List:Commits« Previous MessageNext Message »
From:Dmitry Lenev Date:April 22 2011 12:59pm
Subject:bzr commit into mysql-trunk branch (Dmitry.Lenev:3336) Bug#11759114
View as plain text  
#At file:///home/dlenev/src/bzr/mysql-trunk-11759114/ based on revid:sergey.glukhov@stripped

 3336 Dmitry Lenev	2011-04-22
      Fix for bug#11759114 - '51401: GRANT TREATS NONEXISTENT 
      FUNCTIONS/PRIVILEGES DIFFERENTLY'.
      
      The problem was that attempt to grant EXECUTE or ALTER 
      ROUTINE privilege on stored procedure which didn't exist 
      succeed instead of returning an appropriate error like 
      it happens in similar situation for stored functions or 
      tables.
      
      The code which handles granting of privileges on individual 
      routine calls sp_exist_routines() function to check if routine 
      exists and assumes that the 3rd parameter of the latter 
      specifies whether it should check for existence of stored 
      procedure or function. In practice, this parameter had 
      completely different meaning and, as result, this check was 
      not done properly for stored procedures.
      
      This fix addresses this problem by bringing sp_exist_routines()
      signature and code in line with expectation of its caller.
     @ mysql-test/r/grant.result
        Added test coverage for bug#11759114 - '51401: GRANT TREATS
        NONEXISTENT FUNCTIONS/PRIVILEGES DIFFERENTLY'.
     @ mysql-test/t/grant.test
        Added test coverage for bug#11759114 - '51401: GRANT TREATS
        NONEXISTENT FUNCTIONS/PRIVILEGES DIFFERENTLY'.
     @ sql/sp.cc
        Changed meaning of the 3rd parameter in sp_exist_routines()
        function. Now it specifies whether list of routine names
        which is passed to this function contains names of stored
        procedures or functions. This brings sp_exist_routines() in
        line with assumption made by the code which calls it.
     @ sql/sp.h
        Changed meaning of the 3rd parameter in sp_exist_routines()
        function. Now it specifies whether list of routine names
        which is passed to this function contains names of stored
        procedures or functions. This brings sp_exist_routines() in
        line with assumption made by the code which calls it.

    modified:
      mysql-test/r/grant.result
      mysql-test/t/grant.test
      sql/sp.cc
      sql/sp.h
=== modified file 'mysql-test/r/grant.result'
--- a/mysql-test/r/grant.result	2011-03-18 14:58:27 +0000
+++ b/mysql-test/r/grant.result	2011-04-22 12:59:10 +0000
@@ -1700,6 +1700,7 @@ Assigning privileges without procs_priv 
 CREATE DATABASE mysqltest1;
 CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
 SELECT 1;
+CREATE FUNCTION mysqltest1.test() RETURNS INT RETURN 1;
 GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
 ERROR 42S02: Table 'mysql.procs_priv' doesn't exist
 GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
@@ -2536,3 +2537,25 @@ DROP USER mysqltest_u1@localhost;
 
 # End of Bug#38347.
 
+#
+# BUG#11759114 - '51401: GRANT TREATS NONEXISTENT FUNCTIONS/PRIVILEGES
+#                 DIFFERENTLY'.
+#
+drop database if exists mysqltest_db1;
+create database mysqltest_db1;
+create user mysqltest_u1;
+# Both GRANT statements below should fail with the same error.
+grant execute on function mysqltest_db1.f1 to mysqltest_u1;
+ERROR 42000: FUNCTION or PROCEDURE f1 does not exist
+grant execute on procedure mysqltest_db1.p1 to mysqltest_u1;
+ERROR 42000: FUNCTION or PROCEDURE p1 does not exist
+# Let us show that GRANT behaviour for routines is consistent
+# with GRANT behaviour for tables. Attempt to grant privilege
+# on non-existent table also results in an error.
+grant select on mysqltest_db1.t1 to mysqltest_u1;
+ERROR 42S02: Table 'mysqltest_db1.t1' doesn't exist
+show grants for mysqltest_u1;
+Grants for mysqltest_u1@%
+GRANT USAGE ON *.* TO 'mysqltest_u1'@'%'
+drop database mysqltest_db1;
+drop user mysqltest_u1;

=== modified file 'mysql-test/t/grant.test'
--- a/mysql-test/t/grant.test	2011-03-17 11:33:17 +0000
+++ b/mysql-test/t/grant.test	2011-04-22 12:59:10 +0000
@@ -1676,6 +1676,7 @@ FLUSH PRIVILEGES;
 CREATE DATABASE mysqltest1;
 CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
   SELECT 1;
+CREATE FUNCTION mysqltest1.test() RETURNS INT RETURN 1;
 --error ER_NO_SUCH_TABLE
 GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
 GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
@@ -2187,3 +2188,27 @@ DROP USER mysqltest_u1@localhost;
 --echo
 --echo # End of Bug#38347.
 --echo
+
+
+--echo #
+--echo # BUG#11759114 - '51401: GRANT TREATS NONEXISTENT FUNCTIONS/PRIVILEGES
+--echo #                 DIFFERENTLY'.
+--echo #
+--disable_warnings
+drop database if exists mysqltest_db1;
+--enable_warnings
+create database mysqltest_db1;
+create user mysqltest_u1;
+--echo # Both GRANT statements below should fail with the same error.
+--error ER_SP_DOES_NOT_EXIST
+grant execute on function mysqltest_db1.f1 to mysqltest_u1;
+--error ER_SP_DOES_NOT_EXIST
+grant execute on procedure mysqltest_db1.p1 to mysqltest_u1;
+--echo # Let us show that GRANT behaviour for routines is consistent
+--echo # with GRANT behaviour for tables. Attempt to grant privilege
+--echo # on non-existent table also results in an error.
+--error ER_NO_SUCH_TABLE
+grant select on mysqltest_db1.t1 to mysqltest_u1;
+show grants for mysqltest_u1;
+drop database mysqltest_db1;
+drop user mysqltest_u1;

=== modified file 'sql/sp.cc'
--- a/sql/sp.cc	2011-03-09 20:54:55 +0000
+++ b/sql/sp.cc	2011-04-22 12:59:10 +0000
@@ -1696,7 +1696,8 @@ sp_find_routine(THD *thd, int type, sp_n
 
   @param thd Thread handler
   @param routines List of needles in the hay stack
-  @param any Any of the needles are good enough
+  @param is_proc  Indicates whether routines in the list are procedures
+                  or functions.
 
   @return
     @retval FALSE Found.
@@ -1704,7 +1705,7 @@ sp_find_routine(THD *thd, int type, sp_n
 */
 
 bool
-sp_exist_routines(THD *thd, TABLE_LIST *routines, bool any)
+sp_exist_routines(THD *thd, TABLE_LIST *routines, bool is_proc)
 {
   TABLE_LIST *routine;
   bool sp_object_found;
@@ -1720,17 +1721,14 @@ sp_exist_routines(THD *thd, TABLE_LIST *
     lex_name.str= thd->strmake(routine->table_name, lex_name.length);
     name= new sp_name(lex_db, lex_name, true);
     name->init_qname(thd);
-    sp_object_found= sp_find_routine(thd, TYPE_ENUM_PROCEDURE, name,
-                                     &thd->sp_proc_cache, FALSE) != NULL ||
-                     sp_find_routine(thd, TYPE_ENUM_FUNCTION, name,
-                                     &thd->sp_func_cache, FALSE) != NULL;
+    sp_object_found= is_proc ? sp_find_routine(thd, TYPE_ENUM_PROCEDURE,
+                                               name, &thd->sp_proc_cache,
+                                               FALSE) != NULL :
+                               sp_find_routine(thd, TYPE_ENUM_FUNCTION,
+                                               name, &thd->sp_func_cache,
+                                               FALSE) != NULL;
     thd->warning_info->clear_warning_info(thd->query_id);
-    if (sp_object_found)
-    {
-      if (any)
-        break;
-    }
-    else if (!any)
+    if (! sp_object_found)
     {
       my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION or PROCEDURE",
                routine->table_name);

=== modified file 'sql/sp.h'
--- a/sql/sp.h	2011-03-09 20:54:55 +0000
+++ b/sql/sp.h	2011-04-22 12:59:10 +0000
@@ -110,7 +110,7 @@ sp_cache_routine(THD *thd, int type, sp_
                  bool lookup_only, sp_head **sp);
 
 bool
-sp_exist_routines(THD *thd, TABLE_LIST *procs, bool any);
+sp_exist_routines(THD *thd, TABLE_LIST *procs, bool is_proc);
 
 bool
 sp_show_create_routine(THD *thd, int type, sp_name *name);


Attachment: [text/bzr-bundle] bzr/dmitry.lenev@oracle.com-20110422125910-i2165o2ktxegw3an.bundle
Thread
bzr commit into mysql-trunk branch (Dmitry.Lenev:3336) Bug#11759114Dmitry Lenev22 Apr