Bug #24801 CallableStatement.prepareCall null pointer exception due to user authority issue
Submitted: 4 Dec 2006 17:02 Modified: 16 Jan 2007 7:12
Reporter: Steve Page Email Updates:
Status: Not a Bug Impact on me:
None 
Category:Connector / J Severity:S2 (Serious)
Version:5.0 OS:Windows (Win XP)
Assigned to: CPU Architecture:Any

[4 Dec 2006 17:02] Steve Page 
Description:
CallableStatement.prepareCall fails with a null pointer exception during parameter set up when a user with only Execute authority is used. Using "root" works fine. Using PreparedStatement.prepareStatement works fine. Happens with all stored procedures, even ones without parameters. Apparently, this is an authority issue.

How to repeat:
Create a trivial stored procedure as root. Create a small Java that uses CallableStatement.prepeareCall. Using root as the user for the connection, everything is fine. Create a user with only Execute authority to the database. A null pointer execption occurs. User PreparedStatement.prepareStatement, and both users will work.

Suggested fix:
I'm guessing that CallableStatement.prepareCall is running into authority issues retrieving information about the prepared statement.
[7 Dec 2006 13:04] Tonci Grgin 
Hi Steve and thanks for your problem report. Can you please try with newer version or nightly snapshot and inform me of result.

Explanation:
07-26-06 - Version 5.0.3
    - Added configuration option "noAccessToProcedureBodies" which will
      cause the driver to create basic parameter metadata for
      CallableStatements when the user does not have access to procedure
      bodies via "SHOW CREATE PROCEDURE" or selecting from mysql.proc
      instead of throwing an exception. The default value for this option
      is "false".
[8 Dec 2006 17:44] Steve Page 
I'm using the 5.0.4 version. I don't know where to find the development versions.
[11 Dec 2006 6:33] Tonci Grgin 
Hi Steve, you can find it on http://downloads.mysql.com/snapshots.php . Please inform me if the new version fixes the problem.

Thanks for your interest in MySQL.
[12 Jan 2007 0:00] Bugs System 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[16 Jan 2007 7:12] Tonci Grgin 
I think it's time for me to close this report.

Explanation: "noAccessToProcedureBodies" option looks for the '?'s in the statement, and returns the metadata as VARCHAR INOUT, so it doesn't "talk" to the server at all thus authority issue should not be a problem any more.