Bug #26817: mysqldump fails to backup database containing view with invalid definer

give some leeway on required permissions for SHOW FIELDS on views so an unknonwn DEFINER will no longer break mysqldump client/client_priv.h: Bug #26817: mysqldump fails to backup database containing view with invalid definer New option for mysqldump: redirect stderr to file ("2> for Windows") client/mysqldump.c: Bug #26817: mysqldump fails to backup database containing view with invalid definer New option for mysqldump: redirect stderr to file ("2> for Windows") mysql-test/r/information_schema_db.result: Bug #26817: mysqldump fails to backup database containing view with invalid definer New option for mysqldump: redirect stderr to file ("2> for Windows") mysql-test/t/information_schema_db.test: Bug #26817: mysqldump fails to backup database containing view with invalid definer New option for mysqldump: redirect stderr to file ("2> for Windows") sql/sql_base.cc: Bug #26817: mysqldump fails to backup database containing view with invalid definer be a little more lenient for SHOW FIELDS FROM sql/sql_parse.cc: Bug #26817: mysqldump fails to backup database containing view with invalid definer be a little more lenient for SHOW FIELDS FROM on views on views sql/sql_view.cc: Bug #26817: mysqldump fails to backup database containing view with invalid definer give SHOW FIELDS the same perks as SHOW CREATE sql/table.cc: Bug #26817: mysqldump fails to backup database containing view with invalid definer give SHOW FIELDS the same perks as SHOW CREATE
2025-01-16 12:02:42 +01:00 · 2007-03-23 19:24:03 +01:00 · 2007-03-23 19:24:03 +01:00 · b765a8af9b
commit b765a8af9b
parent 6d93f15039
8 changed files with 182 additions and 14 deletions
--- a/client/client_priv.h
+++ b/client/client_priv.h
@ -51,5 +51,5 @@ enum options_client
  OPT_TRIGGERS,
  OPT_IGNORE_TABLE,OPT_INSERT_IGNORE,OPT_SHOW_WARNINGS,OPT_DROP_DATABASE,
  OPT_TZ_UTC, OPT_AUTO_CLOSE, OPT_SSL_VERIFY_SERVER_CERT,
-  OPT_DEBUG_INFO
+  OPT_DEBUG_INFO, OPT_ERROR_LOG_FILE
 };
--- a/client/mysqldump.c
+++ b/client/mysqldump.c
@ -105,7 +105,8 @@ static char  *opt_password=0,*current_user=0,
             *lines_terminated=0, *enclosed=0, *opt_enclosed=0, *escaped=0,
             *where=0, *order_by=0,
             *opt_compatible_mode_str= 0,
-             *err_ptr= 0;
+             *err_ptr= 0,
+             *log_error_file= NULL;
 static char **defaults_argv= 0;
 static char compatible_mode_normal_str[255];
 static ulong opt_compatible_mode= 0;
@ -117,6 +118,8 @@ static int   first_error=0;
 static DYNAMIC_STRING extended_row;
 #include <sslopt-vars.h>
 FILE *md_result_file= 0;
+FILE *stderror_file=0;
+
 #ifdef HAVE_SMEM
 static char *shared_memory_base_name=0;
 #endif
@ -293,6 +296,9 @@ static struct my_option my_long_options[] =
   0, 0, 0, 0, 0, 0},
  {"lock-tables", 'l', "Lock all tables for read.", (gptr*) &lock_tables,
   (gptr*) &lock_tables, 0, GET_BOOL, NO_ARG, 1, 0, 0, 0, 0, 0},
+  {"log-error", OPT_ERROR_LOG_FILE, "Append warnings and errors to given file.",
+   (gptr*) &log_error_file, (gptr*) &log_error_file, 0, GET_STR,
+   REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
  {"master-data", OPT_MASTER_DATA,
   "This causes the binary log position and filename to be appended to the "
   "output. If equal to 1, will print it as a CHANGE MASTER command; if equal"
@ -3694,6 +3700,16 @@ int main(int argc, char **argv)
    free_resources(0);
    exit(exit_code);
  }
+
+  if (log_error_file)
+  {
+    if(!(stderror_file= freopen(log_error_file, "a+", stderr)))
+    {
+      free_resources(0);
+      exit(EX_MYSQLERR);
+    }
+  }
+
  if (connect_to_db(current_host, current_user, opt_password))
  {
    free_resources(0);
@ -3746,5 +3762,9 @@ err:
  if (!path)
    write_footer(md_result_file);
  free_resources();
+
+  if (stderror_file)
+    fclose(stderror_file);
+
  return(first_error);
 } /* main */
--- a/mysql-test/r/information_schema_db.result
+++ b/mysql-test/r/information_schema_db.result
@ -106,16 +106,82 @@ use testdb_1;
 create table t1 (f1 char(4));
 create view v1 as select f1 from t1;
 grant insert on v1 to testdb_2@localhost;
+create view v5 as select f1 from t1;
+grant show view on v5 to testdb_2@localhost;
+create definer=`no_such_user`@`no_such_host` view v6 as select f1 from t1;
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
+use testdb_1;
+create view v6 as select f1 from t1;
+grant show view on v6 to testdb_2@localhost;
+create table t2 (f1 char(4));
+create definer=`no_such_user`@`no_such_host` view v7 as select * from t2;
+Warnings:
+Note	1449	There is no 'no_such_user'@'no_such_host' registered
+show fields from testdb_1.v6;
+Field	Type	Null	Key	Default	Extra
+f1	char(4)	YES		NULL	
+show create view testdb_1.v6;
+View	Create View
+v6	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v6` AS select `t1`.`f1` AS `f1` from `t1`
+show create view testdb_1.v7;
+View	Create View
+v7	CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2`
+Warnings:
+Warning	1356	View 'testdb_1.v7' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
+show fields from testdb_1.v7;
+Field	Type	Null	Key	Default	Extra
+f1	null	YES		NULL	
+Warnings:
+Note	1449	There is no 'no_such_user'@'no_such_host' registered
 create table t3 (f1 char(4), f2 char(4));
 create view v3 as select f1,f2 from t3;
 grant insert(f1), insert(f2) on v3 to testdb_2@localhost;
 create view v2 as select f1 from testdb_1.v1;
 create view v4 as select f1,f2 from testdb_1.v3;
+show fields from testdb_1.v5;
+Field	Type	Null	Key	Default	Extra
+f1	char(4)	YES		NULL	
+show create view testdb_1.v5;
+View	Create View
+v5	CREATE ALGORITHM=UNDEFINED DEFINER=`testdb_1`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v5` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1`
+show fields from testdb_1.v6;
+Field	Type	Null	Key	Default	Extra
+f1	char(4)	YES		NULL	
+show create view testdb_1.v6;
+View	Create View
+v6	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v6` AS select `testdb_1`.`t1`.`f1` AS `f1` from `testdb_1`.`t1`
+show fields from testdb_1.v7;
+Field	Type	Null	Key	Default	Extra
+f1	null	YES		NULL	
+Warnings:
+Note	1449	There is no 'no_such_user'@'no_such_host' registered
+show create view testdb_1.v7;
+View	Create View
+v7	CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v7` AS select `testdb_1`.`t2`.`f1` AS `f1` from `t2`
+Warnings:
+Warning	1356	View 'testdb_1.v7' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 revoke insert(f1) on v3 from testdb_2@localhost;
+revoke show view on v5 from testdb_2@localhost;
+use testdb_1;
+revoke show view on v6 from testdb_2@localhost;
+show fields from testdb_1.v5;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v5'
+show create view testdb_1.v5;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v5'
+show fields from testdb_1.v6;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v6'
+show create view testdb_1.v6;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v6'
+show fields from testdb_1.v7;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v7'
+show create view testdb_1.v7;
+ERROR 42000: SELECT command denied to user 'testdb_2'@'localhost' for table 'v7'
 show create view v4;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show fields from v4;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+Field	Type	Null	Key	Default	Extra
+f1	null	YES		NULL	
+f2	char(4)	YES		NULL	
 show fields from v2;
 Field	Type	Null	Key	Default	Extra
 f1	char(4)	YES		NULL	
@ -140,6 +206,7 @@ where a.table_name = 'testdb_1.v1';
 view_definition
 select * from v2;
 ERROR HY000: View 'test.v2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
+use test;
 drop view testdb_1.v1, v2, testdb_1.v3, v4;
 drop database testdb_1;
 drop user testdb_1@localhost;
--- a/mysql-test/t/information_schema_db.test
+++ b/mysql-test/t/information_schema_db.test
@ -121,6 +121,28 @@ create table t1 (f1 char(4));
 create view v1 as select f1 from t1;
 grant insert on v1 to testdb_2@localhost;

+create view v5 as select f1 from t1;
+grant show view on v5 to testdb_2@localhost;
+
+--error 1227
+create definer=`no_such_user`@`no_such_host` view v6 as select f1 from t1;
+
+connection default;
+use testdb_1;
+create view v6 as select f1 from t1;
+grant show view on v6 to testdb_2@localhost;
+
+create table t2 (f1 char(4));
+create definer=`no_such_user`@`no_such_host` view v7 as select * from t2;
+
+show fields from testdb_1.v6;
+show create view testdb_1.v6;
+
+show create view testdb_1.v7;
+show fields from testdb_1.v7;
+
+connection testdb_1;
+
 create table t3 (f1 char(4), f2 char(4));
 create view v3 as select f1,f2 from t3;
 grant insert(f1), insert(f2) on v3 to testdb_2@localhost;
@ -129,13 +151,41 @@ connect (testdb_2,localhost,testdb_2,,test);
 create view v2 as select f1 from testdb_1.v1;
 create view v4 as select f1,f2 from testdb_1.v3;

+show fields from testdb_1.v5;
+show create view testdb_1.v5;
+
+show fields from testdb_1.v6;
+show create view testdb_1.v6;
+
 connection testdb_1;
+show fields from testdb_1.v7;
+show create view testdb_1.v7;
+
 revoke insert(f1) on v3 from testdb_2@localhost;
+revoke show view on v5 from testdb_2@localhost;
+connection default;
+use testdb_1;
+revoke show view on v6 from testdb_2@localhost;
 connection testdb_2;

+--error 1142
+show fields from testdb_1.v5;
+--error 1142
+show create view testdb_1.v5;
+
+--error 1142
+show fields from testdb_1.v6;
+--error 1142
+show create view testdb_1.v6;
+
+--error 1142
+show fields from testdb_1.v7;
+--error 1142
+show create view testdb_1.v7;
+
 --error 1345
 show create view v4;
--error 1345
+#--error 1345
 show fields from v4;

 show fields from v2;
@ -155,6 +205,7 @@ where a.table_name = 'testdb_1.v1';
 select * from v2;

 connection default;
+use test;
 drop view testdb_1.v1, v2, testdb_1.v3, v4;
 drop database testdb_1;
 drop user testdb_1@localhost;
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@ -3573,15 +3573,36 @@ find_field_in_tables(THD *thd, Item_ident *item,
  {
    Field *cur_field= find_field_in_table_ref(thd, cur_table, name, length,
                                              item->name, db, table_name, ref,
-                                              check_privileges, allow_rowid,
+                                              check_privileges,
+                                              allow_rowid,
                                              &(item->cached_field_index),
                                              register_tree_change,
                                              &actual_table);
    if (cur_field)
    {
      if (cur_field == WRONG_GRANT)
+      {
+        if (thd->lex->sql_command != SQLCOM_SHOW_FIELDS)
          return (Field*) 0;

+        thd->clear_error();
+        cur_field= find_field_in_table_ref(thd, cur_table, name, length,
+                                           item->name, db, table_name, ref,
+                                           false,
+                                           allow_rowid,
+                                           &(item->cached_field_index),
+                                           register_tree_change,
+                                           &actual_table);
+        if (cur_field)
+        {
+          Field *nf=new Field_null(NULL,0,Field::NONE,
+                                   cur_field->field_name,
+                                   cur_field->table,
+                                   &my_charset_bin);
+          cur_field= nf;
+        }
+      }
+
      /*
        Store the original table of the field, which may be different from
        cur_table in the case of NATURAL/USING join.
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@ -5159,7 +5159,10 @@ bool check_single_table_access(THD *thd, ulong privilege,
    goto deny;

  /* Show only 1 table for check_grant */
-  if (grant_option && check_grant(thd, privilege, all_tables, 0, 1, 0))
+  if (grant_option &&
+      !(all_tables->belong_to_view &&
+        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
+      check_grant(thd, privilege, all_tables, 0, 1, 0))
    goto deny;

  thd->security_ctx= backup_ctx;
--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@ -1003,6 +1003,11 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table,
    CHARSET_INFO *save_cs= thd->variables.character_set_client;
    thd->variables.character_set_client= system_charset_info;
    res= MYSQLparse((void *)thd);
+
+    if ((old_lex->sql_command == SQLCOM_SHOW_FIELDS) ||
+        (old_lex->sql_command == SQLCOM_SHOW_CREATE))
+        lex->sql_command= old_lex->sql_command;
+
    thd->variables.character_set_client= save_cs;
    thd->variables.sql_mode= save_mode;
  }
@ -1028,7 +1033,7 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table,
      }
    }
    else if (!table->prelocking_placeholder &&
-             old_lex->sql_command == SQLCOM_SHOW_CREATE &&
+             (old_lex->sql_command == SQLCOM_SHOW_CREATE) &&
             !table->belong_to_view)
    {
      if (check_table_access(thd, SHOW_VIEW_ACL, table, 0))
--- a/sql/table.cc
+++ b/sql/table.cc
@ -2441,7 +2441,8 @@ bool st_table_list::prepare_view_securety_context(THD *thd)
                                definer.host.str,
                                thd->db))
    {
-      if (thd->lex->sql_command == SQLCOM_SHOW_CREATE)
+      if ((thd->lex->sql_command == SQLCOM_SHOW_CREATE) ||
+          (thd->lex->sql_command == SQLCOM_SHOW_FIELDS))
      {
        push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_NOTE, 
                            ER_NO_SUCH_USER,