Below is the list of changes that have just been committed into a local
5.0 repository of pem. When pem does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
ChangeSet
1.1943 05/10/28 12:11:32 pem@stripped +5 -0
Fixed BUG#14256: definer in view definition is not fully qualified
Changed the parser test for wildcards in hostname to checking for empty
strings instead (analogous with the test in default_view_definer()),
since wildcards do appear in the definer's host-part sometimes.
sql/sql_yacc.yy
1.438 05/10/28 12:11:24 pem@stripped +1 -2
Changed test for wildcards in hostpart of explicit view definer to test for empty
host part instead. (Analogous with sql_parse.cc:default_view_definer().)
mysql-test/t/view_grant.test
1.5 05/10/28 12:11:24 pem@stripped +45 -0
Added test for BUG#14256.
mysql-test/t/view.test
1.117 05/10/28 12:11:24 pem@stripped +1 -1
Changed test for explicit definer; wildcards in host are ok, empty host-part is not.
mysql-test/r/view_grant.result
1.5 05/10/28 12:11:24 pem@stripped +27 -0
Added test for BUG#14256.
mysql-test/r/view.result
1.125 05/10/28 12:11:24 pem@stripped +1 -1
Updated result.
# This is a BitKeeper patch. What follows are the unified diffs for the
# set of deltas contained in the patch. The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User: pem
# Host: mysql.comhem.se
# Root: /usr/home/pem/bug14256/mysql-5.0
--- 1.437/sql/sql_yacc.yy 2005-10-25 19:04:13 +02:00
+++ 1.438/sql/sql_yacc.yy 2005-10-28 12:11:24 +02:00
@@ -9026,8 +9026,7 @@
(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
YYABORT;
view_user->user = $3; view_user->host=$5;
- if (strchr(view_user->host.str, wild_many) ||
- strchr(view_user->host.str, wild_one))
+ if (view_user->host.length == 0)
{
my_error(ER_NO_VIEW_USER, MYF(0));
YYABORT;
--- 1.124/mysql-test/r/view.result 2005-10-11 23:59:46 +02:00
+++ 1.125/mysql-test/r/view.result 2005-10-28 12:11:24 +02:00
@@ -2198,7 +2198,7 @@
120001a080000542 guser02
drop view v1, v2;
drop table t1, t2;
-create definer=some_user@__% sql security invoker view v1 as select 1;
+create definer=some_user@`` sql security invoker view v1 as select 1;
ERROR HY000: View definer is not fully qualified
create definer=some_user@localhost sql security invoker view v1 as select 1;
Warnings:
--- 1.116/mysql-test/t/view.test 2005-10-11 23:59:47 +02:00
+++ 1.117/mysql-test/t/view.test 2005-10-28 12:11:24 +02:00
@@ -2082,7 +2082,7 @@
# DEFINER information check
#
-- error ER_NO_VIEW_USER
-create definer=some_user@__% sql security invoker view v1 as select 1;
+create definer=some_user@`` sql security invoker view v1 as select 1;
create definer=some_user@localhost sql security invoker view v1 as select 1;
show create view v1;
drop view v1;
--- 1.4/mysql-test/r/view_grant.result 2005-09-14 09:53:02 +02:00
+++ 1.5/mysql-test/r/view_grant.result 2005-10-28 12:11:24 +02:00
@@ -307,3 +307,30 @@
create view v1 as select * from t1;
revoke all privileges on mysqltest.* from mysqltest_1@localhost;
drop database mysqltest;
+drop view if exists v1;
+create table t1 as select * from mysql.user where user='';
+delete from mysql.user where user='';
+flush privileges;
+grant all on test.* to 'test14256'@'%';
+use test;
+create view v1 as select 42;
+show create view v1;
+View Create View
+v1 CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42`
+select definer into @v1def1 from information_schema.views
+where table_schema = 'test' and table_name='v1';
+drop view v1;
+create definer=`test14256`@`%` view v1 as select 42;
+show create view v1;
+View Create View
+v1 CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42`
+select definer into @v1def2 from information_schema.views
+where table_schema = 'test' and table_name='v1';
+drop view v1;
+select @v1def1, @v1def2, @v1def1=@v1def2;
+@v1def1 @v1def2 @v1def1=@v1def2
+test14256@% test14256@% 1
+drop user test14256;
+insert into mysql.user select * from t1;
+flush privileges;
+drop table t1;
--- 1.4/mysql-test/t/view_grant.test 2005-09-14 09:53:02 +02:00
+++ 1.5/mysql-test/t/view_grant.test 2005-10-28 12:11:24 +02:00
@@ -406,3 +406,48 @@
revoke all privileges on mysqltest.* from mysqltest_1@localhost;
drop database mysqltest;
+
+#
+# BUG#14256: definer in view definition is not fully qualified
+#
+--disable_warnings
+drop view if exists v1;
+--enable_warnings
+
+# Backup anonymous users and remove them. (They get in the way of
+# the one we test with here otherwise.)
+create table t1 as select * from mysql.user where user='';
+delete from mysql.user where user='';
+flush privileges;
+
+# Create the test user
+grant all on test.* to 'test14256'@'%';
+
+connect (test14256,localhost,test14256,,test);
+connection test14256;
+use test;
+
+create view v1 as select 42;
+show create view v1;
+
+select definer into @v1def1 from information_schema.views
+ where table_schema = 'test' and table_name='v1';
+drop view v1;
+
+create definer=`test14256`@`%` view v1 as select 42;
+show create view v1;
+
+select definer into @v1def2 from information_schema.views
+ where table_schema = 'test' and table_name='v1';
+drop view v1;
+
+select @v1def1, @v1def2, @v1def1=@v1def2;
+
+connection root;
+drop user test14256;
+
+# Restore the anonymous users.
+insert into mysql.user select * from t1;
+flush privileges;
+
+drop table t1;
| Thread |
|---|
| • bk commit into 5.0 tree (pem:1.1943) BUG#14256 | pem | 28 Oct |
