List:Commits« Previous MessageNext Message »
From:kpettersson Date:April 10 2008 10:54am
Subject:bk commit into 6.0 tree (thek:1.2628) BUG#35955
View as plain text  
Below is the list of changes that have just been committed into a local
6.0 repository of thek.  When thek does a push these changes
will be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2008-04-10 10:54:17+02:00, thek@adventure.(none) +5 -0
  Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT.
  
  The privilege requirements were reduced if a table list contained at least
  one information schema table.
   
  The fix is to reset the privilege requirements in check_table_access 
  for each iteration over a TABLE_LIST object. 

  mysql-test/r/information_schema.result@stripped, 2008-04-10 10:54:14+02:00,
thek@adventure.(none) +20 -0
    Added test case

  mysql-test/t/crap.test@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +16 -0
    New BitKeeper file ``mysql-test/t/crap.test''

  mysql-test/t/crap.test@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +0 -0

  mysql-test/t/information_schema.test@stripped, 2008-04-10 10:54:14+02:00,
thek@adventure.(none) +25 -0
    Added test case

  sql/mysql_priv.h@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +1 -1
    Changed parameter name for clarity.

  sql/sql_parse.cc@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +3 -2
    Copy requirements to a temporary variable and reset them after each
    iteration.

diff -Nrup a/mysql-test/r/information_schema.result
b/mysql-test/r/information_schema.result
--- a/mysql-test/r/information_schema.result	2008-03-28 13:00:41 +01:00
+++ b/mysql-test/r/information_schema.result	2008-04-10 10:54:14 +02:00
@@ -1688,3 +1688,23 @@ char	10	10	NULL	NULL	latin1	latin1_swedi
 drop procedure p1;
 drop procedure p2;
 drop function f1;
+#
+# Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT.
+#
+DROP DATABASE IF EXISTS testdb1;
+CREATE DATABASE testdb1;
+USE testdb1;
+CREATE TABLE t1 (c1 int);
+CREATE TABLE t2 (c2 int);
+GRANT SELECT ON testdb1.t1 TO mysqluser_35955@localhost;
+SELECT * FROM INFORMATION_SCHEMA.tables, t1;
+TABLE_CATALOG	TABLE_SCHEMA	TABLE_NAME	TABLE_TYPE	ENGINE	VERSION	ROW_FORMAT	TABLE_ROWS	AVG_ROW_LENGTH	DATA_LENGTH	MAX_DATA_LENGTH	INDEX_LENGTH	DATA_FREE	AUTO_INCREMENT	CREATE_TIME	UPDATE_TIME	CHECK_TIME	TABLE_COLLATION	CHECKSUM	CREATE_OPTIONS	TABLE_COMMENT	c1
+SELECT * FROM t2;
+ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2'
+SELECT * FROM t2, INFORMATION_SCHEMA.tables;
+ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2'
+SELECT * FROM INFORMATION_SCHEMA.tables, t2;
+ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2'
+DROP TABLE t1,t2;
+DROP DATABASE testdb1;
+DROP USER mysqluser_35955@localhost;
diff -Nrup a/mysql-test/t/crap.test b/mysql-test/t/crap.test
--- /dev/null	Wed Dec 31 16:00:00 196900
+++ b/mysql-test/t/crap.test	2008-04-10 10:54:14 +02:00
@@ -0,0 +1,16 @@
+
+create database testdb1;
+use testdb1;
+create table t1 (c1 int);
+create table t2 (c2 int);
+grant select on testdb1.t1 to mysqluser1@localhost;
+
+--connect (mysqluser1, localhost, mysqluser1, , testdb1)
+select * from information_schema.tables, t1;
+--error 1142
+select * from t2;
+--error 1142
+select * from t2, information_schema.tables;
+--error 1142
+select * from information_schema.tables, t2;
+
diff -Nrup a/mysql-test/t/information_schema.test b/mysql-test/t/information_schema.test
--- a/mysql-test/t/information_schema.test	2008-03-28 13:00:41 +01:00
+++ b/mysql-test/t/information_schema.test	2008-04-10 10:54:14 +02:00
@@ -1357,3 +1357,28 @@ from information_schema.routines;
 drop procedure p1;
 drop procedure p2;
 drop function f1;
+
+--echo #
+--echo # Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT.
+--echo #
+--disable_warnings
+DROP DATABASE IF EXISTS testdb1;
+--enable_warnings
+CREATE DATABASE testdb1;
+USE testdb1;
+CREATE TABLE t1 (c1 int);
+CREATE TABLE t2 (c2 int);
+GRANT SELECT ON testdb1.t1 TO mysqluser_35955@localhost;
+
+--connect (con_35955, localhost, mysqluser_35955, , testdb1)
+SELECT * FROM INFORMATION_SCHEMA.tables, t1;
+--error 1142
+SELECT * FROM t2;
+--error 1142
+SELECT * FROM t2, INFORMATION_SCHEMA.tables;
+--error 1142
+SELECT * FROM INFORMATION_SCHEMA.tables, t2;
+--connection default
+DROP TABLE t1,t2;
+DROP DATABASE testdb1;
+DROP USER mysqluser_35955@localhost;
diff -Nrup a/sql/mysql_priv.h b/sql/mysql_priv.h
--- a/sql/mysql_priv.h	2008-03-28 13:00:42 +01:00
+++ b/sql/mysql_priv.h	2008-04-10 10:54:14 +02:00
@@ -1115,7 +1115,7 @@ bool reload_acl_and_cache(THD *thd, ulon
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
 bool check_access(THD *thd, ulong access, const char *db, ulong *save_priv,
 		  bool no_grant, bool no_errors, bool schema_db);
-bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
+bool check_table_access(THD *thd, ulong requirements, TABLE_LIST *tables,
                         bool no_errors,
                         bool any_combination_of_privileges_will_do,
 			uint number);
diff -Nrup a/sql/sql_parse.cc b/sql/sql_parse.cc
--- a/sql/sql_parse.cc	2008-04-10 09:37:22 +02:00
+++ b/sql/sql_parse.cc	2008-04-10 10:54:14 +02:00
@@ -5187,7 +5187,7 @@ static bool check_show_access(THD *thd, 
 */
 
 bool
-check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
+check_table_access(THD *thd, ulong requirements,TABLE_LIST *tables,
 		   bool no_errors, bool any_combination_of_privileges_will_do,
                    uint number)
 {
@@ -5203,6 +5203,7 @@ check_table_access(THD *thd, ulong want_
   for (; i < number && tables != first_not_own_table && tables;
        tables= tables->next_global, i++)
   {
+    ulong want_access= requirements;
     if (tables->security_ctx)
       sctx= tables->security_ctx;
     else
@@ -5250,7 +5251,7 @@ check_table_access(THD *thd, ulong want_
       goto deny;
   }
   thd->security_ctx= backup_ctx;
-  return check_grant(thd,want_access,org_tables,
+  return check_grant(thd,requirements,org_tables,
                      any_combination_of_privileges_will_do,
                      number, no_errors);
 deny:
Thread
bk commit into 6.0 tree (thek:1.2628) BUG#35955kpettersson10 Apr