1 - If a user had SHOW VIEW and SELECT privileges on a view and
this view was referencing another view, EXPLAIN SELECT on the outer
view (that the user had privileges on) could reveal the structure
of the underlying "inner" view as well as the number of rows in
the underlying tables, even if the user had privileges on none of
these referenced objects.
This happened because we used DEFINER's UID ("SUID") not just for
the view given in EXPLAIN, but also when checking privileges on
the underlying views (where we should use the UID of the EXPLAIN's
INVOKER instead).
We no longer run the EXPLAIN SUID (with DEFINER's privileges).
This prevents a possible exploit and makes permissions more
orthogonal.
2 - EXPLAIN SELECT would reveal a view's structure even if the user
did not have SHOW VIEW privileges for that view, as long as they
had SELECT privilege on the underlying tables.
Instead of requiring both SHOW VIEW privilege on a view and SELECT
privilege on all underlying tables, we were checking for presence
of either of them.
We now explicitly require SHOW VIEW and SELECT privileges on
the view we run EXPLAIN SELECT on, as well as all its
underlying views. We also require SELECT on all relevant
tables.
mysql-test/r/view_grant.result:
add extensive tests to illustrate desired behavior and
prevent regressions (as always).
mysql-test/t/view_grant.test:
add extensive tests to illustrate desired behavior and
prevent regressions (as always).
sql/sql_view.cc:
We no longer run the EXPLAIN SUID (with DEFINER's privileges).
To achieve this, we use a temporary, SUID-less TABLE_LIST for
the views while checking privileges.
INVOKER-security view access check wrong".
When privilege checks were done for tables used from an
INVOKER-security view which in its turn was used from
a DEFINER-security view connection's active security
context was incorrectly used instead of security context
with privileges of the second view's creator.
This meant that users which had enough rights to access
the DEFINER-security view and as result were supposed to
be able successfully access it were unable to do so in
cases when they didn't have privileges on underlying tables
of the INVOKER-security view.
This problem was caused by the fact that for INVOKER-security
views TABLE_LIST::security_ctx member for underlying tables
were set to 0 even in cases when particular view was used from
another DEFINER-security view. This meant that when checks of
privileges on these underlying tables was done in
setup_tables_and_check_access() active connection security
context was used instead of context corresponding to the
creator of caller view.
This fix addresses the problem by ensuring that underlying
tables of an INVOKER-security view inherit security context
from the view and thus correct security context is used for
privilege checks on underlying tables in cases when such view
is used from another view with DEFINER-security.
mysql-test/r/view_grant.result:
Added coverage for various combinations of DEFINER and
INVOKER-security views, including test for bug #58499
"DEFINER-security view selecting from INVOKER-security
view access check wrong".
mysql-test/t/view_grant.test:
Added coverage for various combinations of DEFINER and
INVOKER-security views, including test for bug #58499
"DEFINER-security view selecting from INVOKER-security
view access check wrong".
sql/sql_view.cc:
When opening a non-suid view ensure that its underlying
tables will get the same security context as use for
checking privileges on the view, i.e. security context
of view invoker. This context can be different from the
security context which is currently active for connection
in cases when this non-suid view is used from a view with
suid security. Inheriting security context in such situation
allows correctly apply privileges of creator of suid view
in checks for tables of non-suid view (since in this
situation creator/definer of suid view serves as invoker
for non-suid view).
view that has Group By
When SELECT'ing from a view that mentions another,
materialized, view, access was being denied. The issue was
resolved by lifting a special case which avoided such access
checking in check_single_table_access. In the past, this was
necessary since if such a check were performed, the error
message would be downgraded to a warning in the case of SHOW
CREATE VIEW. The downgrading of errors was meant to handle
only that scenario, but could not distinguish the two as it
read only the error messages.
The special case was needed in the fix of bug no 36086.
Before that, views were confused with derived tables.
After bug no 35996 was fixed, the manipulation of errors
during SHOW CREATE VIEW execution is not dependent on the
actual error messages in the queue, it rather looks at the
actual cause of the error and takes appropriate
action. Hence the aforementioned special case is now
superfluous and the bug is fixed.
mysql-test/r/view_grant.result:
Bug#46019: Test result.
mysql-test/t/view_grant.test:
Bug#46019: Test case.
sql/sql_parse.cc:
Bug#46019: fix.
view definition
During SHOW CREATE VIEW there is no reason to 'anonymize'
errors that name objects that a user does not have access
to. Moreover it was inconsistently implemented. For example
base tables being referenced from a view appear to be ok,
but not views. The manual on the other hand is clear: If a
user has the privileges SELECT and SHOW VIEW, the view
definition is available to that user, period. The fix
changes the behavior to support the manual.
mysql-test/r/information_schema_db.result:
Bug#35996: Changed warnings.
mysql-test/r/view_grant.result:
Bug#35996: Changed warnings, test result.
mysql-test/t/information_schema_db.test:
Bug#35996: Changed test case to reflect new behavior.
mysql-test/t/view_grant.test:
Bug#35996: Test case.
sql/sql_acl.cc:
Bug#35996: Code no longer necessary, we may as well exempt
SHOW CREATE VIEW from this check.
sql/sql_show.cc:
Bug#35996: The fix: An Internal_error_handler that hides
most errors raised by access checking as they are not
relevant to SHOW CREATE VIEW.
sql/table.cc:
Bug#35996: Restricting this hack to act only when there is
no Internal_error_handler.
view that has Group By
Table access rights checking function check_grant() assumed
that no view is opened when it's called.
This is not true with nested views where the inner view
needs materialization. In this case the view is already
materialized when check_grant() is called for it.
This caused check_grant() to not look for table level
grants on the materialized view table.
Fixed by checking if a view is already materialized and if
it is check table level grants using the original table name
(not the ones of the materialized temp table).
+ Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures
+ Removal of a lot of other weaknesses found
+ modifications according to review
of a view are selected by * wildcard
Backported a part of the fix for 36086 to 5.0
mysql-test/r/view_grant.result:
Bug #41354: test case
mysql-test/t/view_grant.test:
Bug #41354: test case
sql/sql_acl.cc:
Bug #41354: return table error when no access and *
sql/sql_base.cc:
Bug #41354: backported the check in bug 36086 to 5.0
statement/stored procedure
View privileges are properly checked after the fix for bug no
36086, so the method TABLE_LIST::get_db_name() must be used
instead of field TABLE_LIST::db, as this only works for tables.
Bug appears when accessing views in prepared statements.
mysql-test/r/view_grant.result:
Bug#35600: Extended existing test case.
mysql-test/t/view_grant.test:
Bug#35600: Extended existing test result.
sql/sql_parse.cc:
Bug#35600: Using method to retrieve database name instead of
field.
This patch also fixes bugs 36963 and 35600.
- In many places a view was confused with an anonymous derived
table, i.e. access checking was skipped. Fixed by introducing a
predicate to tell the difference between named and anonymous
derived tables.
- When inserting fields for "SELECT * ", there was no
distinction between base tables and views, where one should be
made. View privileges are checked elsewhere.
mysql-test/include/grant_cache.inc:
Bug#36086: Changed test case.
mysql-test/r/grant2.result:
Bug#36086: Changed test result.
mysql-test/r/grant_cache_no_prot.result:
Bug#36086: Changed test result.
mysql-test/r/grant_cache_ps_prot.result:
Bug#36086: Changed test result.
mysql-test/r/view_grant.result:
Bug#36086: Test result.
mysql-test/t/grant2.test:
Bug#36086: Changed test case.
mysql-test/t/view_grant.test:
Bug#36086: Test case.
sql/item.cc:
Bug#36086: Replaced conditional with new methods.
sql/sql_acl.cc:
Bug no 35600:
In mysql_table_grant:
Replaced conditional with the new accessor method.
In check_grant:
- Changed the requirement table->derived != null to
checking all anonymous derived tables.
- Use of the accessor methods for getting object and database
names.
Bug#36086: In check_grant_all_columns:
- Updated comment. This function is now called for views
as well.
- The error message should not disclose any column names
unless the user has privilege to see all column names.
- Changed names of Field_iterator_table_ref methods.
sql/sql_base.cc:
Bug no 36963: In insert_fields()
- Commented.
- We should call check_grant_all_columns() for views in
this case.
- Changed names of Field_iterator_table_ref methods.
- We should not disclose column names in the error message
when the user has no approprate privilege.
sql/sql_cache.cc:
Bug#36086: Replaced test with new predicate method.
sql/sql_derived.cc:
Bug#36086: commenting only. Updated and doxygenated
comment for mysql_derived_prepare().
sql/sql_parse.cc:
Bug no 35600:
- In check_single_table_access:
Due to the bug, check_grant would raise an error for a
SHOW CREATE TABLE command for a TEMPTABLE view. It should in
fact not be be invoked in this case. This table privilege
is checked already.
There is a test case for this in information_schema_db.test.
- In check_access: replaced table->derived
sql/table.cc:
Bug#36086:
- In TABLE_LIST::set_underlying_merge():
Commenting only. Doxygenated, corrected spelling,
added.
- Renamed table_name() and db_name() methods of
Field_iterator_table_ref in order to be consistent
with new methods in TABLE_LIST.
sql/table.h:
Bug#36086:
- Commented GRANT_INFO.
- Added a predicate is_anonymous_derived_table() to
TABLE_LIST.
- Added get_table_name() and get_db_name() to
TABLE_LIST in order to hide the disparate
representation of these properties.
into quad.:/mnt/raid/alik/MySQL/devel/bug-34337/5.1-rt-bug34337
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/sql_view.cc:
Auto merged
mysql-test/t/view.test:
Manually merged.
a table name.
The problem was that fill_defined_view_parts() did not return
an error if a table is going to be altered. That happened if
the table was already in the table cache. In that case,
open_table() returned non-NULL value (valid TABLE-instance from
the cache).
The fix is to ensure that an error is thrown even if the table
is in the cache.
(This is a backport of the original patch for 5.1)
mysql-test/r/view.result:
Fix result file.
mysql-test/r/view_grant.result:
Fix result file.
mysql-test/t/view.test:
Add a test case for Bug#34337: Server crash when Altering a view
using a table name.
mysql-test/t/view_grant.test:
Fix order-dependency.
sql/sql_view.cc:
Report an error if we're going to work with a table.
mysql-test/r/func_math.result:
Auto merged
mysql-test/t/func_math.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/item_func.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_view.cc:
Auto merged
Corrected test case for the bug#29908.
mysql-test/t/view_grant.test:
Corrected test case for the bug#29908.
mysql-test/r/view_grant.result:
Corrected test case for the bug#29908.
Non-definer of a view was allowed to alter that view. Due to this the alterer
can elevate his access rights to access rights of the view definer and thus
modify data which he wasn't allowed to modify. A view defined with
SQL SECURITY INVOKER can't be used directly for access rights elevation.
But a user can first alter the view SQL code and then alter the view to
SQL SECURITY DEFINER and thus elevate his access rights. Due to this
altering a view with SQL SECURITY INVOKER is also prohibited.
Now the mysql_create_view function allows ALTER VIEW only to the view
definer or a super user.
mysql-test/t/view_grant.test:
Added a test case for the bug#29908: A user can gain additional access through the
ALTER VIEW.
A test case was adjusted after fixfing bug#29908.
mysql-test/r/view_grant.result:
Added a test case for the bug#29908: A user can gain additional access through the
ALTER VIEW.
sql/sql_view.cc:
Bug#29908: A user can gain additional access through the ALTER VIEW.
Now the mysql_create_view function allows ALTER VIEW only to the view
definer or a super user.
into ua141d10.elisa.omakaista.fi:/home/my/bk/mysql-5.1-marvel
client/mysql.cc:
Auto merged
client/mysqlbinlog.cc:
Auto merged
BitKeeper/deleted/.del-my_lread.c:
Auto merged
BitKeeper/deleted/.del-my_lwrite.c:
Auto merged
BitKeeper/deleted/.del-raid.cc~488f5fa6538394e1:
Auto merged
BitKeeper/deleted/.del-raid.h~2d2503a66b128ac6:
Auto merged
client/mysqldump.c:
Auto merged
extra/perror.c:
Auto merged
include/my_sys.h:
Auto merged
libmysql/libmysql.c:
Auto merged
libmysqld/libmysqld.c:
Auto merged
mysql-test/r/mysqlbinlog2.result:
Auto merged
mysql-test/r/sp-security.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/sp-security.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/sp_trans.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/default.c:
Auto merged
mysys/hash.c:
Auto merged
mysys/mf_iocache.c:
Auto merged
mysys/mf_keycache.c:
Auto merged
mysys/my_alloc.c:
Auto merged
mysys/my_dup.c:
Auto merged
mysys/my_getwd.c:
Auto merged
mysys/my_handler.c:
Auto merged
mysys/my_lib.c:
Auto merged
mysys/my_malloc.c:
Auto merged
mysys/my_pread.c:
Auto merged
mysys/my_read.c:
Auto merged
mysys/my_seek.c:
Auto merged
mysys/my_static.c:
Auto merged
mysys/safemalloc.c:
Auto merged
mysys/thr_alarm.c:
Auto merged
mysys/typelib.c:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/net_serv.cc:
Auto merged
sql/opt_range.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_cache.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_prepare.cc:
Auto merged
sql/sql_repl.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/strfunc.cc:
Auto merged
sql/table.cc:
Auto merged
sql/tztime.cc:
Auto merged
sql/unireg.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
storage/archive/ha_archive.cc:
Auto merged
storage/heap/_check.c:
Auto merged
storage/heap/hp_delete.c:
Auto merged
storage/heap/hp_hash.c:
Auto merged
storage/heap/hp_open.c:
Auto merged
storage/heap/hp_rkey.c:
Auto merged
storage/heap/hp_rrnd.c:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/innobase/handler/ha_innodb.cc:
Auto merged
storage/myisam/mi_close.c:
Auto merged
storage/myisam/mi_delete.c:
Auto merged
storage/myisam/mi_dynrec.c:
Auto merged
storage/myisam/mi_keycache.c:
Auto merged
storage/myisam/mi_page.c:
Auto merged
storage/myisam/mi_statrec.c:
Auto merged
storage/myisam/myisamchk.c:
Auto merged
storage/myisammrg/myrg_extra.c:
Auto merged
storage/ndb/src/mgmclient/CommandInterpreter.cpp:
Auto merged
tests/mysql_client_test.c:
Auto merged
mysql-test/r/grant.result:
Merged from 5.0
mysql-test/r/sp.result:
Merged from 5.0
mysql-test/r/sp_trans.result:
Merged from 5.0
mysql-test/t/mysqlbinlog2.test:
Merged from 5.0
mysys/thr_lock.c:
Merged from 5.0
sql/ha_ndbcluster.cc:
Merged from 5.0
sql/log.cc:
Merged from 5.0
sql/mysql_priv.h:
Merged from 5.0
sql/mysqld.cc:
Merged from 5.0
sql/set_var.cc:
Merged from 5.0
sql/sql_db.cc:
Merged from 5.0
sql/sql_insert.cc:
Merged from 5.0
sql/sql_parse.cc:
Merged from 5.0
sql/sql_show.cc:
Merged from 5.0
sql/sql_update.cc:
Merged from 5.0
into sergbook.mysql.com:/usr/home/serg/Abk/mysql-5.0
client/mysqlbinlog.cc:
Auto merged
sql/sql_view.cc:
Auto merged
mysql-test/r/view_grant.result:
merged
mysql-test/t/view_grant.test:
merged
mysql-test/r/view.result:
result fixed
mysql-test/r/view_grant.result:
result fixed
mysql-test/t/query_cache_sql_prepare.test:
test fixed
mysql-test/t/view.test:
moved to view_grant
mysql-test/t/view_grant.test:
moved here from view.test
into mysql.com:/home/hf/work/mrg/mysql-5.1-opt
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/sql_view.cc:
Auto merged
another user.
When the DEFINER clause isn't specified in the ALTER statement then it's loaded
from the view definition. If the definer differs from the current user then
the error is thrown because only a super-user can set other users as a definers.
Now if the DEFINER clause is omitted in the ALTER VIEW statement then the
definer from the original view is used without check.
mysql-test/t/view_grant.test:
Added a test case for the bug#27006: The SUPER privilege is wrongly required
to alter a view created by another user.
mysql-test/r/view_grant.result:
Added a test case for the bug#27006: The SUPER privilege is wrongly required
to alter a view created by another user.
sql/sql_view.cc:
Bug#26813: The SUPER privilege is wrongly required to alter a view created by
another user.
Now if the DEFINER clause is omitted in the ALTER VIEW statement then the
definer from the original view is used without check.
on a database.
The problem was that we required not less privileges on the base tables
than we have on the view.
The fix is to be more flexible and allow to create such a view (necessary
privileges will be checked at the runtime).
mysql-test/r/view_grant.result:
Updated result file.
mysql-test/t/view_grant.test:
Added test case for BUG#24040 (Create View don't succed with
"all privileges" on a database).
sql/sql_view.cc:
Implement flexible privilege check for CREATE VIEW.
into moonlight.home:/home/tomash/src/mysql_ab/mysql-5.1-bug24404
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/sql_view.cc:
Auto merged
The problem was that if a prepared statement accessed a view, the
access to the tables listed in the query after that view was done in
the security context of the view.
The bug was in the assigning of the security context to the tables
belonging to a view: we traversed the list of all query tables
instead. It didn't show up in the normal (non-prepared) statements
because of the different order of the steps of checking privileges
and descending into a view for normal and prepared statements.
The solution is to traverse the list and stop once the last table
belonging to the view was processed.
mysql-test/r/view_grant.result:
Add result for bug#24404: strange bug with view+permission+prepared
statement.
mysql-test/t/view_grant.test:
Add test case for bug#24404: strange bug with view+permission+prepared
statement.
sql/sql_view.cc:
Remove dead line.
When setting security context, we should traverse the list of tables
belonging to a given view, not all query tables. We achieve that by
stopping at the first table past view_tables_tail.
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
BitKeeper/etc/ignore:
auto-union
Docs/Makefile.am:
Auto merged
Makefile.am:
Auto merged
client/mysql.cc:
Auto merged
client/mysqltest.c:
Auto merged
include/Makefile.am:
Auto merged
myisam/myisampack.c:
Auto merged
mysql-test/lib/mtr_io.pl:
Auto merged
mysql-test/lib/mtr_process.pl:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_handler.cc:
Auto merged
extra/yassl/taocrypt/include/algebra.hpp:
Manual merge with import of upstream yaSSL
into neptunus.(none):/home/msvensson/mysql/mysql-5.1-maint
BitKeeper/etc/collapsed:
auto-union
BitKeeper/etc/ignore:
auto-union
Makefile.am:
Auto merged
client/mysql.cc:
Auto merged
client/mysqltest.c:
Auto merged
configure.in:
Auto merged
extra/yassl/taocrypt/include/algebra.hpp:
Auto merged
include/Makefile.am:
Auto merged
include/my_sys.h:
Auto merged
mysql-test/lib/mtr_io.pl:
Auto merged
mysql-test/lib/mtr_process.pl:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/information_schema.result:
Auto merged
mysql-test/r/parser.result:
Auto merged
mysql-test/r/ps.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/information_schema.test:
Auto merged
mysql-test/t/parser.test:
Auto merged
mysql-test/t/ps.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
mysql-test/t/system_mysql_db_fix30020.test:
Auto merged
mysql-test/t/udf.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
scripts/mysql_fix_privilege_tables.sql:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_create.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sp.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_handler.cc:
Auto merged
sql/sql_lex.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_yacc.yy:
Auto merged
storage/myisam/myisampack.c:
Auto merged
mysql-test/r/sp.result:
Manual merge
mysql-test/r/udf.result:
Manual merge
mysql-test/t/events_bugs.test:
Manual merge
sql/share/errmsg.txt:
Manual merge
support-files/mysql.spec.sh:
Manual merge
into shellback.(none):/home/msvensson/mysql/mysql-5.1-maint
BitKeeper/etc/ignore:
auto-union
Makefile.am:
Auto merged
client/mysql.cc:
Auto merged
client/mysql_upgrade.c:
Auto merged
client/mysqltest.c:
Auto merged
extra/yassl/src/ssl.cpp:
Auto merged
mysql-test/lib/mtr_report.pl:
Auto merged
mysql-test/mysql-test-run-shell.sh:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/query_cache.result:
Auto merged
mysql-test/r/udf.result:
Auto merged
mysql-test/t/alter_table.test:
Auto merged
mysql-test/t/disabled.def:
Auto merged
mysql-test/t/limit.test:
Auto merged
mysql-test/t/mysql.test:
Auto merged
mysql-test/t/mysqldump.test:
Auto merged
mysql-test/t/query_cache.test:
Auto merged
mysql-test/t/system_mysql_db_fix30020.test:
Auto merged
mysql-test/t/udf.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/Makefile.am:
Auto merged
scripts/mysql_fix_privilege_tables.sql:
Auto merged
sql/item.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/sql_handler.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_table.cc:
Auto merged
extra/yassl/taocrypt/include/algebra.hpp:
Remove fix as it conflicts with "import from yassl" and it's been
fixed there
sql/ha_ndbcluster.cc:
Merge fix of warnings
sql/sql_base.cc:
Merge
into dl145s.mysql.com:/data0/bk/team_tree_merge/MERGE2/mysql-5.1-opt
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/ps.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/group_min_max.test:
Auto merged
mysql-test/t/ps.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/opt_range.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/table.cc:
Auto merged
into neptunus.(none):/home/msvensson/mysql/mysql-5.0-maint
BitKeeper/etc/collapsed:
auto-union
BitKeeper/etc/ignore:
auto-union
Makefile.am:
Auto merged
client/mysqltest.c:
Auto merged
mysql-test/lib/mtr_report.pl:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/rpl_deadlock.result:
Auto merged
mysql-test/r/udf.result:
Auto merged
mysql-test/t/limit.test:
Auto merged
mysql-test/t/mysql.test:
Auto merged
mysql-test/t/rpl_deadlock.test:
Auto merged
mysql-test/t/udf.test:
Auto merged
mysql-test/mysql-test-run-shell.sh:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/item.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_table.cc:
Auto merged
include/my_sys.h:
Manual merge, my_getpagesize broken out of "#ifdef HAVE_SYS_MMAN_H"
If a view was created with the DEFINER security and later the definer user
was dropped then a SELECT from the view throws the error message saying that
there is no definer user is registered. This is ok for a root but too much
for a mere user.
Now the st_table_list::prepare_view_securety_context() function reveals
the absence of the definer only to a superuser and throws the 'access denied'
error to others.
mysql-test/t/view_grant.test:
Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
mysql-test/r/view_grant.result:
Added a test case for bug#17254: Error for DEFINER security on VIEW provides too much info
sql/table.cc:
Bug#17254: Error for DEFINER security on VIEW provides too much info
Now the st_table_list::prepare_view_securety_context() function reveals
the absence of the definer only to a superuser and throws the 'access denied'
error to others.
into mysql.com:/home/my/mysql-5.1
BitKeeper/etc/ignore:
auto-union
BitKeeper/deleted/.del-my_lread.c:
Auto merged
BitKeeper/deleted/.del-my_lwrite.c:
Auto merged
client/mysqlbinlog.cc:
Auto merged
client/mysqldump.c:
Auto merged
cmd-line-utils/readline/complete.c:
Auto merged
extra/yassl/src/ssl.cpp:
Auto merged
libmysql/libmysql.c:
Auto merged
libmysqld/libmysqld.c:
Auto merged
mysql-test/mysql-test-run-shell.sh:
Auto merged
mysql-test/t/create.test:
Auto merged
mysql-test/t/csv.test:
Auto merged
mysql-test/t/ctype_cp1250_ch.test:
Auto merged
mysql-test/t/ctype_ucs.test:
Auto merged
mysql-test/t/func_sapdb.test:
Auto merged
mysql-test/t/func_str.test:
Auto merged
mysql-test/t/grant.test:
Auto merged
mysql-test/t/group_min_max.test:
Auto merged
mysql-test/t/innodb.test:
Auto merged
mysql-test/t/join.test:
Auto merged
mysql-test/t/select.test:
Auto merged
mysql-test/t/sp-prelocking.test:
Auto merged
mysql-test/t/strict.test:
Auto merged
mysql-test/t/subselect.test:
Auto merged
mysql-test/t/type_newdecimal.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysys/default.c:
Auto merged
mysys/mf_iocache.c:
Auto merged
mysys/mf_keycache.c:
Auto merged
mysys/my_alloc.c:
Auto merged
mysys/my_dup.c:
Auto merged
mysys/my_getwd.c:
Auto merged
mysys/my_handler.c:
Auto merged
mysys/my_lib.c:
Auto merged
mysys/my_malloc.c:
Auto merged
mysys/my_pread.c:
Auto merged
mysys/my_seek.c:
Auto merged
mysys/safemalloc.c:
Auto merged
sql/Makefile.am:
Auto merged
sql/filesort.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_subselect.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/net_serv.cc:
Auto merged
sql/sql_acl.cc:
Auto merged
sql/sql_cache.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_repl.cc:
Auto merged
sql-common/client.c:
Auto merged
sql-common/my_time.c:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/strfunc.cc:
Auto merged
sql/tztime.cc:
Auto merged
sql/unireg.cc:
Auto merged
storage/heap/_check.c:
Auto merged
storage/heap/hp_delete.c:
Auto merged
storage/heap/hp_hash.c:
Auto merged
storage/heap/hp_open.c:
Auto merged
storage/heap/hp_rkey.c:
Auto merged
storage/heap/hp_rrnd.c:
Auto merged
storage/heap/hp_write.c:
Auto merged
storage/myisam/ha_myisam.cc:
Auto merged
storage/myisam/mi_close.c:
Auto merged
storage/myisam/mi_delete.c:
Auto merged
storage/myisam/mi_dynrec.c:
Auto merged
storage/myisam/mi_keycache.c:
Auto merged
storage/myisam/mi_page.c:
Auto merged
storage/myisam/mi_statrec.c:
Auto merged
storage/myisam/mi_test2.c:
Auto merged
storage/myisam/mi_write.c:
Auto merged
storage/myisam/myisampack.c:
Auto merged
storage/myisammrg/ha_myisammrg.cc:
Auto merged
storage/myisammrg/myrg_extra.c:
Auto merged
storage/ndb/include/logger/LogHandler.hpp:
Auto merged
storage/ndb/include/util/OutputStream.hpp:
Auto merged
storage/ndb/src/common/debugger/EventLogger.cpp:
Auto merged
storage/ndb/src/common/debugger/signaldata/BackupSignalData.cpp:
Auto merged
storage/ndb/src/common/logger/LogHandler.cpp:
Auto merged
storage/ndb/src/common/portlib/NdbMutex.c:
Auto merged
storage/ndb/src/common/portlib/NdbThread.c:
Auto merged
storage/ndb/src/common/transporter/Transporter.cpp:
Auto merged
storage/ndb/src/cw/cpcd/CPCD.hpp:
Auto merged
storage/ndb/src/kernel/blocks/cmvmi/Cmvmi.cpp:
Auto merged
storage/ndb/src/kernel/blocks/dbdict/Dbdict.cpp:
Auto merged
storage/ndb/src/kernel/blocks/dbtux/DbtuxSearch.cpp:
Auto merged
storage/ndb/src/kernel/blocks/ndbcntr/NdbcntrMain.cpp:
Auto merged
storage/ndb/src/kernel/blocks/qmgr/QmgrMain.cpp:
Auto merged
storage/ndb/src/kernel/error/ErrorReporter.cpp:
Auto merged
storage/ndb/src/kernel/error/ErrorReporter.hpp:
Auto merged
storage/ndb/src/kernel/error/ndbd_exit_codes.c:
Auto merged
storage/ndb/src/kernel/vm/TransporterCallback.cpp:
Auto merged
storage/ndb/src/mgmapi/mgmapi.cpp:
Auto merged
storage/ndb/src/mgmclient/CommandInterpreter.cpp:
Auto merged
storage/ndb/src/mgmsrv/MgmtSrvr.cpp:
Auto merged
storage/ndb/src/mgmsrv/Services.cpp:
Auto merged
storage/ndb/src/ndbapi/ClusterMgr.cpp:
Auto merged
storage/ndb/src/ndbapi/DictCache.cpp:
Auto merged
storage/ndb/src/ndbapi/Ndb.cpp:
Auto merged
storage/ndb/src/ndbapi/NdbOperationExec.cpp:
Auto merged
storage/ndb/src/ndbapi/NdbOperationInt.cpp:
Auto merged
storage/ndb/src/ndbapi/NdbTransaction.cpp:
Auto merged
storage/ndb/src/ndbapi/Ndbif.cpp:
Auto merged
storage/ndb/tools/drop_index.cpp:
Auto merged
storage/ndb/tools/drop_tab.cpp:
Auto merged
storage/ndb/tools/ndb_condig.cpp:
Auto merged
tests/mysql_client_test.c:
Auto merged
vio/viossl.c:
Auto merged
vio/viosslfactories.c:
Auto merged
BUILD/SETUP.sh:
Use local version
client/client_priv.h:
Manual merge
mysql-test/mysql-test-run.pl:
Manual merge
mysql-test/r/ctype_cp1250_ch.result:
Manual merge
mysql-test/t/disabled.def:
Manual merge
mysys/hash.c:
Manual merge
mysys/thr_lock.c:
Manual merge
server-tools/instance-manager/mysql_connection.cc:
Manual merge
sql/ha_ndbcluster.cc:
Manual merge
sql/handler.cc:
Manual merge
sql/item_timefunc.cc:
Manual merge
sql/mysqld.cc:
Manual merge
sql/opt_range.cc:
Manual merge
sql/slave.cc:
Manual merge
sql/sql_parse.cc:
Manual merge
sql/sql_prepare.cc:
Manual merge
sql/sql_view.cc:
Manual merge
sql/table.cc:
Manual merge
storage/archive/ha_archive.cc:
Manual merge
storage/federated/ha_federated.cc:
Manual merge
storage/federated/ha_federated.h:
Manual merge
storage/innobase/handler/ha_innodb.cc:
Manual merge
storage/ndb/include/ndb_global.h.in:
Manual merge
storage/ndb/include/util/InputStream.hpp:
Manual merge
storage/ndb/include/util/SimpleProperties.hpp:
Manual merge
storage/ndb/src/kernel/blocks/backup/Backup.cpp:
Manual merge
storage/ndb/src/ndbapi/NdbOperationDefine.cpp:
Manual merge
storage/ndb/src/ndbapi/NdbOperationSearch.cpp:
Manual merge
storage/ndb/src/ndbapi/Ndbinit.cpp:
Manual merge
storage/ndb/src/ndbapi/ndb_cluster_connection.cpp:
Manual merge
strings/decimal.c:
Manual merge
vio/viosocket.c:
Manual merge
into neptunus.(none):/home/msvensson/mysql/mysql-5.1-new-maint
mysql-test/extra/rpl_tests/rpl_deadlock.test:
Auto merged
mysql-test/extra/rpl_tests/rpl_max_relay_size.test:
Auto merged
mysql-test/r/key_cache.result:
Auto merged
mysql-test/r/rpl_deadlock_innodb.result:
Auto merged
mysql-test/r/rpl_sp.result:
Auto merged
mysql-test/r/rpl_stm_max_relay_size.result:
Auto merged
mysql-test/r/rpl_timezone.result:
Auto merged
mysql-test/r/type_float.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/init_connect.test:
Auto merged
mysql-test/t/mysqldump.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
mysql-test/r/mysqldump.result:
Manual merge
mysql-test/r/rpl_drop_db.result:
Manual merge
mysql-test/r/rpl_variables.result:
Manual merge
mysql-test/t/rpl_drop_db.test:
Manual merge
mysql-test/t/rpl_sp.test:
Manual merge
mysql-test/t/rpl_timezone.test:
Manual merge
mysql-test/t/rpl_variables.test:
Manual merge
mysql-test/r/init_connect.result:
Restore global variable to the value it's set to when server is started
mysql-test/r/key_cache.result:
Restore global variable values to original
mysql-test/r/mysqldump.result:
Drop the user that was created. Specifying "drop user myDB_user" is equal to "drop user myDB_user@%"
mysql-test/r/rpl_deadlock.result:
Restore global variable values to original
mysql-test/r/rpl_drop_db.result:
Remove the conflicting file and drop database mysqltest1 before test exits
mysql-test/r/rpl_ignore_revoke.result:
As changes to mysql.* are ignored - explicitly delete the user on slave
mysql-test/r/rpl_init_slave.result:
Restore global variable values to original
mysql-test/r/rpl_max_relay_size.result:
Restore global variable values to original
mysql-test/r/rpl_sp.result:
Restore global variable values to original
mysql-test/r/rpl_timezone.result:
Restore global variable values to original
mysql-test/r/rpl_variables.result:
Restore global variable values to original
mysql-test/r/view_grant.result:
Use same user in all places in the same test "readonly" is equal to "readonly@%" not "readonly@localhost"
mysql-test/t/init_connect.test:
Restore global variable to the value it's set to when server is started
mysql-test/t/key_cache.test:
Restore global variable values to original
mysql-test/t/mysqldump.test:
Drop the user that was created. Specifying "drop user myDB_user" is equal to "drop user myDB_user@%"
mysql-test/t/rpl_deadlock.test:
Restore global variable values to original
mysql-test/t/rpl_drop_db.test:
Remove the conflicting file and drop database mysqltest1 before test exits
mysql-test/t/rpl_ignore_revoke.test:
As changes to mysql.* are ignored - explicitly delete the user on slave
mysql-test/t/rpl_init_slave.test:
Restore global variable values to original
mysql-test/t/rpl_max_relay_size.test:
Restore global variable values to original
mysql-test/t/rpl_sp.test:
Restore global variable values to original
mysql-test/t/rpl_timezone.test:
Restore global variable values to original
mysql-test/t/rpl_variables.test:
Restore global variable values to original
mysql-test/t/view_grant.test:
Use same user in all places in the same test "readonly" is equal to "readonly@%" not "readonly@localhost"
mysql-test/r/csv.result:
Update after add of missing semicolon
mysql-test/r/drop.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/flush.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/flush_block_commit.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/flush_read_lock_kill.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/grant2.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/handler.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/innodb_notembedded.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/kill.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/lock_multi.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/multi_update.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/mysqltest.result:
Update result
mysql-test/r/query_cache.result:
Update after add of missing semicolon
mysql-test/r/query_cache_notembedded.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/sp-threads.result:
Update result file, no space before commands that has been "sent"
mysql-test/r/sp_notembedded.result:
Update after add of missing semicolon
mysql-test/r/type_blob.result:
Remove extra drop table
mysql-test/t/csv.test:
Add missing semicolon
mysql-test/t/query_cache.test:
Add missing semicolon
mysql-test/t/sp-error.test:
Remove "tab" from end of error declaration
mysql-test/t/sp.test:
Wrong delimiter, used ; instead of |
mysql-test/t/sp_notembedded.test:
Wrong delimiter, used ; instead of |
mysql-test/t/view_grant.test:
An incomplete error name specification was used.
into bodhi.local:/opt/local/work/mysql-5.1-runtime-merge
BitKeeper/etc/ignore:
auto-union
BitKeeper/deleted/.del-libmysqld.dsp~78dc6a589e5a4149:
Auto merged
BitKeeper/deleted/.del-libmysqld.vcproj~a75d5b9a5967dea0:
Auto merged
BitKeeper/deleted/.del-mysqld.dsp~ffdbf2d234e23e56:
Auto merged
BitKeeper/deleted/.del-mysqld.vcproj~6aa7b3f9c3e28fcb:
Auto merged
libmysqld/Makefile.am:
Auto merged
mysql-test/Makefile.am:
Auto merged
mysql-test/r/date_formats.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/date_formats.test:
Auto merged
mysql-test/t/init_connect.test:
Auto merged
mysql-test/t/mysqldump.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.h:
Auto merged
sql/item.cc:
Auto merged
sql/item_create.cc:
Auto merged
sql/item_create.h:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/item_timefunc.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/opt_range.cc:
Auto merged
sql/set_var.h:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_cache.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_delete.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_trigger.cc:
Auto merged
sql/sql_udf.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
storage/ndb/include/kernel/GlobalSignalNumbers.h:
Auto merged
storage/ndb/src/kernel/blocks/dbdict/Dbdict.cpp:
Auto merged
storage/ndb/src/kernel/blocks/dbdict/Dbdict.hpp:
Auto merged
storage/ndb/src/kernel/blocks/dbdih/DbdihMain.cpp:
Auto merged
storage/ndb/src/ndbapi/ndberror.c:
Auto merged
support-files/mysql.spec.sh:
Auto merged
mysql-test/r/federated.result:
Use local.
mysql-test/r/myisam.result:
Manual merge.
mysql-test/t/federated.test:
Manual merge.
mysql-test/t/myisam.test:
Manual merge.
sql/Makefile.am:
Manual merge.
sql/set_var.cc:
Manual merge.
sql/sql_parse.cc:
Manual merge.
sql/sql_update.cc:
Manual merge.
storage/myisam/mi_create.c:
Manual merge.
into mysql.com:/home/tomash/src/mysql_ab/mysql-5.0-bug20570
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/sql_yacc.yy:
Auto merged
mysql-test/r/view_grant.result:
Manual merge.
mysql-test/t/view_grant.test:
Manual merge.
invoker name
The bug was fixed similar to how context switch is handled in
Item_func_sp::execute_impl(): we store pointer to current
Name_resolution_context in Item_func_current_user class, and use
its Security_context in Item_func_current_user::fix_fields().
mysql-test/r/view_grant.result:
Add result for bug#20570.
mysql-test/t/view_grant.test:
Add test case for bug#20570.
sql/item_create.cc:
Remove create_func_current_user(), as it is not used for automatic
function creation.
sql/item_create.h:
Remove prototype for create_func_current_user().
sql/item_strfunc.cc:
Add implementations for Item_func_user::init(),
Item_func_user::fix_fields() and
Item_func_current_user::fix_fields() methods. The latter uses
Security_context from current Name_resolution_context, if one is
defined.
sql/item_strfunc.h:
Move implementation of CURRENT_USER() out of Item_func_user to
to new Item_func_current_user class. For both classes calculate
user name in fix_fields() method.
For Item_func_current_user add context field to store
Name_resolution_context in effect.
sql/sql_yacc.yy:
Pass current Name_resolution_context to Item_func_current_user.
mysql-test/r/ctype_utf8.result:
Auto merged
mysql-test/r/insert_select.result:
Auto merged
mysql-test/r/key.result:
Auto merged
mysql-test/r/view_grant.result:
Auto merged
mysql-test/t/key.test:
Auto merged
mysql-test/t/view_grant.test:
Auto merged
sql/field.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_select.cc:
Auto merged
