Auto-merge from mysql-5.0-security.
This commit is contained in:
Alexander Nozdrin
commit
0c2ef4a63d
@ -1252,6 +1252,80 @@ CURRENT_USER()
|
||||
root@localhost
|
||||
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
|
||||
SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
|
||||
|
||||
# Bug#57952
|
||||
|
||||
DROP DATABASE IF EXISTS mysqltest1;
|
||||
DROP DATABASE IF EXISTS mysqltest2;
|
||||
CREATE DATABASE mysqltest1;
|
||||
CREATE DATABASE mysqltest2;
|
||||
use mysqltest1;
|
||||
CREATE TABLE t1(a INT, b INT);
|
||||
INSERT INTO t1 VALUES (1, 1);
|
||||
CREATE TABLE t2(a INT);
|
||||
INSERT INTO t2 VALUES (2);
|
||||
CREATE TABLE mysqltest2.t3(a INT);
|
||||
INSERT INTO mysqltest2.t3 VALUES (4);
|
||||
CREATE USER testuser@localhost;
|
||||
GRANT CREATE ROUTINE, EXECUTE ON mysqltest1.* TO testuser@localhost;
|
||||
GRANT SELECT(b) ON t1 TO testuser@localhost;
|
||||
GRANT SELECT ON t2 TO testuser@localhost;
|
||||
GRANT SELECT ON mysqltest2.* TO testuser@localhost;
|
||||
|
||||
# Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
|
||||
PREPARE s1 FROM 'SELECT b FROM t1';
|
||||
PREPARE s2 FROM 'SELECT a FROM t2';
|
||||
PREPARE s3 FROM 'SHOW TABLES FROM mysqltest2';
|
||||
CREATE PROCEDURE p1() SELECT b FROM t1;
|
||||
CREATE PROCEDURE p2() SELECT a FROM t2;
|
||||
CREATE PROCEDURE p3() SHOW TABLES FROM mysqltest2;
|
||||
CALL p1;
|
||||
b
|
||||
1
|
||||
CALL p2;
|
||||
a
|
||||
2
|
||||
CALL p3;
|
||||
Tables_in_mysqltest2
|
||||
t3
|
||||
|
||||
# Connection: default
|
||||
REVOKE SELECT ON t1 FROM testuser@localhost;
|
||||
GRANT SELECT(a) ON t1 TO testuser@localhost;
|
||||
REVOKE SELECT ON t2 FROM testuser@localhost;
|
||||
REVOKE SELECT ON mysqltest2.* FROM testuser@localhost;
|
||||
|
||||
# Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
|
||||
# - Check column-level privileges...
|
||||
EXECUTE s1;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
|
||||
SELECT b FROM t1;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
|
||||
EXECUTE s1;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
|
||||
CALL p1;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
|
||||
# - Check table-level privileges...
|
||||
SELECT a FROM t2;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
|
||||
EXECUTE s2;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
|
||||
CALL p2;
|
||||
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
|
||||
# - Check database-level privileges...
|
||||
SHOW TABLES FROM mysqltest2;
|
||||
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
|
||||
EXECUTE s3;
|
||||
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
|
||||
CALL p3;
|
||||
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
|
||||
|
||||
# Connection: default
|
||||
DROP DATABASE mysqltest1;
|
||||
DROP DATABASE mysqltest2;
|
||||
DROP USER testuser@localhost;
|
||||
use test;
|
||||
|
||||
End of 5.0 tests
|
||||
set names utf8;
|
||||
grant select on test.* to юзер_юзер@localhost;
|
||||
|
||||
@ -1295,6 +1295,107 @@ SELECT CURRENT_USER();
|
||||
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
|
||||
SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
|
||||
|
||||
#
|
||||
# Bug#57952: privilege change is not taken into account by EXECUTE.
|
||||
#
|
||||
|
||||
--echo
|
||||
--echo # Bug#57952
|
||||
--echo
|
||||
|
||||
--disable_warnings
|
||||
DROP DATABASE IF EXISTS mysqltest1;
|
||||
DROP DATABASE IF EXISTS mysqltest2;
|
||||
--enable_warnings
|
||||
|
||||
CREATE DATABASE mysqltest1;
|
||||
CREATE DATABASE mysqltest2;
|
||||
|
||||
use mysqltest1;
|
||||
CREATE TABLE t1(a INT, b INT);
|
||||
INSERT INTO t1 VALUES (1, 1);
|
||||
|
||||
CREATE TABLE t2(a INT);
|
||||
INSERT INTO t2 VALUES (2);
|
||||
|
||||
CREATE TABLE mysqltest2.t3(a INT);
|
||||
INSERT INTO mysqltest2.t3 VALUES (4);
|
||||
|
||||
CREATE USER testuser@localhost;
|
||||
GRANT CREATE ROUTINE, EXECUTE ON mysqltest1.* TO testuser@localhost;
|
||||
GRANT SELECT(b) ON t1 TO testuser@localhost;
|
||||
GRANT SELECT ON t2 TO testuser@localhost;
|
||||
GRANT SELECT ON mysqltest2.* TO testuser@localhost;
|
||||
|
||||
--echo
|
||||
--echo # Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
|
||||
--connect (bug57952_con1,localhost,testuser,,mysqltest1)
|
||||
PREPARE s1 FROM 'SELECT b FROM t1';
|
||||
PREPARE s2 FROM 'SELECT a FROM t2';
|
||||
PREPARE s3 FROM 'SHOW TABLES FROM mysqltest2';
|
||||
|
||||
CREATE PROCEDURE p1() SELECT b FROM t1;
|
||||
CREATE PROCEDURE p2() SELECT a FROM t2;
|
||||
CREATE PROCEDURE p3() SHOW TABLES FROM mysqltest2;
|
||||
|
||||
CALL p1;
|
||||
CALL p2;
|
||||
CALL p3;
|
||||
|
||||
--echo
|
||||
--echo # Connection: default
|
||||
--connection default
|
||||
REVOKE SELECT ON t1 FROM testuser@localhost;
|
||||
GRANT SELECT(a) ON t1 TO testuser@localhost;
|
||||
REVOKE SELECT ON t2 FROM testuser@localhost;
|
||||
REVOKE SELECT ON mysqltest2.* FROM testuser@localhost;
|
||||
|
||||
--echo
|
||||
--echo # Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
|
||||
--connection bug57952_con1
|
||||
--echo # - Check column-level privileges...
|
||||
--error ER_COLUMNACCESS_DENIED_ERROR
|
||||
EXECUTE s1;
|
||||
|
||||
--error ER_COLUMNACCESS_DENIED_ERROR
|
||||
SELECT b FROM t1;
|
||||
|
||||
--error ER_COLUMNACCESS_DENIED_ERROR
|
||||
EXECUTE s1;
|
||||
|
||||
--error ER_COLUMNACCESS_DENIED_ERROR
|
||||
CALL p1;
|
||||
|
||||
--echo # - Check table-level privileges...
|
||||
--error ER_TABLEACCESS_DENIED_ERROR
|
||||
SELECT a FROM t2;
|
||||
|
||||
--error ER_TABLEACCESS_DENIED_ERROR
|
||||
EXECUTE s2;
|
||||
|
||||
--error ER_TABLEACCESS_DENIED_ERROR
|
||||
CALL p2;
|
||||
|
||||
--echo # - Check database-level privileges...
|
||||
--error ER_DBACCESS_DENIED_ERROR
|
||||
SHOW TABLES FROM mysqltest2;
|
||||
|
||||
--error ER_DBACCESS_DENIED_ERROR
|
||||
EXECUTE s3;
|
||||
|
||||
--error ER_DBACCESS_DENIED_ERROR
|
||||
CALL p3;
|
||||
|
||||
--echo
|
||||
--echo # Connection: default
|
||||
--connection default
|
||||
--disconnect bug57952_con1
|
||||
DROP DATABASE mysqltest1;
|
||||
DROP DATABASE mysqltest2;
|
||||
DROP USER testuser@localhost;
|
||||
use test;
|
||||
--echo
|
||||
|
||||
--echo End of 5.0 tests
|
||||
|
||||
#
|
||||
|
||||
@ -5936,6 +5936,8 @@ find_field_in_natural_join(THD *thd, TABLE_LIST *table_ref, const char *name,
|
||||
/*
|
||||
Find field by name in a base table or a view with temp table algorithm.
|
||||
|
||||
The caller is expected to check column-level privileges.
|
||||
|
||||
SYNOPSIS
|
||||
find_field_in_table()
|
||||
thd thread handler
|
||||
@ -6043,6 +6045,8 @@ find_field_in_table(THD *thd, TABLE *table, const char *name, uint length,
|
||||
This procedure detects the type of the table reference 'table_list'
|
||||
and calls the corresponding search routine.
|
||||
|
||||
The routine checks column-level privieleges for the found field.
|
||||
|
||||
RETURN
|
||||
0 field is not found
|
||||
view_ref_found found value in VIEW (real result is in *ref)
|
||||
@ -6316,8 +6320,16 @@ find_field_in_tables(THD *thd, Item_ident *item,
|
||||
when table_ref->field_translation != NULL.
|
||||
*/
|
||||
if (table_ref->table && !table_ref->view)
|
||||
{
|
||||
found= find_field_in_table(thd, table_ref->table, name, length,
|
||||
TRUE, &(item->cached_field_index));
|
||||
#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
||||
/* Check if there are sufficient access rights to the found field. */
|
||||
if (found && check_privileges &&
|
||||
check_column_grant_in_table_ref(thd, table_ref, name, length))
|
||||
found= WRONG_GRANT;
|
||||
#endif
|
||||
}
|
||||
else
|
||||
found= find_field_in_table_ref(thd, table_ref, name, length, item->name,
|
||||
NULL, NULL, ref, check_privileges,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user