Fix for BUG#13198: SP executes if definer does not exist.

Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.

Fix for BUG#13198: SP executes if definer does not exist.
Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
3dd927cf · unknown · 9a1fed13 · 3dd927cf · 3dd927cf · 3dd927cf
Commit 3dd927cf authored Mar 02, 2006 by unknown
Showing with 139 additions and 15 deletions

mysql-test/r/sp-security.result mysql-test/r/sp-security.result +44 -0

mysql-test/t/sp-security.test mysql-test/t/sp-security.test +95 -0

sql/sp_head.cc sql/sp_head.cc +0 -15

No files found.
--- a/mysql-test/r/sp-security.result
+++ b/mysql-test/r/sp-security.result
@@ -375,3 +375,47 @@ RETURN 3
 DROP USER mysqltest_1@localhost;
 DROP USER mysqltest_2@localhost;
 DROP DATABASE mysqltest;
+
+---> connection: root
+DROP DATABASE IF EXISTS mysqltest;
+CREATE DATABASE mysqltest;
+CREATE USER mysqltest_1@localhost;
+GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
+CREATE USER mysqltest_2@localhost;
+GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
+
+---> connection: mysqltest_1_con
+use mysqltest;
+CREATE PROCEDURE bug13198_p1()
+SELECT 1;
+CREATE FUNCTION bug13198_f1() RETURNS INT
+RETURN 1;
+CALL bug13198_p1();
+1
+1
+SELECT bug13198_f1();
+bug13198_f1()
+1
+
+---> connection: mysqltest_2_con
+use mysqltest;
+CALL bug13198_p1();
+1
+1
+SELECT bug13198_f1();
+bug13198_f1()
+1
+
+---> connection: root
+DROP USER mysqltest_1@localhost;
+
+---> connection: mysqltest_2_con
+use mysqltest;
+CALL bug13198_p1();
+ERROR HY000: There is no 'mysqltest_1'@'localhost' registered
+SELECT bug13198_f1();
+ERROR HY000: There is no 'mysqltest_1'@'localhost' registered
+
+---> connection: root
+DROP USER mysqltest_2@localhost;
+DROP DATABASE mysqltest;
--- a/mysql-test/t/sp-security.test
+++ b/mysql-test/t/sp-security.test
@@ -647,5 +647,100 @@ DROP USER mysqltest_2@localhost;

 DROP DATABASE mysqltest;

+--disconnect mysqltest_1_con
+--disconnect mysqltest_2_con
+
+
+#
+# BUG#13198: SP executes if definer does not exist
+#
+
+# Prepare environment.
+
+--echo
+--echo ---> connection: root
+--connection con1root
+
+--disable_warnings
+DROP DATABASE IF EXISTS mysqltest;
+--enable_warnings
+
+CREATE DATABASE mysqltest;
+
+CREATE USER mysqltest_1@localhost;
+GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
+
+CREATE USER mysqltest_2@localhost;
+GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
+
+--connect (mysqltest_1_con,localhost,mysqltest_1,,mysqltest)
+--connect (mysqltest_2_con,localhost,mysqltest_2,,mysqltest)
+
+# Create a procedure/function under u1.
+
+--echo
+--echo ---> connection: mysqltest_1_con
+--connection mysqltest_1_con
+
+use mysqltest;
+
+CREATE PROCEDURE bug13198_p1()
+  SELECT 1;
+
+CREATE FUNCTION bug13198_f1() RETURNS INT
+  RETURN 1;
+
+CALL bug13198_p1();
+
+SELECT bug13198_f1();
+
+# Check that u2 can call the procedure/function.
+
+--echo
+--echo ---> connection: mysqltest_2_con
+--connection mysqltest_2_con
+
+use mysqltest;
+
+CALL bug13198_p1();
+
+SELECT bug13198_f1();
+
+# Drop user u1 (definer of the object);
+
+--echo
+--echo ---> connection: root
+--connection con1root
+
+--disconnect mysqltest_1_con
+
+DROP USER mysqltest_1@localhost;
+
+# Check that u2 can not call the procedure/function.
+
+--echo
+--echo ---> connection: mysqltest_2_con
+--connection mysqltest_2_con
+
+use mysqltest;
+
+--error ER_NO_SUCH_USER
+CALL bug13198_p1();
+
+--error ER_NO_SUCH_USER
+SELECT bug13198_f1();
+
+# Cleanup.
+
+--echo
+--echo ---> connection: root
+--connection con1root
+
+--disconnect mysqltest_2_con
+
+DROP USER mysqltest_2@localhost;
+
+DROP DATABASE mysqltest;
+

 # End of 5.0 bugs.
--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -3171,24 +3171,9 @@ sp_change_security_context(THD *thd, sp_head *sp, Security_context **backup)
                                sp->m_definer_host.str,
                                sp->m_db.str))
    {
-#ifdef NOT_YET_REPLICATION_SAFE
-      /*
-        Until we don't properly replicate information about stored routine
-        definer with stored routine creation statement all stored routines
-        on slave are created under ''@'' definer. Therefore we won't be able
-        to run any routine which was replicated from master on slave server
-        if we emit error here. This will cause big problems for users
-        who use slave for fail-over. So until we fully implement WL#2897
-        "Complete definer support in the stored routines" we run suid
-        stored routines for which we were unable to find definer under
-        invoker security context.
-      */
      my_error(ER_NO_SUCH_USER, MYF(0), sp->m_definer_user.str,
               sp->m_definer_host.str);
      return TRUE;
-#else
-      return FALSE;
-#endif
    }
    *backup= thd->security_ctx;
    thd->security_ctx= &sp->m_security_ctx;