From: Date: April 30 2007 12:33pm Subject: bk commit into 5.1 tree (tnurnberg:1.2493) BUG#27293 List-Archive: http://lists.mysql.com/commits/25747 X-Bug: 27293 Message-Id: Below is the list of changes that have just been committed into a local 5.1 repository of tnurnberg. When tnurnberg does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2007-04-30 12:32:57+02:00, tnurnberg@stripped +3 -0 Bug#27293: mysqldump crashes when dumping procedure defined by different user mysqldump didn't properly handle getting no data on SHOW CREATE PROCEDURE. If S/C/P fails (due to dumping user's insufficient privileges on mysql.proc, say), mysqldump will print a comment to that effect to the output and return an error-code. If the -f (force) option is used, the dump will continue, otherwise, it will abort right there and then. Also fixes Bug#22761, "mysqldump reports no errors when using --routines without mysql.proc privileges" --- Merge mysql.com:/home/tnurnberg/27293/50-27293 into mysql.com:/home/tnurnberg/27293/51-27293 --- Merge tnurnberg@stripped:/home/bk/mysql-5.1-maint into mysql.com:/home/tnurnberg/27293/51-27293 client/mysqldump.c@stripped, 2007-04-30 12:32:29+02:00, tnurnberg@stripped +11 -4 Bug#27293: mysqldump crashes when dumping procedure defined by different user handle failure of SHOW CREATE PROCEDURE, give user diagnostics, heed -f (force) option --- manual merge mysql-test/r/mysqldump.result@stripped, 2007-04-30 12:32:33+02:00, tnurnberg@stripped +27 -0 Bug#27293: mysqldump crashes when dumping procedure defined by different user show that trying to mysqldump --routines with insufficient privileges will no longer crash the client --- manual merge mysql-test/t/mysqldump.test@stripped, 2007-04-30 12:32:37+02:00, tnurnberg@stripped +31 -0 Bug#27293: mysqldump crashes when dumping procedure defined by different user show that trying to mysqldump --routines with insufficient privileges will no longer crash the client --- manual merge # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: tnurnberg # Host: blasphemy.mysql.com # Root: /home/tnurnberg/27293/51-27293 --- 1.275/client/mysqldump.c 2007-04-20 23:31:06 +02:00 +++ 1.276/client/mysqldump.c 2007-04-30 12:32:29 +02:00 @@ -1640,9 +1640,16 @@ static uint dump_routines_for_db(char *d if the user has EXECUTE privilege he see routine names, but NOT the routine body of other routines that are not the creator of! */ - DBUG_PRINT("info",("length of body for %s row[2] '%s' is %ld", - routine_name, row[2], (long) strlen(row[2]))); - if (strlen(row[2])) + DBUG_PRINT("info",("length of body for %s row[2] '%s' is %d", + routine_name, row[2] ? row[2] : "(null)", + row[2] ? (int) strlen(row[2]) : 0)); + if (row[2] == NULL) + { + fprintf(sql_file, "\n-- insufficient privileges to %s\n", query_buff); + fprintf(sql_file, "-- does %s have permissions on mysql.proc?\n\n", current_user); + maybe_die(EX_MYSQLERR,"%s has insufficent privileges to %s!", current_user, query_buff); + } + else if (strlen(row[2])) { char *query_str= NULL; char *definer_begin; @@ -1692,7 +1699,7 @@ static uint dump_routines_for_db(char *d /* we need to change sql_mode only for the CREATE PROCEDURE/FUNCTION otherwise we may need to re-quote routine_name - */; + */ fprintf(sql_file, "/*!50003 SET SESSION SQL_MODE=\"%s\"*/;;\n", row[1] /* sql_mode */); fprintf(sql_file, "/*!50003 %s */;;\n", --- 1.145/mysql-test/r/mysqldump.result 2007-04-02 10:54:26 +02:00 +++ 1.146/mysql-test/r/mysqldump.result 2007-04-30 12:32:33 +02:00 @@ -3281,6 +3281,33 @@ v3 CREATE ALGORITHM=UNDEFINED DEFINER=`r drop database bug23491_original; drop database bug23491_restore; use test; +# +# Bug 27293: mysqldump crashes when dumping routines +# defined by a different user +# +# Bug #22761: mysqldump reports no errors when using +# --routines without mysql.proc privileges +# +create database mysqldump_test_db; +grant all privileges on mysqldump_test_db.* to user1; +grant all privileges on mysqldump_test_db.* to user2; +create procedure mysqldump_test_db.sp1() select 'hello'; +DELIMITER ;; + +-- insufficient privileges to SHOW CREATE PROCEDURE `sp1` +-- does user2 have permissions on mysql.proc? + +DELIMITER ; +DELIMITER ;; +/*!50003 SET SESSION SQL_MODE=""*/;; +/*!50003 CREATE*/ /*!50020 DEFINER=`user1`@`%`*/ /*!50003 PROCEDURE `sp1`() +select 'hello' */;; +/*!50003 SET SESSION SQL_MODE=@OLD_SQL_MODE*/;; +DELIMITER ; +drop procedure sp1; +drop user user1; +drop user user2; +drop database mysqldump_test_db; # # End of 5.0 tests # --- 1.136/mysql-test/t/mysqldump.test 2007-04-07 20:59:48 +02:00 +++ 1.137/mysql-test/t/mysqldump.test 2007-04-30 12:32:37 +02:00 @@ -1497,6 +1497,37 @@ drop database bug23491_original; drop database bug23491_restore; use test; +--echo # +--echo # Bug 27293: mysqldump crashes when dumping routines +--echo # defined by a different user +--echo # +--echo # Bug #22761: mysqldump reports no errors when using +--echo # --routines without mysql.proc privileges +--echo # + +create database mysqldump_test_db; + +grant all privileges on mysqldump_test_db.* to user1; +grant all privileges on mysqldump_test_db.* to user2; + +connect (user27293,localhost,user1,,mysqldump_test_db,$MASTER_MYPORT,$MASTER_MYSOCK); +connection user27293; + +create procedure mysqldump_test_db.sp1() select 'hello'; + +--error 2 +--exec $MYSQL_DUMP -f --compact --user=user2 --password= -h 127.0.0.1 -P $MASTER_MYPORT --routines mysqldump_test_db + +--exec $MYSQL_DUMP -f --compact --user=user1 --password= -h 127.0.0.1 -P $MASTER_MYPORT --routines mysqldump_test_db + +drop procedure sp1; + +connection default; +drop user user1; +drop user user2; + +drop database mysqldump_test_db; + --echo # --echo # End of 5.0 tests --echo #