Commit 2cb6163b authored by unknown's avatar unknown

BUG#13310 incorrect user parsing by SP

 - Strip surrounding ''s from username when a new user connects. There
   is no user 'a@', it should be a@


mysql-test/r/grant2.result:
  Update test result
mysql-test/t/grant2.test:
  Add tests for bug 13310
sql/sql_parse.cc:
  Strip surrounding ''s from username when a new user connects. There 
  is no user 'a@', it should be a@
parent 173de37e
......@@ -356,3 +356,16 @@ insert into mysql.user select * from t1;
drop table t1, t2;
drop database TESTDB;
flush privileges;
grant all privileges on test.* to `a@`@localhost;
grant execute on * to `a@`@localhost;
create table t2 (s1 int);
insert into t2 values (1);
drop function if exists f2;
create function f2 () returns int begin declare v int; select s1 from t2
into v; return v; end//
select f2();
f2()
1
drop function f2;
drop table t2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM `a@`@localhost;
......@@ -465,3 +465,28 @@ drop table t1, t2;
drop database TESTDB;
flush privileges;
#
# BUG#13310 incorrect user parsing by SP
#
grant all privileges on test.* to `a@`@localhost;
grant execute on * to `a@`@localhost;
connect (bug13310,localhost,'a@',,test);
connection bug13310;
create table t2 (s1 int);
insert into t2 values (1);
--disable_warnings
drop function if exists f2;
--enable_warnings
delimiter //;
create function f2 () returns int begin declare v int; select s1 from t2
into v; return v; end//
delimiter ;//
select f2();
drop function f2;
drop table t2;
disconnect bug13310;
connection default;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM `a@`@localhost;
......@@ -993,6 +993,7 @@ static int check_connection(THD *thd)
char *user= end;
char *passwd= strend(user)+1;
uint user_len= passwd - user - 1;
char *db= passwd;
char db_buff[NAME_LEN+1]; // buffer to store db in utf8
char user_buff[USERNAME_LENGTH+1]; // buffer to store user in utf8
......@@ -1018,11 +1019,19 @@ static int check_connection(THD *thd)
db= db_buff;
}
user_buff[copy_and_convert(user_buff, sizeof(user_buff)-1,
system_charset_info, user, strlen(user),
thd->charset(), &dummy_errors)]= '\0';
user_buff[user_len= copy_and_convert(user_buff, sizeof(user_buff)-1,
system_charset_info, user, user_len,
thd->charset(), &dummy_errors)]= '\0';
user= user_buff;
/* If username starts and ends in "'", chop them off */
if (user_len > 1 && user[0] == '\'' && user[user_len - 1] == '\'')
{
user[user_len-1]= 0;
user++;
user_len-= 2;
}
if (thd->main_security_ctx.user)
x_free(thd->main_security_ctx.user);
if (!(thd->main_security_ctx.user= my_strdup(user, MYF(0))))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment