List:Commits« Previous MessageNext Message »
From:gluh Date:August 21 2007 2:55pm
Subject:bk commit into 5.1 tree (gluh:1.2573) BUG#27629
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of gluh. When gluh does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-08-21 17:55:49+05:00, gluh@stripped +2 -0
  Bug#27629 Possible security flaw in INFORMATION_SCHEMA and SHOW statements(addon for
5.1)
  added TRIGGER_ACL check for I_S.TRIGGERS

  mysql-test/r/information_schema.result@stripped, 2007-08-21 17:55:47+05:00, gluh@stripped
+3 -3
    result fix

  sql/sql_show.cc@stripped, 2007-08-21 17:55:47+05:00, gluh@stripped +1 -1
    Bug#27629 Possible security flaw in INFORMATION_SCHEMA and SHOW statements(addon for
5.1)
    added TRIGGER_ACL check for I_S.TRIGGERS

diff -Nrup a/mysql-test/r/information_schema.result
b/mysql-test/r/information_schema.result
--- a/mysql-test/r/information_schema.result	2007-08-21 15:58:23 +05:00
+++ b/mysql-test/r/information_schema.result	2007-08-21 17:55:47 +05:00
@@ -1419,8 +1419,8 @@ where event_object_table='t1';
 trigger_name
 t1_ai
 show triggers from mysqltest;
-Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer
-t1_ai	INSERT	t1	set @a = new.a + new.b + new.c	AFTER	NULL		root@localhost
+Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database
Collation
+t1_ai	INSERT	t1	set @a = new.a + new.b +
new.c	AFTER	NULL		root@localhost	latin1	latin1_swedish_ci	latin1_swedish_ci
 show columns from t1;
 Field	Type	Null	Key	Default	Extra
 b	int(11)	YES		NULL	
@@ -1428,7 +1428,7 @@ select column_name from information_sche
 column_name
 b
 show triggers;
-Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer
+Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database
Collation
 select trigger_name from information_schema.triggers
 where event_object_table='t1';
 trigger_name
diff -Nrup a/sql/sql_show.cc b/sql/sql_show.cc
--- a/sql/sql_show.cc	2007-08-21 16:01:45 +05:00
+++ b/sql/sql_show.cc	2007-08-21 17:55:47 +05:00
@@ -4351,7 +4351,7 @@ static int get_schema_triggers_record(TH
     int event, timing;
 
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-    if (!(thd->security_ctx->master_access & SUPER_ACL))
+    if (check_table_access(thd, TRIGGER_ACL, tables, 1))
       goto ret;
 #endif
Thread
bk commit into 5.1 tree (gluh:1.2573) BUG#27629gluh21 Aug