#At file:///home/satya/WORK/41597/mysql-5.0-bugteam-41597/ based on revid:joro@stripped
2814 Satya B 2009-09-22
Fix for Bug #41597 - After rename of user, there are additional grants when
grants are reapplied.
After renaming a user and trying to re-apply grants results in additional
grants.
This is because we use username as part of the key for GRANT_TABLE structure.
When the user is renamed, we only change the username stored and the hash key
still contains the old user name and this results in the extra privileges
Fixed by rebuilding the hash key and updating the column_priv_hash structure
when the user is renamed
@ mysql-test/r/grant3.result
Bug #41597 - After rename of user, there are additional grants when
grants are reapplied.
Testcase for BUG#41597
@ mysql-test/t/grant3.test
Bug #41597 - After rename of user, there are additional grants when
grants are reapplied.
Testcase for BUG#41597
@ sql/sql_acl.cc
Bug #41597 - After rename of user, there are additional grants when
grants are reapplied.
Fixed handle_grant_struct() to update the hash key when the user is renamed.
modified:
mysql-test/r/grant3.result
mysql-test/t/grant3.test
sql/sql_acl.cc
=== modified file 'mysql-test/r/grant3.result'
--- a/mysql-test/r/grant3.result 2008-02-13 15:34:12 +0000
+++ b/mysql-test/r/grant3.result 2009-09-22 10:43:54 +0000
@@ -154,4 +154,42 @@ SELECT * FROM mysqltest_1.t1;
a
DROP USER 'mysqltest1'@'%';
DROP DATABASE mysqltest_1;
+#
+# Bug#41597 - After rename of user, there are additional grants
+# when grants are reapplied.
+#
+CREATE DATABASE temp;
+CREATE TABLE temp.t1(a INT, b VARCHAR(10));
+INSERT INTO temp.t1 VALUES(1, 'name1');
+INSERT INTO temp.t1 VALUES(2, 'name2');
+INSERT INTO temp.t1 VALUES(3, 'name3');
+CREATE USER 'user1'@'%';
+RENAME USER 'user1'@'%' TO 'user2'@'%';
+# Show privileges after rename and BEFORE grant
+SHOW GRANTS FOR 'user2'@'%';
+Grants for user2@%
+GRANT USAGE ON *.* TO 'user2'@'%'
+GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%';
+# Show privileges after rename and grant
+SHOW GRANTS FOR 'user2'@'%';
+Grants for user2@%
+GRANT USAGE ON *.* TO 'user2'@'%'
+GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%'
+# Connect as the renamed user
+SHOW GRANTS;
+Grants for user2@%
+GRANT USAGE ON *.* TO 'user2'@'%'
+GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%'
+SELECT a FROM temp.t1;
+a
+1
+2
+3
+# Check for additional privileges by accessing a
+# non privileged column. We shouldn't be able to
+# this column.
+SELECT b FROM temp.t1;
+ERROR 42000: SELECT command denied to user 'user2'@'localhost' for column 'b' in table 't1'
+DROP USER 'user2'@'%';
+DROP DATABASE temp;
End of 5.0 tests
=== modified file 'mysql-test/t/grant3.test'
--- a/mysql-test/t/grant3.test 2009-02-02 21:20:25 +0000
+++ b/mysql-test/t/grant3.test 2009-09-22 10:43:54 +0000
@@ -163,6 +163,41 @@ connection default;
DROP USER 'mysqltest1'@'%';
DROP DATABASE mysqltest_1;
+--echo #
+--echo # Bug#41597 - After rename of user, there are additional grants
+--echo # when grants are reapplied.
+--echo #
+
+CREATE DATABASE temp;
+CREATE TABLE temp.t1(a INT, b VARCHAR(10));
+INSERT INTO temp.t1 VALUES(1, 'name1');
+INSERT INTO temp.t1 VALUES(2, 'name2');
+INSERT INTO temp.t1 VALUES(3, 'name3');
+
+
+CREATE USER 'user1'@'%';
+RENAME USER 'user1'@'%' TO 'user2'@'%';
+--echo # Show privileges after rename and BEFORE grant
+SHOW GRANTS FOR 'user2'@'%';
+GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%';
+--echo # Show privileges after rename and grant
+SHOW GRANTS FOR 'user2'@'%';
+
+--echo # Connect as the renamed user
+connect (conn1, localhost, user2,,);
+connection conn1;
+SHOW GRANTS;
+SELECT a FROM temp.t1;
+--echo # Check for additional privileges by accessing a
+--echo # non privileged column. We shouldn't be able to
+--echo # this column.
+--error ER_COLUMNACCESS_DENIED_ERROR
+SELECT b FROM temp.t1;
+disconnect conn1;
+
+connection default;
+DROP USER 'user2'@'%';
+DROP DATABASE temp;
--echo End of 5.0 tests
=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc 2009-08-28 15:51:31 +0000
+++ b/sql/sql_acl.cc 2009-09-22 10:43:54 +0000
@@ -5183,9 +5183,29 @@ static int handle_grant_struct(uint stru
case 2:
case 3:
+ int new_hash_key_length= strlen(user_to->user.str) +
+ strlen(grant_name->db) +
+ strlen(grant_name->tname) + 3;
+ char *new_hash_key= (char*) alloc_root(&mem, new_hash_key_length);
+
+ /*
+ Update the hash key with the renamed user name as
+ user name is part of hash_key
+ */
+ strmov(strmov(strmov(new_hash_key, user_to->user.str) + 1,
+ grant_name->db) + 1, grant_name->tname);
grant_name->user= strdup_root(&mem, user_to->user.str);
update_hostname(&grant_name->host,
strdup_root(&mem, user_to->host.str));
+ grant_name->hash_key= new_hash_key;
+ grant_name->key_length= new_hash_key_length;
+
+ /*
+ Update the hash to ensure that the position matches the
+ new key value
+ */
+ hash_update(&column_priv_hash, (byte *)grant_name,
+ grant_name->hash_key, grant_name->key_length);
break;
}
}
Attachment: [text/bzr-bundle] bzr/satya.bn@sun.com-20090922104354-4j2x1didy0ctlv9w.bundle
