List:Commits« Previous MessageNext Message »
From:pem Date:December 15 2005 2:24pm
Subject:bk commit into 5.0 tree (pem:1.1982) BUG#14834
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of pem. When pem does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.1982 05/12/15 15:23:16 pem@stripped +3 -0
  Fixed BUG#14834: Server denies to execute Stored Procedure
    The problem was that databases with '_' in the name did not match a
    correct ACL with a literal '_' (i.e. '\_') in the db name, only identical
    strings matched. The fix makes this work, and also ACLs with wildcards in
    the db name work.

  sql/sql_acl.cc
    1.185 05/12/15 15:23:09 pem@stripped +1 -1
    Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security
    context switching when invoking stored routines)

  mysql-test/t/sp-security.test
    1.26 05/12/15 15:23:09 pem@stripped +44 -0
    New test case for BUG#14834

  mysql-test/r/sp-security.result
    1.23 05/12/15 15:23:09 pem@stripped +21 -0
    New test case for BUG#14834

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	pem
# Host:	mysql.comhem.se
# Root:	/usr/home/pem/bug14834/mysql-5.0

--- 1.184/sql/sql_acl.cc	2005-12-06 17:04:21 +01:00
+++ 1.185/sql/sql_acl.cc	2005-12-15 15:23:09 +01:00
@@ -987,7 +987,7 @@
       {
 	if (compare_hostname(&acl_db->host, host, ip))
 	{
-	  if (!acl_db->db || (db && !strcmp(acl_db->db, db)))
+	  if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0)))
 	  {
 	    sctx->db_access= acl_db->access;
 	    break;

--- 1.22/mysql-test/r/sp-security.result	2005-10-17 17:08:51 +02:00
+++ 1.23/mysql-test/r/sp-security.result	2005-12-15 15:23:09 +01:00
@@ -263,3 +263,24 @@
 ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812'
 DROP USER user_bug12812@localhost|
 drop function bug12812|
+create database db_bug14834;
+create user user1_bug14834@localhost identified by '';
+grant all on `db\_bug14834`.* to user1_bug14834@localhost;
+create user user2_bug14834@localhost identified by '';
+grant all on `db\_bug14834`.* to user2_bug14834@localhost;
+create user user3_bug14834@localhost identified by '';
+grant all on `db__ug14834`.* to user3_bug14834@localhost;
+create procedure p_bug14834() select user(), current_user();
+call p_bug14834();
+user()	current_user()
+user1_bug14834@localhost	user1_bug14834@localhost
+call p_bug14834();
+user()	current_user()
+user2_bug14834@localhost	user1_bug14834@localhost
+call p_bug14834();
+user()	current_user()
+user3_bug14834@localhost	user1_bug14834@localhost
+drop user user1_bug14834@localhost;
+drop user user2_bug14834@localhost;
+drop user user3_bug14834@localhost;
+drop database db_bug14834;

--- 1.25/mysql-test/t/sp-security.test	2005-10-28 11:00:48 +02:00
+++ 1.26/mysql-test/t/sp-security.test	2005-12-15 15:23:09 +01:00
@@ -437,4 +437,48 @@
 DROP USER user_bug12812@localhost|
 drop function bug12812|
 delimiter ;|
+
+
+#
+# BUG#14834: Server denies to execute Stored Procedure
+#
+# The problem here was with '_' in the database name.
+#
+create database db_bug14834;
+
+create user user1_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user1_bug14834@localhost;
+
+create user user2_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user2_bug14834@localhost;
+
+create user user3_bug14834@localhost identified by '';
+# Wildcards in the database name
+grant all on `db__ug14834`.* to user3_bug14834@localhost;
+
+connect (user1_bug14834,localhost,user1_bug14834,,db_bug14834);
+# Create the procedure and check that we can call it
+create procedure p_bug14834() select user(), current_user();
+call p_bug14834();
+
+connect (user2_bug14834,localhost,user2_bug14834,,db_bug14834);
+# This didn't work before
+call p_bug14834();
+
+connect (user3_bug14834,localhost,user3_bug14834,,db_bug14834);
+# Should also work
+call p_bug14834();
+
+# Cleanup
+connection default;
+disconnect user1_bug14834;
+disconnect user2_bug14834;
+disconnect user3_bug14834;
+drop user user1_bug14834@localhost;
+drop user user2_bug14834@localhost;
+drop user user3_bug14834@localhost;
+drop database db_bug14834;
+
 # End of 5.0 bugs.
Thread
bk commit into 5.0 tree (pem:1.1982) BUG#14834pem15 Dec