The flag EXTRA_ACL is used in conjugation with our access checks, yet it is
not clear what impact this flag has.
This is a code clean up which replaces use of EXTRA_ACL with an explicit
function parameter.
The patch also fixes privilege checks for:
- SHOW CREATE TABLE: The new privilege requirement is any privilege on
the table-level.
- CHECKSUM TABLE: Requires SELECT on the table level.
- SHOW CREATE VIEW: Requires SHOW_VIEW and SELECT on the table level
(just as the manual claims)
- SHOW INDEX: Requires any privilege on any column combination.
mysql-test/r/grant.result:
* Error message now shows correct command (SHOW instead of SELECT)
mysql-test/r/grant2.result:
* Error message now shows correct command (SHOW instead of SELECT)
mysql-test/r/grant4.result:
* This test file tests privilege requirements for
SHOW COLUMNS
CREATE TABLE .. LIKE
SHOW CREATE TABLE
SHOW INDEX
CHECKSUM TABLE
SHOW CREATE VIEW
mysql-test/r/information_schema_db.result:
* Added SELECT privilege to testdb_2 as
SHOW CREATE VIEW now demands this privilege
as well as SHOW VIEW.
mysql-test/r/outfile.result:
* Changed error code
mysql-test/r/view_grant.result:
* Additional SELECT privilege is now needed
for SHOW CREATE VIEW
mysql-test/t/grant4.test:
* This test file tests privilege requirements for
SHOW COLUMNS
CREATE TABLE .. LIKE
SHOW CREATE TABLE
SHOW INDEX
CHECKSUM TABLE
SHOW CREATE VIEW
mysql-test/t/information_schema_db.test:
* Added SELECT privilege to testdb_2 as
SHOW CREATE VIEW now demands this privilege
as well as SHOW VIEW.
mysql-test/t/outfile.test:
* Changed error code
mysql-test/t/view_grant.test:
* Additional SELECT privilege is now needed
for SHOW CREATE VIEW
sql/mysql_priv.h:
* Replaced EXTRA_ACL with a parameter
sql/sp_head.cc:
* Replaced EXTRA_ACL with a parameter
sql/sql_acl.cc:
* Converted function documentation to doxygen and clarified some behaviors.
* Changed value from uint to bool to better reflect its meaning.
* Removed pointless variable orig_want_access
* Added function has_any_table_level_privileges to help with requirements
checks during SHOW CREATE TABLE.
sql/sql_acl.h:
* changed signature of check_grant()
* introduced access control function has_any_table_leevl_privileges()
sql/sql_base.cc:
* Check_table_access has new signature
sql/sql_cache.cc:
* Check_table_access has new signature
sql/sql_parse.cc:
* Rewrote function documentation in doxygen comments for: check_access,
check_table_acces, check_grant.
* Removed EXTRA_ACL flag where it doesn't hold any meaningful purpose anymore
and replaced it with a function parameter where any privileges on any column
combination would satisfy the requirement.
* Fixed privilege check for SHOW COLUMNS and SHOW INDEX
* Modified check_table_access to gain clarity in what EXTRA_ACL actually does.
* Modified check_access to gain clarity in what EXTRA_ACL actually does.
* Fixed privilege check for CREATE TABLE .. LIKE .. ; It now requires SELECT
privileges on the table.
* Fixed privilege check for SHOW CREATE TABLE ..; It now requires any privilege
on the table level.
sql/sql_plugin.cc:
* check_table_access has new signature
sql/sql_prepare.cc:
* check_table_access has new signature
sql/sql_show.cc:
* check_table_access has new signature
sql/sql_trigger.cc:
* check_table_access has new signature
sql/sql_update.cc:
* check grant has new signature
sql/sql_view.cc:
* check_table_access has new signature
view definition
During SHOW CREATE VIEW there is no reason to 'anonymize'
errors that name objects that a user does not have access
to. Moreover it was inconsistently implemented. For example
base tables being referenced from a view appear to be ok,
but not views. The manual on the other hand is clear: If a
user has the privileges SELECT and SHOW VIEW, the view
definition is available to that user, period. The fix
changes the behavior to support the manual.
mysql-test/r/information_schema_db.result:
Bug#35996: Changed warnings.
mysql-test/r/view_grant.result:
Bug#35996: Changed warnings, test result.
mysql-test/t/information_schema_db.test:
Bug#35996: Changed test case to reflect new behavior.
mysql-test/t/view_grant.test:
Bug#35996: Test case.
sql/sql_acl.cc:
Bug#35996: Code no longer necessary, we may as well exempt
SHOW CREATE VIEW from this check.
sql/sql_show.cc:
Bug#35996: The fix: An Internal_error_handler that hides
most errors raised by access checking as they are not
relevant to SHOW CREATE VIEW.
sql/table.cc:
Bug#35996: Restricting this hack to act only when there is
no Internal_error_handler.
All committed result differences have either been verified by me or copied from Oracle's provided
results (storage/innodb_plugin/mysql-test/*.result, storage/innodb_plugin/mysql-test/patches).
mysql-test/r/information_schema.result:
queries changed a bit
mysql-test/r/information_schema_db.result:
queries changed a bit
mysql-test/r/innodb-autoinc.result:
importing piece from storage/innodb_plugin/mysql-test/innodb-autoinc.result
mysql-test/r/innodb.result:
result close to storage/innodb_plugin/innodb.result, except 4095 pages instead of 8191, which makes
sense as Summit runs with a buffer pool of 64M, whereas the mentioned result file was made with
a buffer pool of 128M.
mysql-test/r/mysqlshow.result:
InnoDB I_S tables have arrived
mysql-test/suite/funcs_1/r/is_columns_is.result:
queries changed a bit
mysql-test/suite/funcs_1/r/is_columns_is_embedded.result:
queries changed a bit
mysql-test/suite/funcs_1/r/is_tables_is.result:
queries changed a bit
mysql-test/suite/funcs_1/t/is_columns_is.test:
making I_S queries ignore InnoDB I_S tables
mysql-test/suite/funcs_1/t/is_columns_is_embedded.test:
making I_S queries ignore InnoDB I_S tables
mysql-test/suite/funcs_1/t/is_tables_is.test:
making I_S queries ignore InnoDB I_S tables
mysql-test/suite/innodb/r/innodb-zip.result:
result update
mysql-test/suite/innodb/t/innodb-zip.test:
439, as size of prefix key, throws error with certain system zlib (ubuntu
"intrepid") but not with zlib bundled with MySQL, because zlib's
compressBound() are different (and used by InnoDB's page_zip_empty_size()).
mysql-test/suite/sys_vars/r/innodb_file_per_table_basic.result:
result update
mysql-test/suite/sys_vars/r/innodb_lock_wait_timeout_basic.result:
result update
mysql-test/suite/sys_vars/r/innodb_sync_spin_loops_basic_32.result:
result update (default value is 30 in the plugin, 20 in the builtin)
mysql-test/suite/sys_vars/r/innodb_sync_spin_loops_basic_64.result:
result update (default value is 30 in the plugin, 20 in the builtin)
mysql-test/suite/sys_vars/r/table_definition_cache_basic.result:
result update (default value is 400 in Summit)
mysql-test/suite/sys_vars/t/innodb_file_per_table_basic.test:
variable is writable in the plugin (patch from Oracle)
mysql-test/suite/sys_vars/t/innodb_lock_wait_timeout_basic.test:
variable is per-session in the plugin (patch from Oracle)
mysql-test/t/information_schema.test:
making I_S queries ignore InnoDB I_S tables
mysql-test/t/information_schema_db.test:
making I_S queries ignore InnoDB I_S tables
mysql-test/t/innodb-autoinc.test:
importing piece from storage/innodb_plugin/mysql-test/innodb-autoinc.test
mysql-test/t/innodb.test:
importing most of storage/innodb_plugin/t/innodb.test. Most replace_result were not needed (no path printed), some where (for --embedded).
mysql-test/t/mysqlshow.test:
output of test now depends on InnoDB or not InnoDB. As there is no way to make mysqlshow
produce a single output in those two cases (no way to make it exclude InnoDB I_S
tables), let the test depend on InnoDB, it isn't a very selective condition, and the
test is simple enough.
storage/innobase/CMakeLists.txt:
thanks Vlad for the noticing () vs {}
Details:
1. Add missing "disconnect <session>"
2. Take care that the disconnects are finished when the test terminates
3. Replace error names by error numbers
4. Minor beautifying of script code
The problem:
I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL
privileges for a view. It leads to discrepancy between SHOW CREATE VIEW
and I_S.VIEWS.
The fix:
added appropriate check.
mysql-test/r/information_schema_db.result:
test result
mysql-test/t/information_schema_db.test:
test case
sql/sql_show.cc:
The problem:
I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL
privileges for a view. It leads to discrepancy between SHOW CREATE VIEW
and I_S.VIEWS.
The fix:
added appropriate check.
give some leeway on required permissions for SHOW FIELDS on views so
an unknonwn DEFINER will no longer break mysqldump
client/client_priv.h:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
client/mysqldump.c:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
mysql-test/r/information_schema_db.result:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
mysql-test/t/information_schema_db.test:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
New option for mysqldump: redirect stderr to file ("2> for Windows")
sql/sql_base.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
be a little more lenient for SHOW FIELDS FROM
sql/sql_parse.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
be a little more lenient for SHOW FIELDS FROM on views on views
sql/sql_view.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
give SHOW FIELDS the same perks as SHOW CREATE
sql/table.cc:
Bug #26817: mysqldump fails to backup database containing view with invalid definer
give SHOW FIELDS the same perks as SHOW CREATE
libmysqld/lib_sql.cc:
check for bootstrap added
mysql-test/include/federated.inc:
disabled in embedded
mysql-test/mysql-test-run.pl:
we disable ssh in embedded server
mysql-test/r/bdb.result:
part moved to bdb_notembedded as it uses binlog
mysql-test/r/flush_block_commit.result:
part moved to flush_block_commit_notembedded
mysql-test/r/insert.result:
part moved to insert_notembedded as delayed works differently in embedded server
mysql-test/r/insert_select.result:
part moved to insert_notembedded as GRANTS usually disabled in embedded server
mysql-test/r/join.result:
access rights hidden in result
mysql-test/t/backup.test:
now available in embedded server
mysql-test/t/bdb.test:
part moved to bdb_notembedded as it uses binlog
mysql-test/t/delayed.test:
code trimmed
mysql-test/t/execution_constants.test:
skipped in embedded-server mode
mysql-test/t/flush_block_commit.test:
moved to flush_block_commit_notembedded
mysql-test/t/information_schema_db.test:
skipped in embedded-server
mysql-test/t/innodb.test:
directories replaced to be embedded-server compliant
mysql-test/t/insert.test:
part moved to insert_notembedded
mysql-test/t/insert_select.test:
part moved to insert_notembedded
mysql-test/t/join.test:
access rights hidden
mysql-test/t/status.test:
skipped in embedded server
mysql-test/t/trigger.test:
directories replaced to be embedded-server compliant
sql/item_strfunc.cc:
extra contexts not needed whan access checks disabled
sql/share/errmsg.txt:
bigger paths reserved to prevent test's fails
mysql-test/r/bdb_notembedded.result:
***MISSING WEAVE***
mysql-test/r/flush_block_commit_notembedded.result:
added
mysql-test/r/insert_notembedded.result:
added
mysql-test/t/bdb_notembedded.test:
***MISSING WEAVE***
mysql-test/t/flush_block_commit_notembedded.test:
added
mysql-test/t/insert_notembedded.test:
added
The fix is: if user has privileges to view fields and user has any
(insert,select,delete,update) privileges on underlying view
then 'show fields' and select from I_S.COLUMNS table are sucsessful.
mysql-test/r/information_schema_db.result:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test result
mysql-test/t/information_schema_db.test:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
test case
sql/sql_acl.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
checked that user has privileges on underlying view and if it's true
set allowed_show to true for top view.
sql/sql_show.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
removed unnecessary rights check.'tables->allowed_show' check is used instead
sql/sql_view.cc:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
skip the check of SHOW_VIEW_ACL privilege on underlying view. It is done later during
execution of find_field_in_table_ref function.
sql/table.h:
Bug#20543 select on information_schema strange warnings, view, different schemas/users
'allowed_show' is set during rights check for view. If true then user has privileges
for 'show create view', etc
Bug#18282 "INFORMATION_SCHEMA.TABLES provides inconsistent info about invalid views"
This bug caused crashes or resulted in wrong data being returned
when one tried to obtain information from I_S tables about views
using stored functions.
It was caused by the fact that we were using LEX representing
statement which were doing select from I_S tables as active LEX
when contents of I_S table were built. So state of this LEX both
affected and was affected by open_tables() calls which happened
during this process. This resulted in wrong behavior and in
violations of some of invariants which caused crashes.
This fix tries to solve this problem by properly saving/resetting
and restoring part of LEX which affects and is affected by the
process of opening tables and views in get_all_tables() routine.
To simplify things we separated this part of LEX in a new class
and made LEX its descendant.
mysql-test/r/information_schema_db.result:
test case
mysql-test/t/information_schema_db.test:
test case
sql/sql_lex.cc:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_lex.h:
To simplify saving/resetting and restoring part of LEX which
affects and is affected by the process of opening tables and
views we moved it to new class Query_tables_list and made LEX
descendant of this class. Also introduced two LEX methods
which can be used to save and reset or to restore this state.
sql/sql_show.cc:
Now in get_all_tables() routine we properly save/reset and
restore part of LEX (statement table list and information
about routines used) which affects and is affected by the
process of opening tables and views.
sql/sql_table.cc:
Now we clean-up LEX after opening table (view) in two stages.
In the first stage we call LEX::cleanup_after_one_table_open()
to clean-up selects lists and derived tables state. In the
second stage which happens after close_thread_tables() is
invoked we call Query_tables_list::reset_query_tables_list(FALSE)
to rollback changes in Query_tables_list.
Crash happened when one selected data from one of INFORMATION_SCHEMA
tables and in order to build its contents server had to open view which
used stored function and table or view on which one had not global or
database-level privileges (e.g. had only table-level or had no
privileges at all).
The crash was caused by usage of check_grant() function, which assumes
that either number of tables to be inspected by it is limited explicitly
or table list used and thd->lex->query_tables_own_last value correspond
to each other (the latter should be either 0 or point to next_global
member of one of elements of this table list), in conditions when
above assumptions were not true. This fix just explicitly limits
number of tables to be inspected. Other negative effects which are
caused by the fact that thd->lex->query_tables_own_last might not
be set properly during processing of I_S tables are less disastrous
and will be reported and fixed separetely.
mysql-test/r/information_schema_db.result:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
mysql-test/t/information_schema_db.test:
Fix for bug #18113 "SELECT * FROM information_schema.xxx crashes server"
test case
sql/sql_acl.cc:
added note