~drizzle-trunk/drizzle/development

Viewing changes to plugin/auth_schema/tests/t/basic.test

Committer: Daniel
Date: 2011-10-08 19:47:11 UTC
mto: This revision was merged to the branch mainline in revision 2437.
Revision ID: daniel@ubuntu-10-20111008194711-dp47vra0qzjm2o8x

Escape user in SQL statement to avoid SQL injection. Verify auth table name. Include auth query in error message. Tweak formatting to match coding standards.

files modified:
plugin/auth_schema/auth_schema.cc

plugin/auth_schema/auth_schema.h

plugin/auth_schema/docs/index.rst

plugin/auth_schema/module.cc

plugin/auth_schema/tests/r/basic.result

plugin/auth_schema/tests/t/basic.test

Show diffs side-by-side

added added

removed removed

plugin/auth_schema/tests/t/basic.test

connect(conn3, localhost, test_user, test_pass,,);

SELECT 'auth re-enabled';

# Escape user name; avoid SQL injection.

--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT

--replace_regex /@'.*?'/@'LOCALHOST'/

--error ER_ACCESS_DENIED_ERROR

connect(conn4, localhost, "'; drop table auth.users; select '", test_pass,,);

SHOW TABLES FROM auth;

# Don't crash if we try to set the auth table to NULL.

--error ER_WRONG_ARGUMENTS

SET GLOBAL auth_schema_table=NULL;

SHOW VARIABLES LIKE 'auth_schema_table';

# And don't permit a blank string for the auth table.

--error ER_WRONG_ARGUMENTS

SET GLOBAL auth_schema_table='';

SHOW VARIABLES LIKE 'auth_schema_table';

DROP SCHEMA auth;

Older »