From: Date: June 25 2006 5:09pm Subject: bk commit into 5.0 tree (kroki:1.2205) BUG#20664 List-Archive: http://lists.mysql.com/commits/8207 X-Bug: 20664 Message-Id: <200606251509.k5PF9sSb008336@moonlight.intranet> Below is the list of changes that have just been committed into a local 5.0 repository of tomash. When tomash does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet 1.2205 06/06/25 19:09:47 kroki@stripped +3 -0 Bug#20664: Unprivileged SHOW CREATE FUNCTION crashes 'mysql' command line client Send empty string if the user doesn't have enough privilege to see routine definition. sql/sp_head.cc 1.216 06/06/24 17:48:54 kroki@stripped +4 -0 Send empty string if the user doesn't have enough privilege to see routine definition. mysql-test/t/sp-security.test 1.33 06/06/24 17:48:54 kroki@stripped +33 -1 Add test case for bug#20664. mysql-test/r/sp-security.result 1.30 06/06/24 17:48:53 kroki@stripped +27 -0 Add result for bug#20664. # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: kroki # Host: moonlight.intranet # Root: /home/tomash/src/mysql_ab/mysql-5.0-bug20664 --- 1.29/mysql-test/r/sp-security.result 2006-04-18 20:10:42 +04:00 +++ 1.30/mysql-test/r/sp-security.result 2006-06-24 17:48:53 +04:00 @@ -420,3 +420,30 @@ ---> connection: root DROP USER mysqltest_2@localhost; DROP DATABASE mysqltest; +USE test; +DROP PROCEDURE IF EXISTS p1; +DROP FUNCTION IF EXISTS f1; +CREATE PROCEDURE p1() SET @a= 1; +CREATE FUNCTION f1() RETURNS INT RETURN @a; +CREATE USER mysql_bug20664@localhost; +GRANT EXECUTE ON PROCEDURE p1 TO mysql_bug20664@localhost; +GRANT EXECUTE ON FUNCTION f1 TO mysql_bug20664@localhost; +SHOW CREATE PROCEDURE p1; +Procedure sql_mode Create Procedure +p1 +SHOW CREATE PROCEDURE p1; +Procedure sql_mode Create Procedure +p1 +SHOW CREATE FUNCTION f1; +Function sql_mode Create Function +f1 +SHOW CREATE FUNCTION f1; +Function sql_mode Create Function +f1 +CALL p1(); +SELECT f1(); +f1() +1 +DROP FUNCTION f1; +DROP PROCEDURE p1; +DROP USER mysql_bug20664@localhost; --- 1.32/mysql-test/t/sp-security.test 2006-04-18 20:10:42 +04:00 +++ 1.33/mysql-test/t/sp-security.test 2006-06-24 17:48:54 +04:00 @@ -742,6 +742,38 @@ DROP USER mysqltest_2@localhost; DROP DATABASE mysqltest; +USE test; -# End of 5.0 bugs. +# +# Bug#20664: Unprivileged SHOW CREATE FUNCTION crashes 'mysql' command +# line client +# +--disable_warnings +DROP PROCEDURE IF EXISTS p1; +DROP FUNCTION IF EXISTS f1; +--enable_warnings + +CREATE PROCEDURE p1() SET @a= 1; +CREATE FUNCTION f1() RETURNS INT RETURN @a; +CREATE USER mysql_bug20664@localhost; +GRANT EXECUTE ON PROCEDURE p1 TO mysql_bug20664@localhost; +GRANT EXECUTE ON FUNCTION f1 TO mysql_bug20664@localhost; + +connect (conn1, localhost, mysql_bug20664,,); + +SHOW CREATE PROCEDURE p1; +SHOW CREATE PROCEDURE p1; +SHOW CREATE FUNCTION f1; +SHOW CREATE FUNCTION f1; +CALL p1(); +SELECT f1(); + +disconnect conn1; +connection default; + +DROP FUNCTION f1; +DROP PROCEDURE p1; +DROP USER mysql_bug20664@localhost; + +# End of 5.0 tests. --- 1.215/sql/sp_head.cc 2006-06-22 19:29:45 +04:00 +++ 1.216/sql/sp_head.cc 2006-06-24 17:48:54 +04:00 @@ -1909,6 +1909,8 @@ protocol->store((char*) sql_mode_str, sql_mode_len, system_charset_info); if (full_access) protocol->store(m_defstr.str, m_defstr.length, system_charset_info); + else + protocol->store("", 0, system_charset_info); res= protocol->write(); send_eof(thd); @@ -1974,6 +1976,8 @@ protocol->store((char*) sql_mode_str, sql_mode_len, system_charset_info); if (full_access) protocol->store(m_defstr.str, m_defstr.length, system_charset_info); + else + protocol->store("", 0, system_charset_info); res= protocol->write(); send_eof(thd);