From: <gshchepa Date: February 13 2008 11:01am Subject: bk commit into 5.0 tree (gshchepa:1.2602) BUG#31194 List-Archive: http://lists.mysql.com/commits/42194 X-Bug: 31194 Message-Id: <20080213110215.865F140C2F3@localhost.localdomain> Below is the list of changes that have just been committed into a local 5.0 repository of gshchepa. When gshchepa does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2008-02-13 15:01:21+04:00, gshchepa@stripped +3 -0 Fixed bug#31194: Privilege ordering does not order properly for wildcard values. The server ignored escape character before wildcards during the calculation of priority values for sorting of a privilege list. (Actually the server counted an escape character as an ordinary wildcard like % or _). I.e. the table name template with a wildcard character like 'tbl_1' had higher priority in a privilege list than concrete table name without wildcards like 'tbl\_1', and some privileges of 'tbl\_1' was hidden by privileges for 'tbl_1'. The get_sort function has been modified to ignore escaped wildcards as usual. mysql-test/r/grant3.result@stripped, 2008-02-13 14:38:35+04:00, gshchepa@stripped +17 -0 Added test case for bug#31194. mysql-test/t/grant3.test@stripped, 2008-02-13 14:38:47+04:00, gshchepa@stripped +26 -0 Added test case for bug#31194. sql/sql_acl.cc@stripped, 2008-02-13 14:38:48+04:00, gshchepa@stripped +3 -1 Fixed bug#31194. The server used the wild_prefix escape character (usually \-character) like % and _ wildcards in the get_sort function for sorting weights calculation. The get_sort function has been modified to ignore escaped wildcards and alone escapes like in the wild_case_compare function. diff -Nrup a/mysql-test/r/grant3.result b/mysql-test/r/grant3.result --- a/mysql-test/r/grant3.result 2007-09-20 21:10:34 +05:00 +++ b/mysql-test/r/grant3.result 2008-02-13 14:38:35 +04:00 @@ -138,3 +138,20 @@ SELECT user, host, db, select_priv FROM user host db select_priv DROP USER CUser2@localhost; DROP USER CUser2@LOCALHOST; +CREATE DATABASE mysqltest_1; +CREATE TABLE mysqltest_1.t1 (a INT); +CREATE USER 'mysqltest1'@'%'; +GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%'; +REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%'; +GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'; +FLUSH PRIVILEGES; +SHOW GRANTS; +Grants for mysqltest1@% +GRANT USAGE ON *.* TO 'mysqltest1'@'%' +GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%' +GRANT UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%' +SELECT * FROM mysqltest_1.t1; +a +DROP USER 'mysqltest1'@'%'; +DROP DATABASE mysqltest_1; +End of 5.0 tests diff -Nrup a/mysql-test/t/grant3.test b/mysql-test/t/grant3.test --- a/mysql-test/t/grant3.test 2007-09-20 21:10:34 +05:00 +++ b/mysql-test/t/grant3.test 2008-02-13 14:38:47 +04:00 @@ -134,3 +134,29 @@ SELECT user, host, db, select_priv FROM DROP USER CUser2@localhost; DROP USER CUser2@LOCALHOST; + + +# +# Bug#31194: Privilege ordering does not order properly for wildcard values +# + +CREATE DATABASE mysqltest_1; +CREATE TABLE mysqltest_1.t1 (a INT); +CREATE USER 'mysqltest1'@'%'; +GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%'; +REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%'; +GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'; +FLUSH PRIVILEGES; + +connect (conn1,localhost,mysqltest1,,); +connection conn1; +SHOW GRANTS; +SELECT * FROM mysqltest_1.t1; +disconnect conn1; + +connection default; +DROP USER 'mysqltest1'@'%'; +DROP DATABASE mysqltest_1; + + +--echo End of 5.0 tests diff -Nrup a/sql/sql_acl.cc b/sql/sql_acl.cc --- a/sql/sql_acl.cc 2007-12-05 07:07:01 +04:00 +++ b/sql/sql_acl.cc 2008-02-13 14:38:48 +04:00 @@ -668,7 +668,9 @@ static ulong get_sort(uint count,...) { for (; *str ; str++) { - if (*str == wild_many || *str == wild_one || *str == wild_prefix) + if (*str == wild_prefix && str[1]) + str++; + else if (*str == wild_many || *str == wild_one) { wild_pos= (uint) (str - start) + 1; break;