Commit 469e85e3 authored by cmiller@zippy.cornsilk.net's avatar cmiller@zippy.cornsilk.net

Merge zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.0-maint

into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-maint
parents ddbbc7fd c7431de4
......@@ -659,6 +659,30 @@ delete from mysql.db where user='mysqltest1';
delete from mysql.tables_priv where user='mysqltest1';
flush privileges;
drop database mysqltest;
GRANT CREATE ON mysqltest.* TO 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
GRANT CREATE ON mysqltest.* TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
REVOKE CREATE ON mysqltest.* FROM 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
REVOKE CREATE ON mysqltest.* FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
GRANT CREATE ON t1 TO 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
GRANT CREATE ON t1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
REVOKE CREATE ON t1 FROM 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
REVOKE CREATE ON t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
GRANT EXECUTE ON PROCEDURE p1 TO 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
GRANT EXECUTE ON PROCEDURE p1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
use test;
create table t1 (a int);
create table t2 as select * from mysql.user where user='';
......
......@@ -5055,6 +5055,19 @@ concat('data was: /', var1, '/')
data was: /1/
drop table t3|
drop procedure bug15217|
DROP PROCEDURE IF EXISTS bug16899_p1|
DROP FUNCTION IF EXISTS bug16899_f1|
CREATE DEFINER=1234567890abcdefGHIKL@localhost PROCEDURE bug16899_p1()
BEGIN
SET @a = 1;
END|
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
CREATE DEFINER=some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY
FUNCTION bug16899_f1() RETURNS INT
BEGIN
RETURN 1;
END|
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
DROP PROCEDURE IF EXISTS bug21013 |
CREATE PROCEDURE bug21013(IN lim INT)
BEGIN
......
......@@ -2735,6 +2735,17 @@ m e
4 a
1 b
DROP VIEW v1;
DROP TABLE IF EXISTS t1;
DROP VIEW IF EXISTS v1;
DROP VIEW IF EXISTS v2;
CREATE TABLE t1(a INT, b INT);
CREATE DEFINER=1234567890abcdefGHIKL@localhost
VIEW v1 AS SELECT a FROM t1;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
CREATE DEFINER=some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY
VIEW v2 AS SELECT b FROM t1;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
DROP TABLE t1;
DROP TABLE t1,t2;
CREATE TABLE t1 (a INT NOT NULL, b INT NULL DEFAULT NULL);
CREATE VIEW v1 AS SELECT a, b FROM t1;
......
......@@ -683,6 +683,55 @@ drop table t2;
drop table t1;
#
# Test for BUG#16899: Possible buffer overflow in handling of DEFINER-clause.
#
# These checks are intended to ensure that appropriate errors are risen when
# illegal user name or hostname is specified in user-clause of GRANT/REVOKE
# statements.
#
# Working with database-level privileges.
--error ER_WRONG_STRING_LENGTH
GRANT CREATE ON mysqltest.* TO 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
GRANT CREATE ON mysqltest.* TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
--error ER_WRONG_STRING_LENGTH
REVOKE CREATE ON mysqltest.* FROM 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
REVOKE CREATE ON mysqltest.* FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
# Working with table-level privileges.
--error ER_WRONG_STRING_LENGTH
GRANT CREATE ON t1 TO 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
GRANT CREATE ON t1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
--error ER_WRONG_STRING_LENGTH
REVOKE CREATE ON t1 FROM 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
REVOKE CREATE ON t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
# Working with routine-level privileges.
--error ER_WRONG_STRING_LENGTH
GRANT EXECUTE ON PROCEDURE p1 TO 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
GRANT EXECUTE ON PROCEDURE p1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
--error ER_WRONG_STRING_LENGTH
REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
#
# Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non
......
......@@ -6262,6 +6262,32 @@ SELECT * FROM t11|
DROP TABLE t11, t12|
DROP FUNCTION bug19862|
#
# Test for BUG#16899: Possible buffer overflow in handling of DEFINER-clause.
#
# Prepare.
--disable_warnings
DROP PROCEDURE IF EXISTS bug16899_p1|
DROP FUNCTION IF EXISTS bug16899_f1|
--enable_warnings
--error ER_WRONG_STRING_LENGTH
CREATE DEFINER=1234567890abcdefGHIKL@localhost PROCEDURE bug16899_p1()
BEGIN
SET @a = 1;
END|
--error ER_WRONG_STRING_LENGTH
CREATE DEFINER=some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY
FUNCTION bug16899_f1() RETURNS INT
BEGIN
RETURN 1;
END|
# Test for BUG#16899: Possible buffer overflow in handling of DEFINER-clause.
#
# Prepare.
......
......@@ -2600,6 +2600,33 @@ CREATE TABLE t2 SELECT * FROM v1;
SELECT * FROM t2;
DROP VIEW v1;
#
# Test for BUG#16899: Possible buffer overflow in handling of DEFINER-clause.
#
# Prepare.
--disable_warnings
DROP TABLE IF EXISTS t1;
DROP VIEW IF EXISTS v1;
DROP VIEW IF EXISTS v2;
--enable_warnings
CREATE TABLE t1(a INT, b INT);
--error ER_WRONG_STRING_LENGTH
CREATE DEFINER=1234567890abcdefGHIKL@localhost
VIEW v1 AS SELECT a FROM t1;
--error ER_WRONG_STRING_LENGTH
CREATE DEFINER=some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY
VIEW v2 AS SELECT b FROM t1;
# Cleanup.
DROP TABLE t1;
DROP TABLE t1,t2;
#
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment