Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

infoschema: check hidden sysvars for SEM #37587

Merged
merged 3 commits into from Sep 4, 2022
Merged

infoschema: check hidden sysvars for SEM #37587

merged 3 commits into from Sep 4, 2022

Conversation

CbcWestwolf
Copy link
Member

What problem does this PR solve?

Issue Number: close #37586

Problem Summary:

Two views may leak variables information in SEM

What is changed and how it works?

When fetching the data, check the privilege.

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
  • No code

Side effects

  • Performance regression: Consumes more CPU
  • Performance regression: Consumes more Memory
  • Breaking backward compatibility

Documentation

  • Affects user behaviors
  • Contains syntax changes
  • Contains variable changes
  • Contains experimental features
  • Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

Fix a bug about variables information leak.

@ti-chi-bot
Copy link
Member

ti-chi-bot commented Sep 3, 2022
edited

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • Defined2014
  • morgo

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@ti-chi-bot ti-chi-bot added release-note do-not-merge/needs-triage-completed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Sep 3, 2022
@CbcWestwolf
Copy link
Member Author

CbcWestwolf commented Sep 3, 2022
edited

/cc morgo Defined2014

@ti-chi-bot
Copy link
Member

@CbcWestwolf: GitHub didn't allow me to request PR reviews from the following users: morgon.

Note that only pingcap members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

/cc morgon Defined2014

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@CbcWestwolf
Copy link
Member Author

/cc morgo

@ti-chi-bot ti-chi-bot added the status/LGT1 Indicates that a PR has LGTM 1. label Sep 3, 2022
@ti-chi-bot ti-chi-bot added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels Sep 4, 2022
Defined2014
Defined2014 reviewed Sep 4, 2022
View reviewed changes
infoschema/tables.go
@@ -1853,12 +1855,26 @@ func GetTiFlashStoreCount(ctx sessionctx.Context) (cnt uint64, err error) {
return cnt, nil
}

func SysVarHiddenForSem(ctx sessionctx.Context, sysVarNameInLower string) bool {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a comment for fmt lint tool

@Defined2014
Copy link
Contributor

/merge

@ti-chi-bot
Copy link
Member

This pull request has been accepted and is ready to merge.

Commit hash: 03807ce

@ti-chi-bot ti-chi-bot added the status/can-merge Indicates a PR has been approved by a committer. label Sep 4, 2022
@ti-chi-bot ti-chi-bot merged commit 331707c into pingcap:master Sep 4, 2022
@sre-bot
Copy link
Contributor

sre-bot commented Sep 4, 2022

TiDB MergeCI notify

CI Name Result Duration Compare with Parent commit
idc-jenkins-ci/integration-cdc-test 🟢 all 37 tests passed 28 min Existing passed
idc-jenkins-ci-tidb/tics-test 🟢 all 1 tests passed 17 min Existing passed
idc-jenkins-ci-tidb/integration-common-test 🟢 all 17 tests passed 16 min Existing passed
idc-jenkins-ci-tidb/common-test 🟢 all 11 tests passed 13 min Existing passed
idc-jenkins-ci-tidb/integration-ddl-test 🟢 all 6 tests passed 5 min 37 sec Existing passed
idc-jenkins-ci-tidb/sqllogic-test-2 🟢 all 28 tests passed 5 min 9 sec Existing passed
idc-jenkins-ci-tidb/sqllogic-test-1 🟢 all 26 tests passed 4 min 19 sec Existing passed
idc-jenkins-ci-tidb/mybatis-test 🟢 all 1 tests passed 3 min 41 sec Existing passed
idc-jenkins-ci-tidb/integration-compatibility-test 🟢 all 1 tests passed 2 min 59 sec Existing passed
idc-jenkins-ci-tidb/plugin-test 🟢 build success, plugin test success 4min Existing passed

@CbcWestwolf CbcWestwolf deleted the repair_sem branch September 4, 2022 06:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Defined2014 Defined2014 Defined2014 approved these changes

@morgo morgo morgo approved these changes

Assignees
No one assigned
Labels
release-note size/M Denotes a PR that changes 30-99 lines, ignoring generated files. status/can-merge Indicates a PR has been approved by a committer. status/LGT2 Indicates that a PR has LGTM 2.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Variables info leak in SEM
5 participants
@CbcWestwolf @ti-chi-bot @Defined2014 @sre-bot @morgo