Below is the list of changes that have just been committed into a local
4.1 repository of svoj. When svoj does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet@stripped, 2006-07-27 19:53:09+05:00, svoj@stripped +3 -0
BUG#7391 - Cross-database multi-table UPDATE uses active database
privileges
This problem is 4.1 specific. It doesn't affect 4.0 and was fixed
in 5.x before.
Having any mysql user who is allowed to issue multi table update
statement and any column/table grants, allows this user to update
any table on a server (mysql grant tables are not exception).
check_grant() accepts number of tables (in table list) to be checked
in 5-th param. While checking grants for multi table update, number
of tables must be 1. It must never be 0 (actually we have
DBUG_ASSERT(number > 0) in 5.x in grant_check() function).
mysql-test/r/grant.result@stripped, 2006-07-27 19:53:05+05:00, svoj@stripped +5 -4
Addition to test case for bug#7391:
- Added grant statement to trigger this problem in 4.1.
- Fixed error messages.
mysql-test/t/grant.test@stripped, 2006-07-27 19:53:05+05:00, svoj@stripped +5 -4
Addition to test case for bug#7391:
- Added grant statement to trigger this problem in 4.1.
- Fixed error messages.
sql/sql_update.cc@stripped, 2006-07-27 19:53:05+05:00, svoj@stripped +1 -1
check_grant() accepts number of tables (in table list) to be checked
in 5-th param. For this particular check number of tables must be 1.
It must never be 0 (actually we have DBUG_ASSERT(number > 0) in 5.x
in grant_check() function).
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: svoj
# Host: may.pils.ru
# Root: /home/svoj/devel/mysql/BUG7391/mysql-4.1
--- 1.155/sql/sql_update.cc 2006-07-27 19:53:16 +05:00
+++ 1.156/sql/sql_update.cc 2006-07-27 19:53:16 +05:00
@@ -628,7 +628,7 @@
if (!using_lock_tables)
tl->table->reginfo.lock_type= tl->lock_type;
if (check_access(thd, wants, tl->db, &tl->grant.privilege, 0, 0) ||
- (grant_option && check_grant(thd, wants, tl, 0, 0, 0)))
+ (grant_option && check_grant(thd, wants, tl, 0, 1, 0)))
{
tl->next= save;
DBUG_RETURN(1);
--- 1.41/mysql-test/r/grant.result 2006-07-27 19:53:16 +05:00
+++ 1.42/mysql-test/r/grant.result 2006-07-27 19:53:16 +05:00
@@ -383,7 +383,7 @@
update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1;
ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'q' in table 't1'
update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1;
-ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'd' in table 't2'
+ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 't1'
update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1;
ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1'
update mysqltest_2.t1, mysqltest_2.t2 set d=10 where s=2;
@@ -402,6 +402,7 @@
revoke all on mysqltest_2.t2 from mysqltest_3@localhost;
grant all on mysqltest_2.* to mysqltest_3@localhost;
grant select on *.* to mysqltest_3@localhost;
+grant select on mysqltest_2.t1 to mysqltest_3@localhost;
flush privileges;
use mysqltest_1;
update mysqltest_2.t1, mysqltest_2.t2 set c=500,d=600;
@@ -409,11 +410,11 @@
ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'a' in table 't1'
use mysqltest_2;
update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200;
-ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1'
+ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't1'
update mysqltest_2.t1, mysqltest_1.t2 set c=100,b=200;
-ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1'
+ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't2'
update mysqltest_1.t1, mysqltest_2.t2 set a=100,d=200;
-ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1'
+ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't1'
select t1.*,t2.* from mysqltest_1.t1,mysqltest_1.t2;
a q b r
10 2 1 2
--- 1.34/mysql-test/t/grant.test 2006-07-27 19:53:16 +05:00
+++ 1.35/mysql-test/t/grant.test 2006-07-27 19:53:16 +05:00
@@ -323,7 +323,7 @@
show grants for mysqltest_3@localhost;
--error 1143
update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1;
---error 1143
+--error 1142
update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1;
--error 1143
update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1;
@@ -343,6 +343,7 @@
#test the db/table level privileges
grant all on mysqltest_2.* to mysqltest_3@localhost;
grant select on *.* to mysqltest_3@localhost;
+grant select on mysqltest_2.t1 to mysqltest_3@localhost;
flush privileges;
disconnect conn1;
connect (conn2,localhost,mysqltest_3,,);
@@ -354,11 +355,11 @@
update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200;
use mysqltest_2;
#the following used to succeed, it must fail now.
---error 1044
+--error 1142
update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200;
---error 1044
+--error 1142
update mysqltest_2.t1, mysqltest_1.t2 set c=100,b=200;
---error 1044
+--error 1142
update mysqltest_1.t1, mysqltest_2.t2 set a=100,d=200;
#lets see the result
connection master;
| Thread |
|---|
| • bk commit into 4.1 tree (svoj:1.2529) BUG#7391 | Sergey Vojtovich | 27 Jul |
