Commit 94cd0f6c authored by Alexey Botchkov's avatar Alexey Botchkov

MDEV-9898 SET ROLE NONE can crash mysqld.

        The check_user_can_set_role() used find_user_exact() to get the
        permissions for the SET ROLE NONE command. Which returned NULL too often,
        for instance when user authenticated as 'user'@'%'.
        Now we use find_user_wild() instead.
parent ad4239cc
......@@ -45,3 +45,12 @@ delete from mysql.user where user='test_role1';
delete from mysql.roles_mapping where Role='test_role1';
flush privileges;
drop user 'test_user'@'localhost';
create user user1;
select current_user;
current_user
user1@%
show grants;
Grants for user1@%
GRANT USAGE ON *.* TO 'user1'@'%'
set role none;
drop user user1;
......@@ -37,3 +37,18 @@ delete from mysql.user where user='test_role1';
delete from mysql.roles_mapping where Role='test_role1';
flush privileges;
drop user 'test_user'@'localhost';
#
# MDEV-9898 SET ROLE NONE can crash mysqld.
#
create user user1;
--connect (con1,localhost,user1,,)
select current_user;
show grants;
set role none;
connection default;
drop user user1;
......@@ -2037,7 +2037,7 @@ static int check_user_can_set_role(const char *user, const char *host,
{
/* have to clear the privileges */
/* get the current user */
acl_user= find_user_exact(host, user);
acl_user= find_user_wild(host, user, ip);
if (acl_user == NULL)
{
my_error(ER_INVALID_CURRENT_USER, MYF(0), rolename);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment