List:Commits« Previous MessageNext Message »
From:Sergey Glukhov Date:October 2 2008 11:18am
Subject:bzr push into mysql-5.0-bugteam branch (Sergey.Glukhov:2692 to 2693)
Bug#22763
View as plain text  
 2693 Sergey Glukhov	2008-10-02
      Bug#22763 Disrepancy between SHOW CREATE VIEW and I_S.VIEWS
      The problem:
      I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL
      privileges for a view. It leads to discrepancy between SHOW CREATE VIEW
      and I_S.VIEWS.
      The fix:
      added appropriate check.
modified:
  mysql-test/r/information_schema_db.result
  mysql-test/t/information_schema_db.test
  sql/sql_show.cc

 2692 Georgi Kodinov	2008-10-01
      Bug#37943: Reproducible mysqld crash/sigsegv in sel_trees_can_be_ored
                  
      When analyzing the possible index use cases the server was re-using an internal structure.
      This is wrong, as this internal structure gets updated during the analysis.
      Fixed by making a copy of the internal structure for every place it needs to be used.
      Also stopped the generation of empty SEL_TREE structures that unnecessary 
      complicate the analysis.
modified:
  mysql-test/r/index_merge.result
  mysql-test/t/index_merge.test
  sql/opt_range.cc

=== modified file 'mysql-test/r/information_schema_db.result'
--- a/mysql-test/r/information_schema_db.result	2007-10-26 07:01:29 +0000
+++ b/mysql-test/r/information_schema_db.result	2008-10-02 09:37:07 +0000
@@ -209,3 +209,24 @@ drop view testdb_1.v1, v2, testdb_1.v3, 
 drop database testdb_1;
 drop user testdb_1@localhost;
 drop user testdb_2@localhost;
+create database testdb_1;
+create table testdb_1.t1 (a int);
+create view testdb_1.v1 as select * from testdb_1.t1;
+grant show view on testdb_1.* to mysqltest_1@localhost;
+grant select on testdb_1.v1 to mysqltest_1@localhost;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+table_schema	table_name	view_definition
+testdb_1	v1	/* ALGORITHM=UNDEFINED */ select `testdb_1`.`t1`.`a` AS `a` from `testdb_1`.`t1`
+show create view testdb_1.v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v1` AS select `testdb_1`.`t1`.`a` AS `a` from `testdb_1`.`t1`
+revoke select on testdb_1.v1 from mysqltest_1@localhost;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+table_schema	table_name	view_definition
+testdb_1	v1	
+show create view testdb_1.v1;
+ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 'v1'
+drop user mysqltest_1@localhost;
+drop database testdb_1;

=== modified file 'mysql-test/t/information_schema_db.test'
--- a/mysql-test/t/information_schema_db.test	2007-03-23 18:24:03 +0000
+++ b/mysql-test/t/information_schema_db.test	2008-10-02 09:37:07 +0000
@@ -82,6 +82,7 @@ drop function func2;
 drop database `inf%`;
 drop procedure mbase.p1;
 drop database mbase;
+disconnect user1;
 
 #
 # Bug#18282 INFORMATION_SCHEMA.TABLES provides inconsistent info about invalid views
@@ -210,3 +211,32 @@ drop view testdb_1.v1, v2, testdb_1.v3, 
 drop database testdb_1;
 drop user testdb_1@localhost;
 drop user testdb_2@localhost;
+
+#
+# Bug#22763 Disrepancy between SHOW CREATE VIEW and I_S.VIEWS
+#
+create database testdb_1;
+create table testdb_1.t1 (a int);
+create view testdb_1.v1 as select * from testdb_1.t1;
+
+grant show view on testdb_1.* to mysqltest_1@localhost;
+grant select on testdb_1.v1 to mysqltest_1@localhost;
+
+connect (user1,localhost,mysqltest_1,,test);
+connection user1;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+show create view testdb_1.v1;
+
+connection default;
+revoke select on testdb_1.v1 from mysqltest_1@localhost;
+connection user1;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+--error ER_TABLEACCESS_DENIED_ERROR
+show create view testdb_1.v1;
+
+connection default;
+drop user mysqltest_1@localhost;
+drop database testdb_1;
+disconnect user1;

=== modified file 'sql/sql_show.cc'
--- a/sql/sql_show.cc	2008-08-15 20:13:27 +0000
+++ b/sql/sql_show.cc	2008-10-02 09:37:07 +0000
@@ -3170,6 +3170,27 @@ static int get_schema_views_record(THD *
           !my_strcasecmp(system_charset_info, tables->definer.host.str,
                          sctx->priv_host))
         tables->allowed_show= TRUE;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+      else
+      {
+        if ((thd->col_access & (SHOW_VIEW_ACL|SELECT_ACL)) ==
+            (SHOW_VIEW_ACL|SELECT_ACL))
+          tables->allowed_show= TRUE;
+        else
+        {
+          TABLE_LIST table_list;
+          uint view_access;
+          memset(&table_list, 0, sizeof(table_list));
+          table_list.db= tables->view_db.str;
+          table_list.table_name= tables->view_name.str;
+          table_list.grant.privilege= thd->col_access;
+          view_access= get_table_grant(thd, &table_list);
+          if ((view_access & (SHOW_VIEW_ACL|SELECT_ACL)) ==
+              (SHOW_VIEW_ACL|SELECT_ACL))
+            tables->allowed_show= TRUE;
+        }
+      }
+#endif
     }
     restore_record(table, s->default_values);
     table->field[1]->store(tables->view_db.str, tables->view_db.length, cs);
Thread
bzr push into mysql-5.0-bugteam branch (Sergey.Glukhov:2692 to 2693)Bug#22763Sergey Glukhov2 Oct