mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-19 13:32:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
15395 commits 2784 branches 343 tags 1.6 GiB
Commit graph

7 commits

Author SHA1 Message Date
unknown
b88150c96e Fix for bug #6173 "One can circumvent missing UPDATE privilege if 
he has SELECT and INSERT privileges for table with primary key"

Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has
ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck()
function (this also fixes a bug) and some other code.


mysql-test/r/grant2.result:
  Added test for bug #6173 "One can circumvent missing UPDATE privilege if
  he has SELECT and INSERT privileges for table with primary key"
mysql-test/t/grant2.test:
  Added test for bug #6173 "One can circumvent missing UPDATE privilege if
  he has SELECT and INSERT privileges for table with primary key"
sql/mysql_priv.h:
  insert_precheck() don't need "update" parameter any longer since
  now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
  KEY UPDATE clause.
sql/sql_parse.cc:
  insert_precheck() don't need "update" parameter any longer since
  now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
  KEY UPDATE clause, so it can determine whenever it is needed to
  require UPDATE_ACL by itself. Also calling of mysql_insert() is
  simplified.
sql/sql_prepare.cc:
  insert_precheck() don't need "update" parameter any longer since
  now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE
  KEY UPDATE clause, so it can determine whenever it is needed to
  require UPDATE_ACL by itself. Also calling of mysql_insert() is
  simplified.
sql/sql_yacc.yy:
  It is better to set Lex->duplicates= DUP_UPDATE right in parser if we
  have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later.
 2004-10-20 16:04:43 +04:00
unknown
27dc52fa02 Bug#4338: mysql-test-run fails if compiled with non-latin1 character set 2004-07-08 18:54:07 +05:00
unknown
3165c7deda Language/consistency edits to error messages 
and affected test results.
 2004-06-15 22:18:20 -05:00
unknown
8c06c8c010 WL1368: SHOW GRANTS FOR CURRENT USER 
'SHOW GRANTS' syntax is added 
  'SHOW GRANTS FOR CURRENT_USER' syntax is added
  'SHOW GRANTS FOR CURRENT_USER()' syntax is added
 CURRENT_USER without parens in expressions(SELECT CURRENT_USER;) 


mysql-test/r/grant2.result:
  WL1368: SHOW GRANTS FOR CURRENT USER
mysql-test/r/grant_cache.result:
  WL1368: SHOW GRANTS FOR CURRENT USER
mysql-test/t/grant2.test:
  WL1368: SHOW GRANTS FOR CURRENT USER
mysql-test/t/grant_cache.test:
  WL1368: SHOW GRANTS FOR CURRENT USER
sql/lex.h:
  WL1368: SHOW GRANTS FOR CURRENT USER
sql/sql_yacc.yy:
  WL1368: SHOW GRANTS FOR CURRENT USER
 2004-04-05 17:55:26 +05:00
unknown
683e3ef018 test results fixed 2003-07-28 16:58:51 +02:00
unknown
1cf4eea19d now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00
unknown
b413e5c420 wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00