3336 Dmitry Lenev 2011-04-22
Fix for bug#11759114 - '51401: GRANT TREATS NONEXISTENT
FUNCTIONS/PRIVILEGES DIFFERENTLY'.
The problem was that attempt to grant EXECUTE or ALTER
ROUTINE privilege on stored procedure which didn't exist
succeed instead of returning an appropriate error like
it happens in similar situation for stored functions or
tables.
The code which handles granting of privileges on individual
routine calls sp_exist_routines() function to check if routine
exists and assumes that the 3rd parameter of the latter
specifies whether it should check for existence of stored
procedure or function. In practice, this parameter had
completely different meaning and, as result, this check was
not done properly for stored procedures.
This fix addresses this problem by bringing sp_exist_routines()
signature and code in line with expectation of its caller.
@ mysql-test/r/grant.result
Added test coverage for bug#11759114 - '51401: GRANT TREATS
NONEXISTENT FUNCTIONS/PRIVILEGES DIFFERENTLY'.
@ mysql-test/t/grant.test
Added test coverage for bug#11759114 - '51401: GRANT TREATS
NONEXISTENT FUNCTIONS/PRIVILEGES DIFFERENTLY'.
@ sql/sp.cc
Changed meaning of the 3rd parameter in sp_exist_routines()
function. Now it specifies whether list of routine names
which is passed to this function contains names of stored
procedures or functions. This brings sp_exist_routines() in
line with assumption made by the code which calls it.
@ sql/sp.h
Changed meaning of the 3rd parameter in sp_exist_routines()
function. Now it specifies whether list of routine names
which is passed to this function contains names of stored
procedures or functions. This brings sp_exist_routines() in
line with assumption made by the code which calls it.
modified:
mysql-test/r/grant.result
mysql-test/t/grant.test
sql/sp.cc
sql/sp.h
3335 Sergey Glukhov 2011-04-22 [merge]
5.5 -> trunk merge
@ mysql-test/r/having.result
5.5 -> trunk merge
@ mysql-test/t/having.test
5.5 -> trunk merge
@ sql/sql_select.cc
5.5 -> trunk merge
modified:
mysql-test/r/having.result
mysql-test/t/having.test
sql/sql_select.cc
=== modified file 'mysql-test/r/grant.result'
--- a/mysql-test/r/grant.result 2011-03-18 14:58:27 +0000
+++ b/mysql-test/r/grant.result 2011-04-22 12:59:10 +0000
@@ -1700,6 +1700,7 @@ Assigning privileges without procs_priv
CREATE DATABASE mysqltest1;
CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
SELECT 1;
+CREATE FUNCTION mysqltest1.test() RETURNS INT RETURN 1;
GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
ERROR 42S02: Table 'mysql.procs_priv' doesn't exist
GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
@@ -2536,3 +2537,25 @@ DROP USER mysqltest_u1@localhost;
# End of Bug#38347.
+#
+# BUG#11759114 - '51401: GRANT TREATS NONEXISTENT FUNCTIONS/PRIVILEGES
+# DIFFERENTLY'.
+#
+drop database if exists mysqltest_db1;
+create database mysqltest_db1;
+create user mysqltest_u1;
+# Both GRANT statements below should fail with the same error.
+grant execute on function mysqltest_db1.f1 to mysqltest_u1;
+ERROR 42000: FUNCTION or PROCEDURE f1 does not exist
+grant execute on procedure mysqltest_db1.p1 to mysqltest_u1;
+ERROR 42000: FUNCTION or PROCEDURE p1 does not exist
+# Let us show that GRANT behaviour for routines is consistent
+# with GRANT behaviour for tables. Attempt to grant privilege
+# on non-existent table also results in an error.
+grant select on mysqltest_db1.t1 to mysqltest_u1;
+ERROR 42S02: Table 'mysqltest_db1.t1' doesn't exist
+show grants for mysqltest_u1;
+Grants for mysqltest_u1@%
+GRANT USAGE ON *.* TO 'mysqltest_u1'@'%'
+drop database mysqltest_db1;
+drop user mysqltest_u1;
=== modified file 'mysql-test/t/grant.test'
--- a/mysql-test/t/grant.test 2011-03-17 11:33:17 +0000
+++ b/mysql-test/t/grant.test 2011-04-22 12:59:10 +0000
@@ -1676,6 +1676,7 @@ FLUSH PRIVILEGES;
CREATE DATABASE mysqltest1;
CREATE PROCEDURE mysqltest1.test() SQL SECURITY DEFINER
SELECT 1;
+CREATE FUNCTION mysqltest1.test() RETURNS INT RETURN 1;
--error ER_NO_SUCH_TABLE
GRANT EXECUTE ON FUNCTION mysqltest1.test TO mysqltest_1@localhost;
GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
@@ -2187,3 +2188,27 @@ DROP USER mysqltest_u1@localhost;
--echo
--echo # End of Bug#38347.
--echo
+
+
+--echo #
+--echo # BUG#11759114 - '51401: GRANT TREATS NONEXISTENT FUNCTIONS/PRIVILEGES
+--echo # DIFFERENTLY'.
+--echo #
+--disable_warnings
+drop database if exists mysqltest_db1;
+--enable_warnings
+create database mysqltest_db1;
+create user mysqltest_u1;
+--echo # Both GRANT statements below should fail with the same error.
+--error ER_SP_DOES_NOT_EXIST
+grant execute on function mysqltest_db1.f1 to mysqltest_u1;
+--error ER_SP_DOES_NOT_EXIST
+grant execute on procedure mysqltest_db1.p1 to mysqltest_u1;
+--echo # Let us show that GRANT behaviour for routines is consistent
+--echo # with GRANT behaviour for tables. Attempt to grant privilege
+--echo # on non-existent table also results in an error.
+--error ER_NO_SUCH_TABLE
+grant select on mysqltest_db1.t1 to mysqltest_u1;
+show grants for mysqltest_u1;
+drop database mysqltest_db1;
+drop user mysqltest_u1;
=== modified file 'sql/sp.cc'
--- a/sql/sp.cc 2011-03-09 20:54:55 +0000
+++ b/sql/sp.cc 2011-04-22 12:59:10 +0000
@@ -1696,7 +1696,8 @@ sp_find_routine(THD *thd, int type, sp_n
@param thd Thread handler
@param routines List of needles in the hay stack
- @param any Any of the needles are good enough
+ @param is_proc Indicates whether routines in the list are procedures
+ or functions.
@return
@retval FALSE Found.
@@ -1704,7 +1705,7 @@ sp_find_routine(THD *thd, int type, sp_n
*/
bool
-sp_exist_routines(THD *thd, TABLE_LIST *routines, bool any)
+sp_exist_routines(THD *thd, TABLE_LIST *routines, bool is_proc)
{
TABLE_LIST *routine;
bool sp_object_found;
@@ -1720,17 +1721,14 @@ sp_exist_routines(THD *thd, TABLE_LIST *
lex_name.str= thd->strmake(routine->table_name, lex_name.length);
name= new sp_name(lex_db, lex_name, true);
name->init_qname(thd);
- sp_object_found= sp_find_routine(thd, TYPE_ENUM_PROCEDURE, name,
- &thd->sp_proc_cache, FALSE) != NULL ||
- sp_find_routine(thd, TYPE_ENUM_FUNCTION, name,
- &thd->sp_func_cache, FALSE) != NULL;
+ sp_object_found= is_proc ? sp_find_routine(thd, TYPE_ENUM_PROCEDURE,
+ name, &thd->sp_proc_cache,
+ FALSE) != NULL :
+ sp_find_routine(thd, TYPE_ENUM_FUNCTION,
+ name, &thd->sp_func_cache,
+ FALSE) != NULL;
thd->warning_info->clear_warning_info(thd->query_id);
- if (sp_object_found)
- {
- if (any)
- break;
- }
- else if (!any)
+ if (! sp_object_found)
{
my_error(ER_SP_DOES_NOT_EXIST, MYF(0), "FUNCTION or PROCEDURE",
routine->table_name);
=== modified file 'sql/sp.h'
--- a/sql/sp.h 2011-03-09 20:54:55 +0000
+++ b/sql/sp.h 2011-04-22 12:59:10 +0000
@@ -110,7 +110,7 @@ sp_cache_routine(THD *thd, int type, sp_
bool lookup_only, sp_head **sp);
bool
-sp_exist_routines(THD *thd, TABLE_LIST *procs, bool any);
+sp_exist_routines(THD *thd, TABLE_LIST *procs, bool is_proc);
bool
sp_show_create_routine(THD *thd, int type, sp_name *name);
No bundle (reason: useless for push emails).
| Thread |
|---|
| • bzr push into mysql-trunk branch (Dmitry.Lenev:3335 to 3336) Bug#11759114 | Dmitry Lenev | 22 Apr |
