mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
Merge mysql.com:/home/hf/work/23675/my51-23675
into mysql.com:/home/hf/work/my_mrg/my51-my_mrg sql/mysql_priv.h: Auto merged sql/sql_base.cc: Auto merged sql/sql_parse.cc: Auto merged sql/share/errmsg.txt: merging
This commit is contained in:
commit
b4fab0eb94
7 changed files with 63 additions and 16 deletions
|
@ -19,7 +19,16 @@ revoke alter on mysqltest_1.* from mysqltest_1@localhost;
|
|||
alter table t1 drop partition p3;
|
||||
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
|
||||
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
|
||||
drop user mysqltest_1@localhost;
|
||||
drop table t1;
|
||||
create table t1 (s1 int);
|
||||
insert into t1 values (1);
|
||||
grant alter on mysqltest_1.* to mysqltest_1@localhost;
|
||||
alter table t1 partition by list (s1) (partition p1 values in (2));
|
||||
ERROR HY000: Table has no partition for some existing values
|
||||
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
|
||||
alter table t1 partition by list (s1) (partition p1 values in (2));
|
||||
ERROR HY000: Table has no partition for value 1
|
||||
drop table t1;
|
||||
drop user mysqltest_1@localhost;
|
||||
drop schema mysqltest_1;
|
||||
End of 5.1 tests
|
||||
|
|
|
@ -52,8 +52,30 @@ disconnect conn3;
|
|||
connection default;
|
||||
|
||||
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
|
||||
drop user mysqltest_1@localhost;
|
||||
drop table t1;
|
||||
|
||||
#
|
||||
# Bug #23675 Partitions: possible security breach via alter
|
||||
#
|
||||
|
||||
create table t1 (s1 int);
|
||||
insert into t1 values (1);
|
||||
grant alter on mysqltest_1.* to mysqltest_1@localhost;
|
||||
connect (conn4,localhost,mysqltest_1,,mysqltest_1);
|
||||
connection conn4;
|
||||
--error 1514
|
||||
alter table t1 partition by list (s1) (partition p1 values in (2));
|
||||
connection default;
|
||||
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
|
||||
disconnect conn4;
|
||||
connect (conn5,localhost,mysqltest_1,,mysqltest_1);
|
||||
--error 1514
|
||||
alter table t1 partition by list (s1) (partition p1 values in (2));
|
||||
disconnect conn5;
|
||||
connection default;
|
||||
drop table t1;
|
||||
|
||||
drop user mysqltest_1@localhost;
|
||||
drop schema mysqltest_1;
|
||||
|
||||
--echo End of 5.1 tests
|
||||
|
|
|
@ -599,7 +599,7 @@ class THD;
|
|||
void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
|
||||
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables);
|
||||
bool check_single_table_access(THD *thd, ulong privilege,
|
||||
TABLE_LIST *tables);
|
||||
TABLE_LIST *tables, bool no_errors);
|
||||
bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
|
||||
bool is_proc, bool no_errors);
|
||||
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
|
||||
|
|
|
@ -849,15 +849,27 @@ void partition_info::print_no_partition_found(TABLE *table)
|
|||
{
|
||||
char buf[100];
|
||||
char *buf_ptr= (char*)&buf;
|
||||
my_bitmap_map *old_map= dbug_tmp_use_all_columns(table, table->read_set);
|
||||
TABLE_LIST table_list;
|
||||
|
||||
if (part_expr->null_value)
|
||||
buf_ptr= (char*)"NULL";
|
||||
bzero(&table_list, sizeof(table_list));
|
||||
table_list.db= table->s->db.str;
|
||||
table_list.table_name= table->s->table_name.str;
|
||||
|
||||
if (check_single_table_access(current_thd,
|
||||
SELECT_ACL, &table_list, TRUE))
|
||||
my_message(ER_NO_PARTITION_FOR_GIVEN_VALUE,
|
||||
ER(ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT), MYF(0));
|
||||
else
|
||||
longlong2str(err_value, buf,
|
||||
part_expr->unsigned_flag ? 10 : -10);
|
||||
my_error(ER_NO_PARTITION_FOR_GIVEN_VALUE, MYF(0), buf_ptr);
|
||||
dbug_tmp_restore_column_map(table->read_set, old_map);
|
||||
{
|
||||
my_bitmap_map *old_map= dbug_tmp_use_all_columns(table, table->read_set);
|
||||
if (part_expr->null_value)
|
||||
buf_ptr= (char*)"NULL";
|
||||
else
|
||||
longlong2str(err_value, buf,
|
||||
part_expr->unsigned_flag ? 10 : -10);
|
||||
my_error(ER_NO_PARTITION_FOR_GIVEN_VALUE, MYF(0), buf_ptr);
|
||||
dbug_tmp_restore_column_map(table->read_set, old_map);
|
||||
}
|
||||
}
|
||||
/*
|
||||
Set up buffers and arrays for fields requiring preparation
|
||||
|
|
|
@ -6057,3 +6057,5 @@ ER_EVENT_CANNOT_ALTER_IN_THE_PAST
|
|||
eng "Event execution time is in the past and ON COMPLETION NOT PRESERVE is set. Event has not been altered"
|
||||
ER_SLAVE_INCIDENT
|
||||
eng "The incident %s occured on the master. Message: %-.64s"
|
||||
ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT
|
||||
eng "Table has no partition for some existing values"
|
||||
|
|
|
@ -5852,7 +5852,7 @@ bool setup_tables_and_check_access(THD *thd,
|
|||
{
|
||||
if (leaves_tmp->belong_to_view &&
|
||||
check_single_table_access(thd, first_table ? want_access_first :
|
||||
want_access, leaves_tmp))
|
||||
want_access, leaves_tmp, FALSE))
|
||||
{
|
||||
tables->hide_view_error(thd);
|
||||
return TRUE;
|
||||
|
|
|
@ -4452,6 +4452,8 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
|
|||
thd Thread handler
|
||||
privilege requested privilege
|
||||
all_tables global table list of query
|
||||
no_errors FALSE/TRUE - report/don't report error to
|
||||
the client (using my_error() call).
|
||||
|
||||
RETURN
|
||||
0 - OK
|
||||
|
@ -4459,7 +4461,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
|
|||
*/
|
||||
|
||||
bool check_single_table_access(THD *thd, ulong privilege,
|
||||
TABLE_LIST *all_tables)
|
||||
TABLE_LIST *all_tables, bool no_errors)
|
||||
{
|
||||
Security_context * backup_ctx= thd->security_ctx;
|
||||
|
||||
|
@ -4475,12 +4477,12 @@ bool check_single_table_access(THD *thd, ulong privilege,
|
|||
db_name= all_tables->db;
|
||||
|
||||
if (check_access(thd, privilege, db_name,
|
||||
&all_tables->grant.privilege, 0, 0,
|
||||
&all_tables->grant.privilege, 0, no_errors,
|
||||
test(all_tables->schema_table)))
|
||||
goto deny;
|
||||
|
||||
/* Show only 1 table for check_grant */
|
||||
if (grant_option && check_grant(thd, privilege, all_tables, 0, 1, 0))
|
||||
if (grant_option && check_grant(thd, privilege, all_tables, 0, 1, no_errors))
|
||||
goto deny;
|
||||
|
||||
thd->security_ctx= backup_ctx;
|
||||
|
@ -4508,7 +4510,7 @@ deny:
|
|||
|
||||
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
|
||||
{
|
||||
if (check_single_table_access (thd,privilege,all_tables))
|
||||
if (check_single_table_access (thd,privilege,all_tables, FALSE))
|
||||
return 1;
|
||||
|
||||
/* Check rights on tables of subselects and implictly opened tables */
|
||||
|
@ -4521,7 +4523,7 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
|
|||
*/
|
||||
if (view && subselects_tables->belong_to_view == view)
|
||||
{
|
||||
if (check_single_table_access (thd, privilege, subselects_tables))
|
||||
if (check_single_table_access (thd, privilege, subselects_tables, FALSE))
|
||||
return 1;
|
||||
subselects_tables= subselects_tables->next_global;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue