Commit 3ee7174f authored by unknown's avatar unknown

Fix for bug #676

A security leak with SHOW TABLES/ TABLE STATUS FROM db ...

parent fd693194
...@@ -2171,6 +2171,14 @@ mysql_execute_command(void) ...@@ -2171,6 +2171,14 @@ mysql_execute_command(void)
} }
if (check_access(thd,SELECT_ACL,db,&thd->col_access)) if (check_access(thd,SELECT_ACL,db,&thd->col_access))
goto error; /* purecov: inspected */ goto error; /* purecov: inspected */
if (!thd->col_access && grant_option && check_grant_db(thd,db))
{
net_printf(&thd->net,ER_DBACCESS_DENIED_ERROR,
thd->priv_user,
thd->priv_host,
db);
goto error;
}
/* grant is checked in mysqld_show_tables */ /* grant is checked in mysqld_show_tables */
if (select_lex->options & SELECT_DESCRIBE) if (select_lex->options & SELECT_DESCRIBE)
res= mysqld_extend_show_tables(thd,db, res= mysqld_extend_show_tables(thd,db,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment