into a193-229-222-105.elisa-laajakaista.fi:/home/my/bk/mysql-5.1-new
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/mysql-test-run.sh:
Auto merged
mysql-test/r/grant.result:
Auto merged
mysql-test/r/heap_btree.result:
Auto merged
mysql-test/r/information_schema_db.result:
Auto merged
mysql-test/r/lock_multi.result:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/r/subselect.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/lock_multi.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/default.c:
Auto merged
server-tools/instance-manager/guardian.cc:
Auto merged
sql/field.h:
Auto merged
sql/item.h:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/lock.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_show.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/table.cc:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/ndb/src/ndbapi/DictCache.cpp:
Auto merged
storage/ndb/src/ndbapi/DictCache.hpp:
Auto merged
client/mysqlbinlog.cc:
Manual merge from 5.0
client/mysqldump.c:
Manual merge from 5.0
configure.in:
Manual merge from 5.0
mysql-test/r/mysqldump.result:
Manual merge from 5.0
mysql-test/t/mysqldump.test:
Manual merge from 5.0
mysql-test/t/rpl_insert_id.test:
Manual merge from 5.0
server-tools/instance-manager/manager.cc:
Manual merge from 5.0
sql/field.cc:
Manual merge from 5.0
sql/ha_ndbcluster.cc:
Manual merge from 5.0
sql/mysqld.cc:
Manual merge from 5.0
sql/sql_base.cc:
Manual merge from 5.0
sql/sql_lex.cc:
Manual merge from 5.0
sql/sql_select.cc:
Manual merge from 5.0
sql/sql_table.cc:
Manual merge from 5.0
Bug#18282 "INFORMATION_SCHEMA.TABLES provides inconsistent info about invalid views"
This bug caused crashes or resulted in wrong data being returned
when one tried to obtain information from I_S tables about views
using stored functions.
It was caused by the fact that we were using LEX representing
statement which were doing select from I_S tables as active LEX
when contents of I_S table were built. So state of this LEX both
affected and was affected by open_tables() calls which happened
during this process. This resulted in wrong behavior and in
violations of some of invariants which caused crashes.
This fix tries to solve this problem by properly saving/resetting
and restoring part of LEX which affects and is affected by the
process of opening tables and views in get_all_tables() routine.
To simplify things we separated this part of LEX in a new class
and made LEX its descendant.
mysql-test/r/information_schema_db.result:
test case
mysql-test/t/information_schema_db.test:
test case
sql/sql_lex.cc:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_lex.h:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_show.cc:
Now in get_all_tables() routine we properly save/reset and
restore part of LEX (statement table list and information
about routines used) which affects and is affected by the
process of opening tables and views.
sql/sql_table.cc:
Now we clean-up LEX after opening table (view) in two stages.
In the first stage we call LEX::cleanup_after_one_table_open()
to clean-up selects lists and derived tables state. In the
second stage which happens after close_thread_tables() is
invoked we call Query_tables_list::reset_query_tables_list(FALSE)
to rollback changes in Query_tables_list.
mysql-test/lib/init_db.sql:
remove definer from PK
mysql-test/r/events.result:
update results
mysql-test/r/system_mysql_db.result:
update results
mysql-test/t/events.test:
remove I_S.EVENTS test and move it to events_grant.test
scripts/mysql_fix_privilege_tables.sql:
change table definition
sql/event.cc:
make events non-user specific (namespace change)
sql/event.h:
make events non-user specific (namespace change)
sql/event_priv.h:
make events non-user specific (namespace change)
sql/event_scheduler.cc:
make events non-user specific (namespace change)
sql/event_timed.cc:
make events non-user specific (namespace change)
sql/sql_parse.cc:
make events non-user specific (namespace change)
sql/sql_show.cc:
SHOW EVENTS is available to everyone who has EVENT on specific schema.
No additional privileges are needed to see others' events.
- user A has events in db1 and db2
- user B has events in db1 and db3
A will see all his events from db1 and db2 as well as B's events
from db1 but not from db3.
B will see her events from db1 and db3. In addition B will see
only A's events from db1 but not db2.
into mysql.com:/home/kgeorge/mysql/5.0/B18681
sql/sql_acl.cc:
Auto merged
sql/table.cc:
Auto merged
mysql-test/r/view_grant.result:
resolved conflict
mysql-test/t/view_grant.test:
resolved merge conflict
into mysql.com:/home/kgeorge/mysql/5.0/B18681
sql/mysql_priv.h:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_select.cc:
Auto merged
When reading a view definition from a .frm file it was
throwing a SQL error if the DEFINER user is not defined.
Changed it to a warning to match the (documented) case
when a view with undefined DEFINER user is created.
mysql-test/r/view_grant.result:
test case for the bug
mysql-test/t/view_grant.test:
test case for the bug
sql/sql_acl.cc:
Initialized the members to no privileges so even if
the subsequent checks fail it will still initialize
the security context.
sql/table.cc:
Turned the error of undefined DEFINER user in reading
a view definition to a warning.
The check for view security was lacking several points :
1. Check with the right set of permissions : for each table ref that
participates in a view there were the right credentials to use in it's
security_ctx member, but these weren't used for checking the credentials.
This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property
consistently.
2. Because of the above the security checking for views was just ruled out
in explicit ways in several places.
3. The security was checked only for the columns of the tables that are
brought into the query from a view. So if there is no column reference
outside of the view definition it was not detecting the lack of access to
the tables in the view in SQL SECURITY INVOKER mode.
The fix below tries to fix the above 3 points.
mysql-test/r/grant.result:
removed nondeterminism (unspecified order) in some test output
mysql-test/r/view_grant.result:
Somewhat extended test case for the bug and similar queries.
mysql-test/t/grant.test:
removed nondeterminism (unspecified order) in some test output
mysql-test/t/view_grant.test:
Somewhat extended test case for the bug and similar queries.
sql/mysql_priv.h:
A wrapper for setup_tables that also checks access to the tables
sql/sql_acl.cc:
removed artificial security check stop and used the table ref's credentials.
sql/sql_base.cc:
a wrapper for setup_tables to check access to the tables
sql/sql_delete.cc:
wrapper called.
sql/sql_insert.cc:
wrapper called
sql/sql_load.cc:
wrapper called
sql/sql_parse.cc:
wrapper called and artificial check stop removed
sql/sql_select.cc:
wrapper called
sql/sql_update.cc:
wrapper called
sql/table.cc:
Mask table access to the view error as well.
