Commit 01e2bac2 authored by Jon Olav Hauglid's avatar Jon Olav Hauglid

Merge from mysql-5.0-security to mysql-5.1-security

Text conflict in sql/sp_head.cc
parents 8e176015 50dff881
...@@ -567,3 +567,33 @@ DROP USER 'tester'; ...@@ -567,3 +567,33 @@ DROP USER 'tester';
DROP USER 'Tester'; DROP USER 'Tester';
DROP DATABASE B48872; DROP DATABASE B48872;
End of 5.0 tests. End of 5.0 tests.
#
# Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
# DEFINITION OF ANY ROUTINE.
#
DROP DATABASE IF EXISTS db1;
CREATE DATABASE db1;
CREATE PROCEDURE db1.p1() SELECT 1;
CREATE USER user2@localhost IDENTIFIED BY '';
GRANT SELECT(db) ON mysql.proc TO user2@localhost;
# Connection con2 as user2
# The below statements before disclosed info from body_utf8 column.
SHOW CREATE PROCEDURE db1.p1;
ERROR 42000: PROCEDURE p1 does not exist
SHOW PROCEDURE CODE db1.p1;
ERROR 42000: PROCEDURE p1 does not exist
# Check that SHOW works with SELECT grant on whole table
# Connection default
GRANT SELECT ON mysql.proc TO user2@localhost;
# Connection con2
# This should work
SHOW CREATE PROCEDURE db1.p1;
Procedure sql_mode Create Procedure character_set_client collation_connection Database Collation
p1 CREATE DEFINER=`root`@`localhost` PROCEDURE `p1`()
SELECT 1 latin1 latin1_swedish_ci latin1_swedish_ci
SHOW PROCEDURE CODE db1.p1;
Pos Instruction
0 stmt 0 "SELECT 1"
# Connection default
DROP USER user2@localhost;
DROP DATABASE db1;
...@@ -926,6 +926,46 @@ DROP DATABASE B48872; ...@@ -926,6 +926,46 @@ DROP DATABASE B48872;
--echo End of 5.0 tests. --echo End of 5.0 tests.
--echo #
--echo # Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
--echo # DEFINITION OF ANY ROUTINE.
--echo #
--disable_warnings
DROP DATABASE IF EXISTS db1;
--enable_warnings
CREATE DATABASE db1;
CREATE PROCEDURE db1.p1() SELECT 1;
CREATE USER user2@localhost IDENTIFIED BY '';
GRANT SELECT(db) ON mysql.proc TO user2@localhost;
--echo # Connection con2 as user2
connect (con2, localhost, user2);
--echo # The below statements before disclosed info from body_utf8 column.
--error ER_SP_DOES_NOT_EXIST
SHOW CREATE PROCEDURE db1.p1;
--error ER_SP_DOES_NOT_EXIST
SHOW PROCEDURE CODE db1.p1;
--echo # Check that SHOW works with SELECT grant on whole table
--echo # Connection default
connection default;
GRANT SELECT ON mysql.proc TO user2@localhost;
--echo # Connection con2
connection con2;
--echo # This should work
SHOW CREATE PROCEDURE db1.p1;
SHOW PROCEDURE CODE db1.p1;
--echo # Connection default
connection default;
disconnect con2;
DROP USER user2@localhost;
DROP DATABASE db1;
# Wait till all disconnects are completed # Wait till all disconnects are completed
--source include/wait_until_count_sessions.inc --source include/wait_until_count_sessions.inc
...@@ -2386,7 +2386,8 @@ bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access) ...@@ -2386,7 +2386,8 @@ bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
bzero((char*) &tables,sizeof(tables)); bzero((char*) &tables,sizeof(tables));
tables.db= (char*) "mysql"; tables.db= (char*) "mysql";
tables.table_name= tables.alias= (char*) "proc"; tables.table_name= tables.alias= (char*) "proc";
*full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1, TRUE) || *full_access= ((!check_table_access(thd, SELECT_ACL, &tables, 1, TRUE) &&
(tables.grant.privilege & SELECT_ACL) != 0) ||
(!strcmp(sp->m_definer_user.str, (!strcmp(sp->m_definer_user.str,
thd->security_ctx->priv_user) && thd->security_ctx->priv_user) &&
!strcmp(sp->m_definer_host.str, !strcmp(sp->m_definer_host.str,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment