In mysql, is "explain ..." always safe?
Posted
by
tye
on Stack Overflow
See other posts from Stack Overflow
or by tye
Published on 2011-01-09T08:43:13Z
Indexed on
2011/01/09
8:54 UTC
Read the original article
Hit count: 224
If I allow a group of users to submit "explain $whatever" to mysql (via Perl's DBI using DBD::mysql), is there anything that a user could put into $whatever that would make any database changes, leak non-trivial information, or even cause significant database load? If so, how?
I know that via "explain $whatever" one can figure out what tables / columns exist (you have to guess names, though) and roughly how many records are in a table or how many records have a particular value for an indexed field. I don't expect one to be able to get any information about the contents of unindexed fields.
DBD::mysql should not allow multiple statements so I don't expect it to be possible to run any query (just explain one query). Even subqueries should not be executed, just explained.
But I'm not a mysql expert and there are surely features of mysql that I'm not even aware of.
In trying to come up with a query plan, might the optimizer actual execute an expression in order to come up with the value that an indexed field is going to be compared against?
explain select * from atable where class = somefunction(...)
where atable.class is indexed and not unique and class='unused' would find no records but class='common' would find a million records. Might 'explain' evaluate somefunction(...)? And then could somefunction(...) be written such that it modifies data?
© Stack Overflow or respective owner