Commit 718128db authored by unknown's avatar unknown

Fixed BUG#14834: Server denies to execute Stored Procedure

  The problem was that databases with '_' in the name did not match a
  correct ACL with a literal '_' (i.e. '\_') in the db name, only identical
  strings matched. The fix makes this work, and also ACLs with wildcards in
  the db name work.


mysql-test/r/sp-security.result:
  New test case for BUG#14834
mysql-test/t/sp-security.test:
  New test case for BUG#14834
sql/sql_acl.cc:
  Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security
  context switching when invoking stored routines)
parent 4e971ef7
...@@ -263,3 +263,24 @@ CREATE VIEW v1 AS SELECT test.bug12812()| ...@@ -263,3 +263,24 @@ CREATE VIEW v1 AS SELECT test.bug12812()|
ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812' ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812'
DROP USER user_bug12812@localhost| DROP USER user_bug12812@localhost|
drop function bug12812| drop function bug12812|
create database db_bug14834;
create user user1_bug14834@localhost identified by '';
grant all on `db\_bug14834`.* to user1_bug14834@localhost;
create user user2_bug14834@localhost identified by '';
grant all on `db\_bug14834`.* to user2_bug14834@localhost;
create user user3_bug14834@localhost identified by '';
grant all on `db__ug14834`.* to user3_bug14834@localhost;
create procedure p_bug14834() select user(), current_user();
call p_bug14834();
user() current_user()
user1_bug14834@localhost user1_bug14834@localhost
call p_bug14834();
user() current_user()
user2_bug14834@localhost user1_bug14834@localhost
call p_bug14834();
user() current_user()
user3_bug14834@localhost user1_bug14834@localhost
drop user user1_bug14834@localhost;
drop user user2_bug14834@localhost;
drop user user3_bug14834@localhost;
drop database db_bug14834;
...@@ -437,4 +437,48 @@ disconnect test_user_12812| ...@@ -437,4 +437,48 @@ disconnect test_user_12812|
DROP USER user_bug12812@localhost| DROP USER user_bug12812@localhost|
drop function bug12812| drop function bug12812|
delimiter ;| delimiter ;|
#
# BUG#14834: Server denies to execute Stored Procedure
#
# The problem here was with '_' in the database name.
#
create database db_bug14834;
create user user1_bug14834@localhost identified by '';
# The exact name of the database (no wildcard)
grant all on `db\_bug14834`.* to user1_bug14834@localhost;
create user user2_bug14834@localhost identified by '';
# The exact name of the database (no wildcard)
grant all on `db\_bug14834`.* to user2_bug14834@localhost;
create user user3_bug14834@localhost identified by '';
# Wildcards in the database name
grant all on `db__ug14834`.* to user3_bug14834@localhost;
connect (user1_bug14834,localhost,user1_bug14834,,db_bug14834);
# Create the procedure and check that we can call it
create procedure p_bug14834() select user(), current_user();
call p_bug14834();
connect (user2_bug14834,localhost,user2_bug14834,,db_bug14834);
# This didn't work before
call p_bug14834();
connect (user3_bug14834,localhost,user3_bug14834,,db_bug14834);
# Should also work
call p_bug14834();
# Cleanup
connection default;
disconnect user1_bug14834;
disconnect user2_bug14834;
disconnect user3_bug14834;
drop user user1_bug14834@localhost;
drop user user2_bug14834@localhost;
drop user user3_bug14834@localhost;
drop database db_bug14834;
# End of 5.0 bugs. # End of 5.0 bugs.
...@@ -987,7 +987,7 @@ bool acl_getroot_no_password(Security_context *sctx, char *user, char *host, ...@@ -987,7 +987,7 @@ bool acl_getroot_no_password(Security_context *sctx, char *user, char *host,
{ {
if (compare_hostname(&acl_db->host, host, ip)) if (compare_hostname(&acl_db->host, host, ip))
{ {
if (!acl_db->db || (db && !strcmp(acl_db->db, db))) if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0)))
{ {
sctx->db_access= acl_db->access; sctx->db_access= acl_db->access;
break; break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment