mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-17 20:42:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Bug#27407480: AUTOMATIC_SP_PRIVILEGES REQUIRES NEED THE

Browse source 
INSERT PRIVILEGES FOR MYSQL.USER TABLE

Description:- Incorrect granting of EXECUTE and ALTER
ROUTINE privileges when the 'automatic_sp_privileges'
variable is set.

Fix:- EXECUTE and ALTER ROUTINE privileges are correctly
granted to the creator of the procedure when the
'automatic_sp_privileges' is SET.
This commit is contained in:
Arun Kuruvila 2018-04-24 10:02:04 +05:30
parent 940b88b686
commit a08508abf8
2 changed files with 5 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
mysql-test/r/grant.result
View file

@ -1780,8 +1780,6 @@ BEGIN
SET @x = 0;
REPEAT SET @x = @x + 1; UNTIL @x > p1 END REPEAT;
END ;||
Warnings:
Warning 1404 Failed to grant EXECUTE and ALTER ROUTINE privileges
SHOW GRANTS FOR 'user1'@'localhost';
Grants for user1@localhost
GRANT USAGE ON *.* TO 'user1'@'localhost'
@ -1791,6 +1789,7 @@ SHOW GRANTS FOR 'user2';
Grants for user2@%
GRANT USAGE ON *.* TO 'user2'@'%'
GRANT CREATE, CREATE ROUTINE ON `db1`.* TO 'user2'@'%'
GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `db1`.`proc2` TO 'user2'@'%'
DROP PROCEDURE db1.proc1;
DROP PROCEDURE db1.proc2;
REVOKE ALL ON db1.* FROM 'user1'@'localhost';

15
sql/sql_acl.cc
View file

@ -1,4 +1,4 @@
/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
/* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -7670,19 +7670,12 @@ bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name,
if (!(combo=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
DBUG_RETURN(TRUE);
combo->user.str= sctx->user;
combo->user.str= (char *) sctx->priv_user;
mysql_mutex_lock(&acl_cache->lock);
if ((au= find_acl_user(combo->host.str=(char*)sctx->host_or_ip,combo->user.str,FALSE)))
goto found_acl;
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_host()->ptr(),
combo->user.str,FALSE)))
goto found_acl;
if ((au= find_acl_user(combo->host.str=(char*)sctx->get_ip()->ptr(),
combo->user.str,FALSE)))
goto found_acl;
if((au= find_acl_user(combo->host.str=(char*)"%", combo->user.str, FALSE)))
if ((au= find_acl_user(combo->host.str= (char *) sctx->priv_host,
combo->user.str, FALSE)))
goto found_acl;
mysql_mutex_unlock(&acl_cache->lock);