|
Problem IT02131
|
Status: Closed |
AN SQL QUERY WITH ROW ACCESS CONTROL AND NOT SECURED FUNCTIONS CAN RETURN SQL0901N |
| product: |
DB2 FOR LUW / DB2FORLUW / A10 - DB2 |
| Problem description: |
An SQL0901N error can occur when a scalar fullselect:
- references one or more tables with row access control enabled
- references one or more NOT SECURED functions in the WHERE
clause
The scalar fullselect in the following VALUES statement meets
all of the above requirements and will report an SQL0901N error.
CREATE TABLE T1 (NAME VARCHAR(128), SALARY INT, BONUS INT)
ORGANIZE BY ROW;
ALTER TABLE T1 ACTIVATE ROW ACCESS CONTROL;
CREATE PERMISSION T1_PERM ON T1 FOR ROWS WHERE
NAME = SESSION_USER ENFORCED FOR ALL ACCESS ENABLE;
CREATE FUNCTION F1(P1 INT) NOT SECURED RETURNS INT
BEGIN ATOMIC
RETURN P1 * 0.1;--
END;
VALUES (SELECT NAME FROM T1 WHERE BONUS > F1(SALARY));
SQL0901N The SQL statement or command failed because of a
database system
error. (Reason "Can not enforced Maxcard > 1".) SQLSTATE=58004
Here is the relevant portion of the call stack.
0x00002AAAC025623C
_Z12sqlzeSqlCodeP8sqeAgentjmjP5sqlcaitP13__va_list_tag + 0x0604
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB913DEA5 _Z10sqlnn_erdsiiiiiz + 0x0405
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8DD8655
_Z21sqlng_process_pipe_opP9sqlng_blkP19sqlno_plan_operator +
0x0767
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8CA16F5
_Z19sqlngProcessLolepopP9sqlng_blkP19sqlno_plan_operator +
0x0369
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8E03B23
_Z23sqlng_process_filter_opP9sqlng_blkP19sqlno_plan_operator +
0x0483
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8CA16F5
_Z19sqlngProcessLolepopP9sqlng_blkP19sqlno_plan_operator +
0x0369
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8DDA812
_Z21sqlng_process_mate_opP9sqlng_blkP19sqlno_plan_operator +
0x12cc
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8CA16F5
_Z19sqlngProcessLolepopP9sqlng_blkP19sqlno_plan_operator +
0x0369
(/home/ealton/sqllib/lib64/libdb2e.so.1)
0x00002AAAB8DD8BE7
_Z21sqlng_process_pipe_opP9sqlng_blkP19sqlno_plan_operator +
0x0cf9
(/home/ealton/sqllib/lib64/libdb2e.so.1) |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* All versions of DB2 for LUW 10.1 and later *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to DB2 for LU2 version 10.5.4 *
**************************************************************** |
| Local Fix: |
If determined to be safe, the NOT SECURED functions referenced
in the query should be altered to SECURED. The alter may only
be performed by a user with SECADM or CREATE_SECURE_OBJECT
authority. |
| available fix packs: |
DB2 Cancun Release 10.5.0.4 (also known as Fix Pack 4) for Linux, UNIX, and Windows
DB2 Version 10.5 Fix Pack 9 for Linux, UNIX, and Windows
|
| Solution |
The problem is fixed in DB2 for LUW version 10.5.4. Users will
no longer encounter an error when running SQL statements that
match the conditions described in the Error Description. |
| Workaround |
not known / see Local fix |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 30.05.2014
08.09.2014
08.09.2014 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
| 10.5.0.4
|
 |
