Fixed BUG#14834: Server denies to execute Stored Procedure

  The problem was that databases with '_' in the name did not match a
  correct ACL with a literal '_' (i.e. '\_') in the db name, only identical
  strings matched. The fix makes this work, and also ACLs with wildcards in
  the db name work.


mysql-test/r/sp-security.result:
  New test case for BUG#14834
mysql-test/t/sp-security.test:
  New test case for BUG#14834
sql/sql_acl.cc:
  Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security
  context switching when invoking stored routines)

mysql-test/r/sp-security.result

@@ -263,3 +263,24 @@ CREATE VIEW v1 AS SELECT test.bug12812()|
 ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812'
 DROP USER user_bug12812@localhost|
 drop function bug12812|
+create database db_bug14834;
+create user user1_bug14834@localhost identified by '';
+grant all on `db\_bug14834`.* to user1_bug14834@localhost;
+create user user2_bug14834@localhost identified by '';
+grant all on `db\_bug14834`.* to user2_bug14834@localhost;
+create user user3_bug14834@localhost identified by '';
+grant all on `db__ug14834`.* to user3_bug14834@localhost;
+create procedure p_bug14834() select user(), current_user();
+call p_bug14834();
+user()	current_user()
+user1_bug14834@localhost	user1_bug14834@localhost
+call p_bug14834();
+user()	current_user()
+user2_bug14834@localhost	user1_bug14834@localhost
+call p_bug14834();
+user()	current_user()
+user3_bug14834@localhost	user1_bug14834@localhost
+drop user user1_bug14834@localhost;
+drop user user2_bug14834@localhost;
+drop user user3_bug14834@localhost;
+drop database db_bug14834;

mysql-test/t/sp-security.test

@@ -437,4 +437,48 @@ disconnect test_user_12812|
 DROP USER user_bug12812@localhost|
 drop function bug12812|
 delimiter ;|
+
+
+#
+# BUG#14834: Server denies to execute Stored Procedure
+#
+# The problem here was with '_' in the database name.
+#
+create database db_bug14834;
+
+create user user1_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user1_bug14834@localhost;
+
+create user user2_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user2_bug14834@localhost;
+
+create user user3_bug14834@localhost identified by '';
+# Wildcards in the database name
+grant all on `db__ug14834`.* to user3_bug14834@localhost;
+
+connect (user1_bug14834,localhost,user1_bug14834,,db_bug14834);
+# Create the procedure and check that we can call it
+create procedure p_bug14834() select user(), current_user();
+call p_bug14834();
+
+connect (user2_bug14834,localhost,user2_bug14834,,db_bug14834);
+# This didn't work before
+call p_bug14834();
+
+connect (user3_bug14834,localhost,user3_bug14834,,db_bug14834);
+# Should also work
+call p_bug14834();
+
+# Cleanup
+connection default;
+disconnect user1_bug14834;
+disconnect user2_bug14834;
+disconnect user3_bug14834;
+drop user user1_bug14834@localhost;
+drop user user2_bug14834@localhost;
+drop user user3_bug14834@localhost;
+drop database db_bug14834;
+
 # End of 5.0 bugs.

sql/sql_acl.cc

@@ -987,7 +987,7 @@ bool acl_getroot_no_password(Security_context *sctx, char *user, char *host,
       {
 	if (compare_hostname(&acl_db->host, host, ip))
 	{
-	  if (!acl_db->db || (db && !strcmp(acl_db->db, db)))
+	  if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0)))
 	  {
 	    sctx->db_access= acl_db->access;
 	    break;