))
{
int delete_err;
if ((delete_err = table->file->ha_delete_row(table->record[0])))
table->file->print_error(delete_err, MYF(0));
}
/*
Binlog the drop function. Keep the table open and locked
while binlogging, to avoid binlog inconsistency.
*/
if (!write_bin_log(thd, true, thd->query().str, thd->query().length))
error= 0;
exit:
/* Restore the state of binlog format */
assert(!thd->is_current_stmt_binlog_format_row());
if (save_binlog_row_based)
thd->set_current_stmt_binlog_format_row();
DBUG_RETURN(error);
}
#endif /* HAVE_DLOPEN */