From: Date: April 10 2008 10:54am Subject: bk commit into 6.0 tree (thek:1.2628) BUG#35955 List-Archive: http://lists.mysql.com/commits/45173 X-Bug: 35955 Message-Id: <20080410085423.50B3C530B4A@Adventure> Below is the list of changes that have just been committed into a local 6.0 repository of thek. When thek does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2008-04-10 10:54:17+02:00, thek@adventure.(none) +5 -0 Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT. The privilege requirements were reduced if a table list contained at least one information schema table. The fix is to reset the privilege requirements in check_table_access for each iteration over a TABLE_LIST object. mysql-test/r/information_schema.result@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +20 -0 Added test case mysql-test/t/crap.test@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +16 -0 New BitKeeper file ``mysql-test/t/crap.test'' mysql-test/t/crap.test@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +0 -0 mysql-test/t/information_schema.test@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +25 -0 Added test case sql/mysql_priv.h@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +1 -1 Changed parameter name for clarity. sql/sql_parse.cc@stripped, 2008-04-10 10:54:14+02:00, thek@adventure.(none) +3 -2 Copy requirements to a temporary variable and reset them after each iteration. diff -Nrup a/mysql-test/r/information_schema.result b/mysql-test/r/information_schema.result --- a/mysql-test/r/information_schema.result 2008-03-28 13:00:41 +01:00 +++ b/mysql-test/r/information_schema.result 2008-04-10 10:54:14 +02:00 @@ -1688,3 +1688,23 @@ char 10 10 NULL NULL latin1 latin1_swedi drop procedure p1; drop procedure p2; drop function f1; +# +# Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT. +# +DROP DATABASE IF EXISTS testdb1; +CREATE DATABASE testdb1; +USE testdb1; +CREATE TABLE t1 (c1 int); +CREATE TABLE t2 (c2 int); +GRANT SELECT ON testdb1.t1 TO mysqluser_35955@localhost; +SELECT * FROM INFORMATION_SCHEMA.tables, t1; +TABLE_CATALOG TABLE_SCHEMA TABLE_NAME TABLE_TYPE ENGINE VERSION ROW_FORMAT TABLE_ROWS AVG_ROW_LENGTH DATA_LENGTH MAX_DATA_LENGTH INDEX_LENGTH DATA_FREE AUTO_INCREMENT CREATE_TIME UPDATE_TIME CHECK_TIME TABLE_COLLATION CHECKSUM CREATE_OPTIONS TABLE_COMMENT c1 +SELECT * FROM t2; +ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2' +SELECT * FROM t2, INFORMATION_SCHEMA.tables; +ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2' +SELECT * FROM INFORMATION_SCHEMA.tables, t2; +ERROR 42000: SELECT command denied to user 'mysqluser_35955'@'localhost' for table 't2' +DROP TABLE t1,t2; +DROP DATABASE testdb1; +DROP USER mysqluser_35955@localhost; diff -Nrup a/mysql-test/t/crap.test b/mysql-test/t/crap.test --- /dev/null Wed Dec 31 16:00:00 196900 +++ b/mysql-test/t/crap.test 2008-04-10 10:54:14 +02:00 @@ -0,0 +1,16 @@ + +create database testdb1; +use testdb1; +create table t1 (c1 int); +create table t2 (c2 int); +grant select on testdb1.t1 to mysqluser1@localhost; + +--connect (mysqluser1, localhost, mysqluser1, , testdb1) +select * from information_schema.tables, t1; +--error 1142 +select * from t2; +--error 1142 +select * from t2, information_schema.tables; +--error 1142 +select * from information_schema.tables, t2; + diff -Nrup a/mysql-test/t/information_schema.test b/mysql-test/t/information_schema.test --- a/mysql-test/t/information_schema.test 2008-03-28 13:00:41 +01:00 +++ b/mysql-test/t/information_schema.test 2008-04-10 10:54:14 +02:00 @@ -1357,3 +1357,28 @@ from information_schema.routines; drop procedure p1; drop procedure p2; drop function f1; + +--echo # +--echo # Bug#35955 Regression: I_S table cause reduced privilege requirements in SELECT. +--echo # +--disable_warnings +DROP DATABASE IF EXISTS testdb1; +--enable_warnings +CREATE DATABASE testdb1; +USE testdb1; +CREATE TABLE t1 (c1 int); +CREATE TABLE t2 (c2 int); +GRANT SELECT ON testdb1.t1 TO mysqluser_35955@localhost; + +--connect (con_35955, localhost, mysqluser_35955, , testdb1) +SELECT * FROM INFORMATION_SCHEMA.tables, t1; +--error 1142 +SELECT * FROM t2; +--error 1142 +SELECT * FROM t2, INFORMATION_SCHEMA.tables; +--error 1142 +SELECT * FROM INFORMATION_SCHEMA.tables, t2; +--connection default +DROP TABLE t1,t2; +DROP DATABASE testdb1; +DROP USER mysqluser_35955@localhost; diff -Nrup a/sql/mysql_priv.h b/sql/mysql_priv.h --- a/sql/mysql_priv.h 2008-03-28 13:00:42 +01:00 +++ b/sql/mysql_priv.h 2008-04-10 10:54:14 +02:00 @@ -1115,7 +1115,7 @@ bool reload_acl_and_cache(THD *thd, ulon #ifndef NO_EMBEDDED_ACCESS_CHECKS bool check_access(THD *thd, ulong access, const char *db, ulong *save_priv, bool no_grant, bool no_errors, bool schema_db); -bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables, +bool check_table_access(THD *thd, ulong requirements, TABLE_LIST *tables, bool no_errors, bool any_combination_of_privileges_will_do, uint number); diff -Nrup a/sql/sql_parse.cc b/sql/sql_parse.cc --- a/sql/sql_parse.cc 2008-04-10 09:37:22 +02:00 +++ b/sql/sql_parse.cc 2008-04-10 10:54:14 +02:00 @@ -5187,7 +5187,7 @@ static bool check_show_access(THD *thd, */ bool -check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables, +check_table_access(THD *thd, ulong requirements,TABLE_LIST *tables, bool no_errors, bool any_combination_of_privileges_will_do, uint number) { @@ -5203,6 +5203,7 @@ check_table_access(THD *thd, ulong want_ for (; i < number && tables != first_not_own_table && tables; tables= tables->next_global, i++) { + ulong want_access= requirements; if (tables->security_ctx) sctx= tables->security_ctx; else @@ -5250,7 +5251,7 @@ check_table_access(THD *thd, ulong want_ goto deny; } thd->security_ctx= backup_ctx; - return check_grant(thd,want_access,org_tables, + return check_grant(thd,requirements,org_tables, any_combination_of_privileges_will_do, number, no_errors); deny: