Corrected test case for the bug#27878.
mysql-test/t/grant.test:
Corrected test case for the bug#27878.
mysql-test/r/grant.result:
Corrected test case for the bug#27878.
into mysql.com:/home/hf/work/27957/my51-27957
mysql-test/t/grant.test:
Auto merged
mysql-test/r/grant.result:
merging
sql/sql_update.cc:
Auto merged
sql/sql_prepare.cc:
Auto merged
database.
If a user has a right to update anything in the current database then the
access was granted and further checks of access rights for underlying tables
wasn't done correctly. The check is done before a view is opened and thus no
check of access rights for underlying tables can be carried out.
This allows a user to update through a view a table from another database for
which he hasn't enough rights.
Now the mysql_update() and the mysql_test_update() functions are forces
re-checking of access rights after a view is opened.
mysql-test/t/grant.test:
Added a test case for the bug#27878: Unchecked privileges on a view referring to a table from another database.
mysql-test/r/grant.result:
Added a test case for the bug#27878: Unchecked privileges on a view referring to a table from another database.
sql/sql_update.cc:
Bug#27878: Unchecked privileges on a view referring to a table from another
database.
Now the mysql_update() function forces re-checking of access rights after
the view is opened.
sql/sql_prepare.cc:
Bug#27878: Unchecked privileges on a view referring to a table from another
database.
Now the mysql_test_update() function forces re-checking of access rights after
the view is opened.
into mysql.com:/home/ram/work/b27515/b27515.5.0
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/sql_parse.cc:
Auto merged
into mysql.com:/home/ram/work/b27515/b27515.5.1
mysql-test/t/grant.test:
Auto merged
sql/sql_parse.cc:
Auto merged
mysql-test/r/grant.result:
will be merged in a post-merge CS
into mysql.com:/home/ram/work/b27515/b27515.5.0
mysql-test/r/grant.result:
will be merged in a post-merge CS
mysql-test/t/grant.test:
manual merge
sql/sql_parse.cc:
manual merge
Added missed DROP privilege check on the original table for RENAME TABLE command.
mysql-test/r/grant.result:
Fix for bug #27515: DROP previlege is not required anymore for RENAME TABLE
- test result.
mysql-test/t/grant.test:
Fix for bug #27515: DROP previlege is not required anymore for RENAME TABLE
- test case.
sql/sql_parse.cc:
Fix for bug #27515: DROP previlege is not required anymore for RENAME TABLE
- added DROP privilege check on the original table for RENAME TABLE command.
into a88-113-38-195.elisa-laajakaista.fi:/home/my/new/mysql-5.1-marvel
client/mysql.cc:
Auto merged
client/mysql_upgrade.c:
Auto merged
client/mysqlbinlog.cc:
Auto merged
client/mysqldump.c:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysys/my_malloc.c:
Auto merged
mysys/my_static.c:
Auto merged
mysys/safemalloc.c:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/log.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/opt_range.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_update.cc:
Auto merged
sql/table.cc:
Auto merged
storage/archive/ha_archive.cc:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/innobase/handler/ha_innodb.cc:
Auto merged
storage/ndb/src/mgmclient/CommandInterpreter.cpp:
Auto merged
mysql-test/r/grant.result:
Merged from 5.0
sql/sql_db.cc:
Merged from 5.0
sql/sql_parse.cc:
Merged from 5.0
into ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-marvel
client/mysqlcheck.c:
Auto merged
client/mysqldump.c:
Auto merged
include/my_time.h:
Auto merged
mysql-test/r/date_formats.result:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/r/type_date.result:
Auto merged
mysql-test/r/type_datetime.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysys/my_malloc.c:
Auto merged
mysys/my_static.c:
Auto merged
mysys/safemalloc.c:
Auto merged
sql/event_queue.cc:
Auto merged
sql/field.cc:
Auto merged
sql/field.h:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.cc:
Auto merged
sql/item.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/log.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/set_var.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_db.cc:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_repl.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/table.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
sql/time.cc:
Auto merged
storage/archive/ha_archive.cc:
Auto merged
storage/innobase/handler/ha_innodb.cc:
Auto merged
storage/ndb/src/mgmclient/CommandInterpreter.cpp:
Auto merged
tests/mysql_client_test.c:
Auto merged
client/client_priv.h:
Manual merge with main 5.1 source.
sql/event_data_objects.cc:
Manual merge with main 5.1 source.
sql/event_db_repository.cc:
Manual merge with main 5.1 source.
sql/mysqld.cc:
Manual merge with main 5.1 source.
sql/sql_load.cc:
Manual merge with main 5.1 source.
sql/sql_parse.cc:
Manual merge with main 5.1 source.
client/mysqldump.c:
fixed typo
include/mysql_com.h:
added new constants SYSTEM_CHARSET_MBMAXLEN, NAME_CHAR_LEN, USERNAME_CHAR_LENGTH
increased NAME_LEN, USERNAME_LENGTH
mysql-test/r/create.result:
result fix
mysql-test/r/grant.result:
result fix
mysql-test/r/mysql.result:
result fix
mysql-test/r/sp.result:
result fix
mysql-test/t/create.test:
test case
mysql-test/t/grant.test:
test case
sql/events.cc:
NAME_LEN is replaced with NAME_CHAR_LEN
sql/item_strfunc.h:
fixed calculation of max_length
sql/mysql_priv.h:
check_string_length function is replaced with check_string_byte_length
added new function check_string_char_length
sql/sp.cc:
NAME_LEN is replaced with NAME_CHAR_LEN
sql/sp_head.cc:
NAME_LEN is replaced with NAME_CHAR_LEN
sql/sp_head.h:
changed parameter of 'check_routine_name' function
sql/sql_class.cc:
NAME_LEN is replaced with NAME_CHAR_LEN
sql/share/errmsg.txt:
increased argument lengths according to new constants
sql/sql_parse.cc:
removed unnecessary checks
added function 'check_string_char_length'
sql/sql_plugin.cc:
check that name is not longer than NAME_CHAR_LEN symbols
sql/sql_show.cc:
NAME_LEN is replaced with NAME_CHAR_LEN
sql/sql_table.cc:
check that key name is not longer than NAME_LEN symbols
sql/sql_udf.cc:
check that udf name is not longer than NAME_CHAR_LEN symbols
sql/sql_yacc.yy:
check that user name is not longer than USERNAME_CHAR_LENGTH symbols
sql/table.cc:
check that db or table or column name is not longer than NAME_LEN symbols
storage/innobase/handler/ha_innodb.cc:
removed unnecessary multiplication
tests/mysql_client_test.c:
NAME_LEN is replaced with NAME_CHAR_LEN
The problem was that THD::db_access variable was not restored after
database switch in stored-routine-execution code.
The fix is to restore THD::db_access in this case.
Unfortunately, this fix requires additional changes,
because in prepare_schema_table(), called on the parsing stage, we checked
privileges. That was wrong according to our design, but this flaw haven't
struck so far, because it was masked. All privilege checkings must be
done on the execution stage in order to be compatible with prepared statements
and stored routines. So, this patch also contains patch for
prepare_schema_table(), which moves the checkings to the execution phase.
mysql-test/r/grant.result:
Updated result file.
mysql-test/t/grant.test:
Added test case for BUG#27337.
sql/mysql_priv.h:
Added function declaration.
sql/sql_db.cc:
Fix for BUG#27337 -- set THD::db_access even if we're called
from stored-routine-execution code.
sql/sql_parse.cc:
Split prepare_schema_table() into two functions:
- prepare_schema_table(), which is called from the parser (parsing stage);
- check_show_access(), which is called on the execution stage.
sql/sql_show.cc:
Ignore schema_select_lex member if its table is NULL.
into ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-marvel
client/mysql.cc:
Auto merged
client/mysqlbinlog.cc:
Auto merged
BitKeeper/deleted/.del-my_lread.c:
Auto merged
BitKeeper/deleted/.del-my_lwrite.c:
Auto merged
BitKeeper/deleted/.del-raid.cc~488f5fa6538394e1:
Auto merged
BitKeeper/deleted/.del-raid.h~2d2503a66b128ac6:
Auto merged
client/mysqldump.c:
Auto merged
extra/perror.c:
Auto merged
include/my_sys.h:
Auto merged
libmysql/libmysql.c:
Auto merged
libmysqld/libmysqld.c:
Auto merged
mysql-test/r/mysqlbinlog2.result:
Auto merged
mysql-test/r/sp-security.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/sp-security.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/sp_trans.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/default.c:
Auto merged
mysys/hash.c:
Auto merged
mysys/mf_iocache.c:
Auto merged
mysys/mf_keycache.c:
Auto merged
mysys/my_alloc.c:
Auto merged
mysys/my_dup.c:
Auto merged
mysys/my_getwd.c:
Auto merged
mysys/my_handler.c:
Auto merged
mysys/my_lib.c:
Auto merged
mysys/my_malloc.c:
Auto merged
mysys/my_pread.c:
Auto merged
mysys/my_read.c:
Auto merged
mysys/my_seek.c:
Auto merged
mysys/my_static.c:
Auto merged
mysys/safemalloc.c:
Auto merged
mysys/thr_alarm.c:
Auto merged
mysys/typelib.c:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/net_serv.cc:
Auto merged
sql/opt_range.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_cache.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_prepare.cc:
Auto merged
sql/sql_repl.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/strfunc.cc:
Auto merged
sql/table.cc:
Auto merged
sql/tztime.cc:
Auto merged
sql/unireg.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
storage/archive/ha_archive.cc:
Auto merged
storage/heap/_check.c:
Auto merged
storage/heap/hp_delete.c:
Auto merged
storage/heap/hp_hash.c:
Auto merged
storage/heap/hp_open.c:
Auto merged
storage/heap/hp_rkey.c:
Auto merged
storage/heap/hp_rrnd.c:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/innobase/handler/ha_innodb.cc:
Auto merged
storage/myisam/mi_close.c:
Auto merged
storage/myisam/mi_delete.c:
Auto merged
storage/myisam/mi_dynrec.c:
Auto merged
storage/myisam/mi_keycache.c:
Auto merged
storage/myisam/mi_page.c:
Auto merged
storage/myisam/mi_statrec.c:
Auto merged
storage/myisam/myisamchk.c:
Auto merged
storage/myisammrg/myrg_extra.c:
Auto merged
storage/ndb/src/mgmclient/CommandInterpreter.cpp:
Auto merged
tests/mysql_client_test.c:
Auto merged
mysql-test/r/grant.result:
Merged from 5.0
mysql-test/r/sp.result:
Merged from 5.0
mysql-test/r/sp_trans.result:
Merged from 5.0
mysql-test/t/mysqlbinlog2.test:
Merged from 5.0
mysys/thr_lock.c:
Merged from 5.0
sql/ha_ndbcluster.cc:
Merged from 5.0
sql/log.cc:
Merged from 5.0
sql/mysql_priv.h:
Merged from 5.0
sql/mysqld.cc:
Merged from 5.0
sql/set_var.cc:
Merged from 5.0
sql/sql_db.cc:
Merged from 5.0
sql/sql_insert.cc:
Merged from 5.0
sql/sql_parse.cc:
Merged from 5.0
sql/sql_show.cc:
Merged from 5.0
sql/sql_update.cc:
Merged from 5.0
make 'use database' okay.
The problem was that we didn't check stored-routine privileges
in check_grant_db().
The patch adds this check.
mysql-test/r/grant.result:
Update result file.
mysql-test/r/sp-security.result:
Update result fil.
mysql-test/t/grant.test:
Added test case for BUG#9504.
mysql-test/t/sp-security.test:
Update test.
sql/sql_acl.cc:
Check stored routines privileges.
into neptunus.(none):/home/msvensson/mysql/mysql-5.1-maint
BitKeeper/etc/ignore:
auto-union
Makefile.am:
Auto merged
cmd-line-utils/readline/display.c:
Auto merged
configure.in:
Auto merged
extra/yassl/include/buffer.hpp:
Auto merged
extra/yassl/include/crypto_wrapper.hpp:
Auto merged
extra/yassl/include/yassl_imp.hpp:
Auto merged
extra/yassl/include/yassl_int.hpp:
Auto merged
extra/yassl/src/crypto_wrapper.cpp:
Auto merged
extra/yassl/taocrypt/include/algebra.hpp:
Auto merged
extra/yassl/taocrypt/include/des.hpp:
Auto merged
extra/yassl/taocrypt/include/hash.hpp:
Auto merged
extra/yassl/taocrypt/include/hmac.hpp:
Auto merged
extra/yassl/taocrypt/include/modarith.hpp:
Auto merged
extra/yassl/taocrypt/include/modes.hpp:
Auto merged
extra/yassl/taocrypt/include/rsa.hpp:
Auto merged
extra/yassl/taocrypt/include/type_traits.hpp:
Auto merged
extra/yassl/taocrypt/mySTL/list.hpp:
Auto merged
extra/yassl/taocrypt/src/aes.cpp:
Auto merged
extra/yassl/taocrypt/src/algebra.cpp:
Auto merged
extra/yassl/taocrypt/src/asn.cpp:
Auto merged
extra/yassl/testsuite/testsuite.cpp:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/mysqltest.result:
Auto merged
mysql-test/t/mysqltest.test:
Auto merged
mysys/default.c:
Auto merged
sql/field.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_cmpfunc.h:
Auto merged
sql/item_sum.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/net_serv.cc:
Auto merged
sql/repl_failsafe.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/set_var.h:
Auto merged
sql/slave.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql-common/client.c:
Auto merged
sql/sql_select.cc:
Auto merged
extra/yassl/taocrypt/test/test.cpp:
Manual merge
mysql-test/r/grant.result:
Manual merge
mysql-test/r/select.result:
Manual merge
mysql-test/t/grant.test:
Manual merge
mysql-test/t/select.test:
Manual merge
sql/field.h:
Manual merge
sql/mysqld.cc:
Manual merge
into rakia.gmz:/home/kgeorge/mysql/autopush/B23556-5.1-opt
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/sql_parse.cc:
Auto merged
into example.com:/work/bug22369-v2/my51
mysql-test/r/alter_table.result:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_table.cc:
Auto merged
mysql-test/t/alter_table.test:
manual merge
with other alterations causes lost tables
Using RENAME clause combined with other clauses of ALTER TABLE led to
data loss (the data was there but not accessible). This could happen if the
changes do not change the table much. Adding and droppping of fields and
indices was safe. Renaming a column with MODIFY or CHANGE was unsafe operation,
if the actual column didn't change (changing from int to int, which is a noop)
Depending on the storage engine (SE) the behavior is different:
1)MyISAM/MEMORY - the ALTER TABLE statement completes
without any error but next SELECT against the new table fails.
2)InnoDB (and every other transactional table) - The ALTER TABLE statement
fails. There are the the following files in the db dir -
`new_table_name.frm` and a temporary table's frm. If the SE is file
based, then the data and index files will be present but with the old
names. What happens is that for InnoDB the table is not renamed in the
internal DDIC.
Fixed by adding additional call to mysql_rename_table() method, which should
not include FRM file rename, because it has been already done during file
names juggling.
mysql-test/r/alter_table.result:
update result
mysql-test/r/grant.result:
update result
mysql-test/t/alter_table.test:
2006/11/29 11:46:23+01:00 andrey@example.com +44 -9
Error to bug number
Added test case for #22369: Alter table rename combined
with other alterations causes lost tables
mysql-test/t/grant.test:
add test for bug#22369 - alter table was missing check
for DROP_ACL when ALTER_RENAME clause is specified. Synchronise
with RENAME TABLE DDL.
sql/mysql_priv.h:
Add a new flag for mysql_rename_table()
sql/sql_parse.cc:
To be consistent with SQLCOM_RENAME_TABLE, SQLCOM_ALTER_TABLE has
to check for DROP_ACL if there is ALTER_RENAME flag set.
sql/sql_table.cc:
ALTER_RENAME, the data and index files weren't renamed in the engine
but only the FRM was new, when the tables old and new tables are compatible.
In the chain of FRM renames we add a call to mysql_rename_table() which should
instruct the engine to rename the table but not rename the FRM.
This bug was there only in 5.1 branch. 4.1 and 5.0 always do copy data on RENAME
if there are more clauses than just rename.
- TRUNCATE requires DROP privilege, not DELETE
mysql-test/r/grant.result:
Bug #23556: TRUNCATE TABLE still maps to DELETE
- test case
mysql-test/r/trigger-grant.result:
Bug #23556: TRUNCATE TABLE still maps to DELETE
- updated test case
mysql-test/t/grant.test:
Bug #23556: TRUNCATE TABLE still maps to DELETE
- test case
mysql-test/t/trigger-grant.test:
Bug #23556: TRUNCATE TABLE still maps to DELETE
- updated test case
into zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-maint
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/im_life_cycle.result:
Auto merged
mysql-test/r/view.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/im_life_cycle.imtest:
Auto merged
mysql-test/t/view.test:
Auto merged
sql/field.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/share/errmsg.txt:
Auto merged
sql/sql_yacc.yy:
Auto merged
configure.in:
Manual merge.
mysql-test/r/grant.result:
manual merge.
mysql-test/lib/mtr_process.pl:
Apply manually the merge from 5.0
mysql-test/mysql-test-run.pl:
Apply manually the merge from 5.0
mysql-test/r/grant.result:
A post-merge fix.
mysql-test/r/im_cmd_line.result:
A post-merge fix.
mysql-test/r/im_instance_conf.result:
A post-merge fix.
mysql-test/r/sp.result:
A post-merge fix.
mysql-test/t/grant.test:
A post-merge fix.
mysql-test/t/im_cmd_line.imtest:
A post-merge fix.
mysql-test/t/im_instance_conf.imtest:
A post-merge fix.
sql/field.cc:
A post-merge fix.
sql/item_cmpfunc.cc:
A post-merge fix.
sql/sp_head.cc:
A post-merge fix.
sql/sp_head.h:
A post-merge fix.
into bodhi.local:/opt/local/work/mysql-5.1-runtime-merge
BitKeeper/deleted/.del-im_check_os.inc:
Auto merged
BitKeeper/deleted/.del-im_options_set.imtest~b53d9d60e5684833:
Auto merged
BitKeeper/deleted/.del-im_options_set.result~59278f56be61d921:
Auto merged
BitKeeper/deleted/.del-im_options_unset.imtest~768eb186b51d0048:
Auto merged
configure.in:
Auto merged
BitKeeper/deleted/.del-im_options_unset.result~20a4790cd3c70a4f:
Auto merged
include/mysql_com.h:
Auto merged
mysql-test/lib/mtr_io.pl:
Auto merged
mysql-test/r/im_daemon_life_cycle.result:
Auto merged
mysql-test/r/im_life_cycle.result:
Auto merged
mysql-test/r/im_utils.result:
Auto merged
mysql-test/r/sp-error.result:
Auto merged
mysql-test/r/trigger.result:
Auto merged
mysql-test/r/type_varchar.result:
Auto merged
mysql-test/r/view.result:
Auto merged
mysql-test/t/im_daemon_life_cycle.imtest:
Auto merged
mysql-test/t/im_life_cycle.imtest:
Auto merged
mysql-test/t/im_utils.imtest:
Auto merged
mysql-test/t/sp-error.test:
Auto merged
mysql-test/t/trigger.test:
Auto merged
mysql-test/t/type_varchar.test:
Auto merged
mysql-test/t/view.test:
Auto merged
sql/item.cc:
Auto merged
sql/item.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_row.cc:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/net_serv.cc:
Auto merged
sql/protocol.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_cache.cc:
Auto merged
sql/sql_cache.h:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_error.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_trigger.h:
Auto merged
sql/sql_yacc.yy:
Auto merged
mysql-test/mysql-test-run.pl:
Use local. Alik will merge his changes manually.
mysql-test/lib/mtr_process.pl:
Use local.
mysql-test/r/grant.result:
Use local.
mysql-test/r/sp.result:
Use local.
mysql-test/r/ps.result:
Manual merge.
mysql-test/t/grant.test:
Manual merge.
mysql-test/t/ps.test:
Manual merge.
mysql-test/t/sp.test:
Manual merge.
sql/Makefile.am:
Manual merge.
sql/field.cc:
Manual merge.
sql/mysqld.cc:
Manual merge.
sql/share/errmsg.txt:
Manual merge.
sql/sp.cc:
Manual merge.
sql/sp_head.h:
Manual merge.
sql/sql_trigger.cc:
Manual merge.
sql/sql_view.cc:
Manual merge.
length limit", it's superseded by the fix for Bug#16899 "Possible buffer
overflow in handling of DEFINER-clause". Update test results.
mysql-test/r/grant.result:
A post-merge fix.
mysql-test/t/grant.test:
A new error is returned, use the default database after drop database.
sql/sql_acl.cc:
Remove an unneeded check.
into bodhi.local:/opt/local/work/mysql-5.0-14897
configure.in:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/im_life_cycle.result:
Auto merged
mysql-test/t/im_life_cycle.imtest:
Auto merged
sql/field.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item.h:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
sql/share/errmsg.txt:
Auto merged
mysql-test/r/grant.result:
Manual merge.
mysql-test/r/view.result:
Manual merge.
mysql-test/t/grant.test:
Manual merge.
mysql-test/t/view.test:
Manual merge.
User name (host name) has limit on length. The server code relies on these
limits when storing the names. The problem was that sometimes these limits
were not checked properly, so that could lead to buffer overflow.
The fix is to check length of user/host name in parser and if string is too
long, throw an error.
mysql-test/r/grant.result:
Updated result file.
mysql-test/r/sp.result:
Updated result file.
mysql-test/r/trigger.result:
Updated result file.
mysql-test/r/view.result:
Updated result file.
mysql-test/t/grant.test:
Added test for BUG#16899.
mysql-test/t/sp.test:
Added test for BUG#16899.
mysql-test/t/trigger.test:
Added test for BUG#16899.
mysql-test/t/view.test:
Added test for BUG#16899.
sql/mysql_priv.h:
Added prototype for new function.
sql/sql_acl.cc:
Remove outdated checks.
sql/sql_parse.cc:
Add a new function for checking string length.
sql/share/errmsg.txt:
Added new resources.
sql/sql_yacc.yy:
Check length of user/host name.
User name (host name) has limit on length. The server code relies on these
limits when storing the names. The problem was that sometimes these limits
were not checked properly, so that could lead to buffer overflow.
The fix is to check length of user/host name in parser and if string is too
long, throw an error.
mysql-test/r/grant.result:
Updated result file.
mysql-test/r/sp.result:
Updated result file.
mysql-test/r/trigger.result:
Updated result file.
mysql-test/r/view.result:
Updated result file.
mysql-test/t/grant.test:
Added test for BUG#16899.
mysql-test/t/sp.test:
Added test for BUG#16899.
mysql-test/t/trigger.test:
Added test for BUG#16899.
mysql-test/t/view.test:
Added test for BUG#16899.
sql/mysql_priv.h:
Added prototype for new function.
sql/share/errmsg.txt:
Added new resources.
sql/sql_acl.cc:
Remove outdated checks.
sql/sql_parse.cc:
Add a new function for checking string length.
sql/sql_yacc.yy:
Check length of user/host name.
into zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
tests/mysql_client_test.c:
Auto merged
into zippy.cornsilk.net:/home/cmiller/work/mysql/merge/mysql-5.0
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
"A SELECT privilege on a view is required for SHOW CREATE VIEW and it will stay
that way because of compatibility reasons." (see #20136)
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
mysql-test/r/grant.result:
Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non privileged view
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
mysql-test/t/grant.test:
Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non privileged view
a test case to illustrate how the ACLs work in this case (and ensure they will continue
to do so in the future)
privileges
This problem is 4.1 specific. It doesn't affect 4.0 and was fixed
in 5.x before.
Having any mysql user who is allowed to issue multi table update
statement and any column/table grants, allows this user to update
any table on a server (mysql grant tables are not exception).
check_grant() accepts number of tables (in table list) to be checked
in 5-th param. While checking grants for multi table update, number
of tables must be 1. It must never be 0 (actually we have
DBUG_ASSERT(number > 0) in 5.x in grant_check() function).
mysql-test/r/grant.result:
Addition to test case for bug#7391:
- Added grant statement to trigger this problem in 4.1.
- Fixed error messages.
mysql-test/t/grant.test:
Addition to test case for bug#7391:
- Added grant statement to trigger this problem in 4.1.
- Fixed error messages.
sql/sql_update.cc:
check_grant() accepts number of tables (in table list) to be checked
in 5-th param. For this particular check number of tables must be 1.
It must never be 0 (actually we have DBUG_ASSERT(number > 0) in 5.x
in grant_check() function).
This appears to have just been an oversight -- CREATE USER was not enforcing
the existing username limitations.
mysql-test/r/grant.result:
Add new results
mysql-test/t/grant.test:
Add new regression test
sql/sql_acl.cc:
Enforce the user and host name limits in mysql_create_user().
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/r/grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
Reorder test result
mysql-test/t/grant.test:
Add "use test"
sql/sql_acl.cc:
Add check if host is NULL
Add check if grant_name->host.hostname is null
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
mysql-test/t/grant.test:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
SCCS merged
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.
The fix below tries to fix the above 3 points.
mysql-test/r/grant.result:
removed nondeterminism (unspecified order) in some test output
mysql-test/r/view_grant.result:
Somewhat extended test case for the bug and similar queries.
mysql-test/t/grant.test:
removed nondeterminism (unspecified order) in some test output
mysql-test/t/view_grant.test:
Somewhat extended test case for the bug and similar queries.
sql/mysql_priv.h:
A wrapper for setup_tables that also checks access to the tables
sql/sql_acl.cc:
removed artificial security check stop and used the table ref's credentials.
sql/sql_base.cc:
a wrapper for setup_tables to check access to the tables
sql/sql_delete.cc:
wrapper called.
sql/sql_insert.cc:
wrapper called
sql/sql_load.cc:
wrapper called
sql/sql_parse.cc:
wrapper called and artificial check stop removed
sql/sql_select.cc:
wrapper called
sql/sql_update.cc:
wrapper called
sql/table.cc:
Mask table access to the view error as well.
- In function 'handle_grant_struct' when searching the memory structures for an
entry to modify, convert all entries here host.hostname is NULL to "" and compare that
with the host passed in argument "user_from".
- A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into
memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means
that "any host" can connect. Thus is's correct to turn on allow_all_hosts
when such a user is found.
- Review and fix other places where host.hostname may be NULL.
mysql-test/init_db.sql:
Rename: BitKeeper/deleted/.del-init_db.sql~af2dfeabaa348dd7 -> mysql-test/init_db.sql
mysql-test/r/grant.result:
Add test cases for users with hostname ""
mysql-test/t/grant.test:
Add test cases for users with hostname ""
- Test create, grant and drop as well as connecting as the user with hostname "".
sql/sql_acl.cc:
Convert places where host.hostname is NULL to "" before using it.
Check if the host of table hash record exactly matches host from GRANT command
mysql-test/r/grant.result:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
mysql-test/t/grant.test:
Fix for bug#14385 GRANT and mapping to correct user account problems
test case
- Comparing host string against NULL caused crash.
- If host.hostname is NULL treat it as ""
mysql-test/r/grant.result:
Update test results
mysql-test/t/grant.test:
Add test for user with host ""
into neptunus.(none):/home/msvensson/mysql/bug15598/my50-bug15598
mysql-test/t/grant.test:
Auto merged
sql/sql_acl.cc:
Auto merged
mysql-test/r/grant.result:
SCCS merged
- When acl_user->host.hostname is NULL compare it as ""
mysql-test/r/grant.result:
Test user with host ''
mysql-test/t/grant.test:
Test user with host ''
sql/sql_acl.cc:
If acl_user->host.hostname is NULL compare it as ""