Commit 86dccd92 authored by unknown's avatar unknown

Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-5.0-opt

into  moonbone.local:/mnt/gentoo64/work/27878-bug-5.0-opt-mysql

parents 36190568 04efdb15
...@@ -1105,4 +1105,23 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table ' ...@@ -1105,4 +1105,23 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table '
DROP DATABASE mysqltest1; DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2; DROP DATABASE mysqltest2;
DROP USER mysqltest_1@localhost; DROP USER mysqltest_1@localhost;
use test;
CREATE TABLE t1 (f1 int, f2 int);
INSERT INTO t1 VALUES(1,1), (2,2);
CREATE DATABASE db27878;
GRANT UPDATE(f1) ON t1 TO 'mysqltest_1'@'localhost';
GRANT SELECT ON `test`.* TO 'mysqltest_1'@'localhost';
GRANT ALL ON db27878.* TO 'mysqltest_1'@'localhost';
use db27878;
CREATE SQL SECURITY INVOKER VIEW db27878.v1 AS SELECT * FROM test.t1;
use db27878;
UPDATE v1 SET f2 = 4;
ERROR HY000: View 'db27878.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
SELECT * FROM test.t1;
f1 f2
1 1
2 2
DROP VIEW v1;
use test;
DROP TABLE t1;
End of 5.0 tests End of 5.0 tests
...@@ -413,6 +413,7 @@ connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK); ...@@ -413,6 +413,7 @@ connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK);
connection user1; connection user1;
-- error 1142 -- error 1142
alter table t1 rename t2; alter table t1 rename t2;
disconnect user1;
connection root; connection root;
revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
delete from mysql.user where user=_binary'mysqltest_1'; delete from mysql.user where user=_binary'mysqltest_1';
...@@ -1122,5 +1123,29 @@ DROP DATABASE mysqltest2; ...@@ -1122,5 +1123,29 @@ DROP DATABASE mysqltest2;
DROP USER mysqltest_1@localhost; DROP USER mysqltest_1@localhost;
#
# Bug#27878: Unchecked privileges on a view referring to a table from another
# database.
#
use test;
CREATE TABLE t1 (f1 int, f2 int);
INSERT INTO t1 VALUES(1,1), (2,2);
CREATE DATABASE db27878;
GRANT UPDATE(f1) ON t1 TO 'mysqltest_1'@'localhost';
GRANT SELECT ON `test`.* TO 'mysqltest_1'@'localhost';
GRANT ALL ON db27878.* TO 'mysqltest_1'@'localhost';
use db27878;
CREATE SQL SECURITY INVOKER VIEW db27878.v1 AS SELECT * FROM test.t1;
connect (user1,localhost,mysqltest_1,,test);
connection user1;
use db27878;
--error 1356
UPDATE v1 SET f2 = 4;
SELECT * FROM test.t1;
disconnect user1;
connection default;
DROP VIEW v1;
use test;
DROP TABLE t1;
--echo End of 5.0 tests --echo End of 5.0 tests
...@@ -1164,8 +1164,9 @@ static int mysql_test_update(Prepared_statement *stmt, ...@@ -1164,8 +1164,9 @@ static int mysql_test_update(Prepared_statement *stmt,
goto error; goto error;
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
/* TABLE_LIST contain right privilages request */ /* Force privilege re-checking for views after they have been opened. */
want_privilege= table_list->grant.want_privilege; want_privilege= (table_list->view ? UPDATE_ACL :
table_list->grant.want_privilege);
#endif #endif
if (mysql_prepare_update(thd, table_list, &select->where, if (mysql_prepare_update(thd, table_list, &select->where,
......
...@@ -173,8 +173,9 @@ int mysql_update(THD *thd, ...@@ -173,8 +173,9 @@ int mysql_update(THD *thd,
table->quick_keys.clear_all(); table->quick_keys.clear_all();
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
/* TABLE_LIST contain right privilages request */ /* Force privilege re-checking for views after they have been opened. */
want_privilege= table_list->grant.want_privilege; want_privilege= (table_list->view ? UPDATE_ACL :
table_list->grant.want_privilege);
#endif #endif
if (mysql_prepare_update(thd, table_list, &conds, order_num, order)) if (mysql_prepare_update(thd, table_list, &conds, order_num, order))
DBUG_RETURN(1); DBUG_RETURN(1);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment