-
Evgeny Potemkin authored
The check_table_access function initializes per-table grant info and performs access rights check. It wasn't called for SHOW STATUS statement thus left grants info uninitialized. In some cases this led to server crash. In other cases it allowed a user to check for presence/absence of arbitrary values in any tables. Now the check_table_access function is called prior to the statement processing. mysql-test/r/status.result: Added a test case for the bug#37908. mysql-test/t/status.test: Added a test case for the bug#37908. sql/sql_parse.cc: Bug#37908: Skipped access right check caused server crash. Now the check_table_access function is called when the SHOW STATUS statement uses any table except information.STATUS. sql/sql_yacc.yy: Bug#37908: Skipped access right check caused server crash. For the SHOW PROCEDURE/FUNCTION STATUS the 'mysql.proc' table isn't added to the table list anymore as there is no need.1588c116
