List:Commits« Previous MessageNext Message »
From:gluh Date:April 28 2007 11:47am
Subject:bk commit into 5.1 tree (gluh:1.2490) BUG#27629
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of gluh. When gluh does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-04-28 16:47:37+05:00, gluh@stripped +2 -0
  Bug#27629 Possible security flaw in INFORMATION_SCHEMA and SHOW statements(addon for 5.1)
  added TRIGGER_ACL check for I_S.TRIGGERS

  mysql-test/r/information_schema_db.result@stripped, 2007-04-28 16:47:35+05:00, gluh@stripped +0 -2
    result fix

  sql/sql_show.cc@stripped, 2007-04-28 16:47:35+05:00, gluh@stripped +1 -1
    added TRIGGER_ACL check for I_S.TRIGGERS

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	gluh
# Host:	eagle.(none)
# Root:	/home/gluh/MySQL/Bugs/5.1.27629

--- 1.408/sql/sql_show.cc	2007-04-28 14:58:59 +05:00
+++ 1.409/sql/sql_show.cc	2007-04-28 16:47:35 +05:00
@@ -3831,7 +3831,7 @@ static int get_schema_triggers_record(TH
         LEX_STRING definer_buffer;
 
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-        if (!(thd->security_ctx->master_access & SUPER_ACL))
+        if (check_table_access(thd, TRIGGER_ACL, tables, 1))
           continue;
 #endif
         definer_buffer.str= definer_holder;

--- 1.20/mysql-test/r/information_schema_db.result	2007-03-23 23:36:16 +04:00
+++ 1.21/mysql-test/r/information_schema_db.result	2007-04-28 16:47:35 +05:00
@@ -151,13 +151,11 @@ create view v2 as select f1 from testdb_
 create view v4 as select f1,f2 from testdb_1.v3;
 show fields from testdb_1.v5;
 Field	Type	Null	Key	Default	Extra
-f1	char(4)	YES		NULL	
 show create view testdb_1.v5;
 View	Create View
 v5	CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_1`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v5` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1`
 show fields from testdb_1.v6;
 Field	Type	Null	Key	Default	Extra
-f1	char(4)	YES		NULL	
 show create view testdb_1.v6;
 View	Create View
 v6	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v6` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1`
Thread
bk commit into 5.1 tree (gluh:1.2490) BUG#27629gluh28 Apr