Commit 3ad0cac4 authored by kroki@mysql.com's avatar kroki@mysql.com

Reapply fix for bug#16372 (Server crashes when test 'conc_sys' is running)

after merge.

Concurrent read and update of privilege structures (like simultaneous
run of SHOW GRANTS and ADD USER) could result in server crash.

Ensure that proper locking of ACL structures is done.

No test case is provided because this bug can't be reproduced
deterministically.
parent 0acef25d
This diff is collapsed.
...@@ -196,7 +196,6 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list, ...@@ -196,7 +196,6 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list,
bool mysql_routine_grant(THD *thd, TABLE_LIST *table, bool is_proc, bool mysql_routine_grant(THD *thd, TABLE_LIST *table, bool is_proc,
List <LEX_USER> &user_list, ulong rights, List <LEX_USER> &user_list, ulong rights,
bool revoke, bool no_error); bool revoke, bool no_error);
ACL_USER *check_acl_user(LEX_USER *user_name, uint *acl_acl_userdx);
my_bool grant_init(); my_bool grant_init();
void grant_free(void); void grant_free(void);
my_bool grant_reload(THD *thd); my_bool grant_reload(THD *thd);
......
...@@ -3835,7 +3835,6 @@ mysql_execute_command(THD *thd) ...@@ -3835,7 +3835,6 @@ mysql_execute_command(THD *thd)
if (thd->security_ctx->user) // If not replication if (thd->security_ctx->user) // If not replication
{ {
LEX_USER *user; LEX_USER *user;
uint counter;
List_iterator <LEX_USER> user_list(lex->users_list); List_iterator <LEX_USER> user_list(lex->users_list);
while ((user= user_list++)) while ((user= user_list++))
...@@ -3853,7 +3852,8 @@ mysql_execute_command(THD *thd) ...@@ -3853,7 +3852,8 @@ mysql_execute_command(THD *thd)
user->host.str, thd->security_ctx->host_or_ip)) user->host.str, thd->security_ctx->host_or_ip))
{ {
// TODO: use check_change_password() // TODO: use check_change_password()
if (check_acl_user(user, &counter) && user->password.str && if (is_acl_user(user->host.str, user->user.str) &&
user->password.str &&
check_access(thd, UPDATE_ACL,"mysql",0,1,1,0)) check_access(thd, UPDATE_ACL,"mysql",0,1,1,0))
{ {
my_message(ER_PASSWORD_NOT_ALLOWED, my_message(ER_PASSWORD_NOT_ALLOWED,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment