The problem:
I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL
privileges for a view. It leads to discrepancy between SHOW CREATE VIEW
and I_S.VIEWS.
The fix:
added appropriate check.
mysql-test/r/information_schema_db.result:
test result
mysql-test/t/information_schema_db.test:
test case
sql/sql_show.cc:
The problem:
I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL
privileges for a view. It leads to discrepancy between SHOW CREATE VIEW
and I_S.VIEWS.
The fix:
added appropriate check.
give some leeway on required permissions for SHOW FIELDS on views so
an unknonwn DEFINER will no longer break mysqldump
client/client_priv.h:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
client/mysqldump.c:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
mysql-test/r/information_schema_db.result:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
mysql-test/t/information_schema_db.test:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
sql/sql_base.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
be a little more lenient for SHOW FIELDS FROM
sql/sql_parse.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
be a little more lenient for SHOW FIELDS FROM on views on views
sql/sql_view.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
give SHOW FIELDS the same perks as SHOW CREATE
sql/table.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
give SHOW FIELDS the same perks as SHOW CREATE
libmysqld/lib_sql.cc:
check for bootstrap added
mysql-test/include/federated.inc:
disabled in embedded
mysql-test/mysql-test-run.pl:
we disable ssh in embedded server
mysql-test/r/bdb.result:
part moved to bdb_notembedded as it uses binlog
mysql-test/r/flush_block_commit.result:
part moved to flush_block_commit_notembedded
mysql-test/r/insert.result:
part moved to insert_notembedded as delayed works differently in embedded server
mysql-test/r/insert_select.result:
part moved to insert_notembedded as GRANTS usually disabled in embedded server
mysql-test/r/join.result:
access rights hidden in result
mysql-test/t/backup.test:
now available in embedded server
mysql-test/t/bdb.test:
part moved to bdb_notembedded as it uses binlog
mysql-test/t/delayed.test:
code trimmed
mysql-test/t/execution_constants.test:
skipped in embedded-server mode
mysql-test/t/flush_block_commit.test:
moved to flush_block_commit_notembedded
mysql-test/t/information_schema_db.test:
skipped in embedded-server
mysql-test/t/innodb.test:
directories replaced to be embedded-server compliant
mysql-test/t/insert.test:
part moved to insert_notembedded
mysql-test/t/insert_select.test:
part moved to insert_notembedded
mysql-test/t/join.test:
access rights hidden
mysql-test/t/status.test:
skipped in embedded server
mysql-test/t/trigger.test:
directories replaced to be embedded-server compliant
sql/item_strfunc.cc:
extra contexts not needed whan access checks disabled
sql/share/errmsg.txt:
bigger paths reserved to prevent test's fails
mysql-test/r/bdb_notembedded.result:
***MISSING WEAVE***
mysql-test/r/flush_block_commit_notembedded.result:
added
mysql-test/r/insert_notembedded.result:
added
mysql-test/t/bdb_notembedded.test:
***MISSING WEAVE***
mysql-test/t/flush_block_commit_notembedded.test:
added
mysql-test/t/insert_notembedded.test:
added
The fix is: if user has privileges to view fields and user has any
(insert,select,delete,update) privileges on underlying view
then 'show fields' and select from I_S.COLUMNS table are sucsessful.
mysql-test/r/information_schema_db.result:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test result
mysql-test/t/information_schema_db.test:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test case
sql/sql_acl.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
checked that user has privileges on underlying view and if it's true
set allowed_show to true for top view.
sql/sql_show.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
removed unnecessary rights check.'tables->allowed_show' check is used instead
sql/sql_view.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
skip the check of SHOW_VIEW_ACL privilege on underlying view. It is done later during
execution of find_field_in_table_ref function.
sql/table.h:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
'allowed_show' is set during rights check for view. If true then user has privileges
for 'show create view', etc
Bug#18282 "INFORMATION_SCHEMA.TABLES provides inconsistent info about invalid views"
This bug caused crashes or resulted in wrong data being returned
when one tried to obtain information from I_S tables about views
using stored functions.
It was caused by the fact that we were using LEX representing
statement which were doing select from I_S tables as active LEX
when contents of I_S table were built. So state of this LEX both
affected and was affected by open_tables() calls which happened
during this process. This resulted in wrong behavior and in
violations of some of invariants which caused crashes.
This fix tries to solve this problem by properly saving/resetting
and restoring part of LEX which affects and is affected by the
process of opening tables and views in get_all_tables() routine.
To simplify things we separated this part of LEX in a new class
and made LEX its descendant.
mysql-test/r/information_schema_db.result:
test case
mysql-test/t/information_schema_db.test:
test case
sql/sql_lex.cc:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_lex.h:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_show.cc:
Now in get_all_tables() routine we properly save/reset and
restore part of LEX (statement table list and information
about routines used) which affects and is affected by the
process of opening tables and views.
sql/sql_table.cc:
Now we clean-up LEX after opening table (view) in two stages.
In the first stage we call LEX::cleanup_after_one_table_open()
to clean-up selects lists and derived tables state. In the
second stage which happens after close_thread_tables() is
invoked we call Query_tables_list::reset_query_tables_list(FALSE)
to rollback changes in Query_tables_list.
Crash happened when one selected data from one of INFORMATION_SCHEMA
tables and in order to build its contents server had to open view which
used stored function and table or view on which one had not global or
database-level privileges (e.g. had only table-level or had no
privileges at all).
The crash was caused by usage of check_grant() function, which assumes
that either number of tables to be inspected by it is limited explicitly
or table list used and thd->lex->query_tables_own_last value correspond
to each other (the latter should be either 0 or point to next_global
member of one of elements of this table list), in conditions when
above assumptions were not true. This fix just explicitly limits
number of tables to be inspected. Other negative effects which are
caused by the fact that thd->lex->query_tables_own_last might not
be set properly during processing of I_S tables are less disastrous
and will be reported and fixed separetely.
mysql-test/r/information_schema_db.result:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
mysql-test/t/information_schema_db.test:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
sql/sql_acl.cc:
added note
