[tarantool-patches] Re: [PATCH v1 1/1] sql: check that received iterator is not NULL

["n.pettik" <korablev@tarantool.org>]

> On 15 Dec 2018, at 15:22, imeevma@tarantool.org wrote:
> 
> If the user does not have permission to read from the “_collation”
> space, the “PRAGMA collation_list” command causes a segmentation
> fault. Added new check.

I’ve rephrased your commit message:

If the user does not have permission to read from the “_collation”
space, the “PRAGMA collation_list” command causes a segmentation
fault. This happens due to the fact that box_index_iterator() may fail
and return NULL. Lets add check on this and if iterator is NULL, return
with an error.

Btw, have you checked this case with other pragmas?

> 
> Closes #3857
> ---
> https://github.com/tarantool/tarantool/issues/3857
> https://github.com/tarantool/tarantool/tree/imeevma/gh-3857-add-check-for-received-iterator
> 
> src/box/sql/pragma.c        |  5 +++++
> test/sql/collation.result   | 18 ++++++++++++++++++
> test/sql/collation.test.lua |  8 ++++++++
> 3 files changed, 31 insertions(+)
> 
> diff --git a/src/box/sql/pragma.c b/src/box/sql/pragma.c
> index 5c35017..2b0d812 100644
> --- a/src/box/sql/pragma.c
> +++ b/src/box/sql/pragma.c
> @@ -521,6 +521,11 @@ sqlite3Pragma(Parse * pParse, Token * pId,	/* First part of [schema.]id field */
> 		box_tuple_t *tuple;
> 		box_iterator_t* iter;
> 		iter = box_index_iterator(space->def->id, 0,ITER_ALL, key_buf, key_end);
> +		if (iter == NULL) {
> +			pParse->rc = SQL_TARANTOOL_ERROR;
> +			pParse->nErr++;
> +			goto pragma_out;
> +		}
> 		int rc = box_iterator_next(iter, &tuple);
> 		(void) rc;
> 		assert(rc == 0);
> diff --git a/test/sql/collation.result b/test/sql/collation.result
> index f98e9cb..148a1a1 100644
> --- a/test/sql/collation.result
> +++ b/test/sql/collation.result
> @@ -243,3 +243,21 @@ box.sql.execute("DROP TABLE t;")
> box.schema.user.revoke('guest', 'read,write,execute', 'universe')
> ---
> ...
> +-- gh-3857 "PRAGMA collation_list" invokes segmentation fault.
> +box.schema.user.create('tmp')
> +---
> +...
> +box.session.su('tmp')
> +---
> +...
> +-- Error: read access to space is denied.
> +box.sql.execute("pragma collation_list")
> +---
> +- error: Read access to space '_collation' is denied for user 'tmp'
> +...
> +box.session.su('admin')
> +---
> +...
> +box.schema.user.drop('tmp')
> +---
> +...
> diff --git a/test/sql/collation.test.lua b/test/sql/collation.test.lua
> index c4c31fc..ade3a69 100644
> --- a/test/sql/collation.test.lua
> +++ b/test/sql/collation.test.lua
> @@ -94,3 +94,11 @@ box.sql.execute("SELECT b COLLATE \"unicode\" FROM t UNION SELECT a FROM t;")
> 
> box.sql.execute("DROP TABLE t;")
> box.schema.user.revoke('guest', 'read,write,execute', 'universe')
> +
> +-- gh-3857 "PRAGMA collation_list" invokes segmentation fault.

…without enough permission granted to user.

The rest is OK.