Commit 5fad7671 authored by unknown's avatar unknown

Bug#16470 crash on grant if old grant tables

Loading 4.1 into 5.0 or 5.1 failed silently because procs_priv table missing.
This caused the server to crash on any attempt to store new grants because
of uninitialized structures.

This patch breaks up the grant loading function into two phases to allow
for procs_priv table to fail with an warning instead of crashing the server.


mysql-test/r/grant.result:
  Test case
mysql-test/t/grant.test:
  Test case making sure that FLUSH PRIVILEGES doesn't crash the server if
  procs_priv is removed.
sql/sql_acl.cc:
  - Refactored grant_reload into two phases: 1. open and lock tables_priv and 
    columns_priv tables, read the data, close tables. 2. open and lock
    procs_priv, read data, close table. Since the tables are independant of
    each other there will be no race conditions and it will be possible to
    handle situations where the procs_priv table isn't present.
  - Refactored the helper function grant_load into new grant_load (without
    procs_priv table) and grant_load_procs_priv.
sql/sql_parse.cc:
  - Changed comment style to doxygen style.
parent 0deedab4
...@@ -1223,3 +1223,22 @@ drop user юзер_юзер@localhost; ...@@ -1223,3 +1223,22 @@ drop user юзер_юзер@localhost;
grant select on test.* to очень_длинный_юзер@localhost; grant select on test.* to очень_длинный_юзер@localhost;
ERROR HY000: String 'очень_длинный_юзер' is too long for user name (should be no longer than 16) ERROR HY000: String 'очень_длинный_юзер' is too long for user name (should be no longer than 16)
set names default; set names default;
FLUSH PRIVILEGES without procs_priv table.
RENAME TABLE mysql.procs_priv TO mysql.procs_gone;
FLUSH PRIVILEGES;
Warnings:
Error 1146 Table 'mysql.procs_priv' doesn't exist
Error 1547 Cannot load from mysql.mysql.procs_priv. The table is probably corrupted
Assigning privileges without procs_priv table.
CREATE DATABASE mysqltest1;
CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
SELECT 1;
GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
ERROR 42S02: Table 'mysql.procs_priv' doesn't exist
GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
CALL mysqltest1.test();
1
1
DROP DATABASE mysqltest1;
RENAME TABLE mysql.procs_gone TO mysql.procs_priv;
FLUSH PRIVILEGES;
...@@ -1274,3 +1274,23 @@ drop user юзер_юзер@localhost; ...@@ -1274,3 +1274,23 @@ drop user юзер_юзер@localhost;
--error ER_WRONG_STRING_LENGTH --error ER_WRONG_STRING_LENGTH
grant select on test.* to очень_длинный_юзер@localhost; grant select on test.* to очень_длинный_юзер@localhost;
set names default; set names default;
#
# Bug #16470 crash on grant if old grant tables
#
--echo FLUSH PRIVILEGES without procs_priv table.
RENAME TABLE mysql.procs_priv TO mysql.procs_gone;
FLUSH PRIVILEGES;
--echo Assigning privileges without procs_priv table.
CREATE DATABASE mysqltest1;
CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
SELECT 1;
--error ER_NO_SUCH_TABLE
GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
CALL mysqltest1.test();
DROP DATABASE mysqltest1;
RENAME TABLE mysql.procs_gone TO mysql.procs_priv;
FLUSH PRIVILEGES;
This diff is collapsed.
...@@ -6293,24 +6293,23 @@ void add_join_natural(TABLE_LIST *a, TABLE_LIST *b, List<String> *using_fields, ...@@ -6293,24 +6293,23 @@ void add_join_natural(TABLE_LIST *a, TABLE_LIST *b, List<String> *using_fields,
} }
/* /**
Reload/resets privileges and the different caches. @brief Reload/resets privileges and the different caches.
SYNOPSIS @param thd Thread handler (can be NULL!)
reload_acl_and_cache() @param options What should be reset/reloaded (tables, privileges, slave...)
thd Thread handler (can be NULL!) @param tables Tables to flush (if any)
options What should be reset/reloaded (tables, privileges, @param write_to_binlog True if we can write to the binlog.
slave...)
tables Tables to flush (if any) @note Depending on 'options', it may be very bad to write the
write_to_binlog Depending on 'options', it may be very bad to write the
query to the binlog (e.g. FLUSH SLAVE); this is a query to the binlog (e.g. FLUSH SLAVE); this is a
pointer where reload_acl_and_cache() will put 0 if pointer where reload_acl_and_cache() will put 0 if
it thinks we really should not write to the binlog. it thinks we really should not write to the binlog.
Otherwise it will put 1. Otherwise it will put 1.
RETURN @return Error status code
0 ok @retval 0 Ok
!=0 error. thd->killed or thd->net.report_error is set @retval !=0 Error; thd->killed or thd->net.report_error is set
*/ */
bool reload_acl_and_cache(THD *thd, ulong options, TABLE_LIST *tables, bool reload_acl_and_cache(THD *thd, ulong options, TABLE_LIST *tables,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment