1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto-merge from mysql-5.0-security.

Browse Source
This commit is contained in:
Alexander Nozdrin 2010-12-15 19:08:21 +03:00
commit 0c2ef4a63d
3 changed files with 187 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
mysql-test/r/grant.result
View File

@ -1252,6 +1252,80 @@ CURRENT_USER()
root@localhost root@localhost
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin"); SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
SET PASSWORD FOR CURRENT_USER() = PASSWORD(""); SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
# Bug#57952
DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest2;
CREATE DATABASE mysqltest1;
CREATE DATABASE mysqltest2;
use mysqltest1;
CREATE TABLE t1(a INT, b INT);
INSERT INTO t1 VALUES (1, 1);
CREATE TABLE t2(a INT);
INSERT INTO t2 VALUES (2);
CREATE TABLE mysqltest2.t3(a INT);
INSERT INTO mysqltest2.t3 VALUES (4);
CREATE USER testuser@localhost;
GRANT CREATE ROUTINE, EXECUTE ON mysqltest1.* TO testuser@localhost;
GRANT SELECT(b) ON t1 TO testuser@localhost;
GRANT SELECT ON t2 TO testuser@localhost;
GRANT SELECT ON mysqltest2.* TO testuser@localhost;
# Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
PREPARE s1 FROM 'SELECT b FROM t1';
PREPARE s2 FROM 'SELECT a FROM t2';
PREPARE s3 FROM 'SHOW TABLES FROM mysqltest2';
CREATE PROCEDURE p1() SELECT b FROM t1;
CREATE PROCEDURE p2() SELECT a FROM t2;
CREATE PROCEDURE p3() SHOW TABLES FROM mysqltest2;
CALL p1;
b
1
CALL p2;
a
2
CALL p3;
Tables_in_mysqltest2
t3
# Connection: default
REVOKE SELECT ON t1 FROM testuser@localhost;
GRANT SELECT(a) ON t1 TO testuser@localhost;
REVOKE SELECT ON t2 FROM testuser@localhost;
REVOKE SELECT ON mysqltest2.* FROM testuser@localhost;
# Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
# - Check column-level privileges...
EXECUTE s1;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
SELECT b FROM t1;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
EXECUTE s1;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
CALL p1;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for column 'b' in table 't1'
# - Check table-level privileges...
SELECT a FROM t2;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
EXECUTE s2;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
CALL p2;
ERROR 42000: SELECT command denied to user 'testuser'@'localhost' for table 't2'
# - Check database-level privileges...
SHOW TABLES FROM mysqltest2;
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
EXECUTE s3;
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
CALL p3;
ERROR 42000: Access denied for user 'testuser'@'localhost' to database 'mysqltest2'
# Connection: default
DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2;
DROP USER testuser@localhost;
use test;
End of 5.0 tests End of 5.0 tests
set names utf8; set names utf8;
grant select on test.* to юзер_юзер@localhost; grant select on test.* to юзер_юзер@localhost;

101
mysql-test/t/grant.test
View File

@ -1295,6 +1295,107 @@ SELECT CURRENT_USER();
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin"); SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
SET PASSWORD FOR CURRENT_USER() = PASSWORD(""); SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
#
# Bug#57952: privilege change is not taken into account by EXECUTE.
#
--echo
--echo # Bug#57952
--echo
--disable_warnings
DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest2;
--enable_warnings
CREATE DATABASE mysqltest1;
CREATE DATABASE mysqltest2;
use mysqltest1;
CREATE TABLE t1(a INT, b INT);
INSERT INTO t1 VALUES (1, 1);
CREATE TABLE t2(a INT);
INSERT INTO t2 VALUES (2);
CREATE TABLE mysqltest2.t3(a INT);
INSERT INTO mysqltest2.t3 VALUES (4);
CREATE USER testuser@localhost;
GRANT CREATE ROUTINE, EXECUTE ON mysqltest1.* TO testuser@localhost;
GRANT SELECT(b) ON t1 TO testuser@localhost;
GRANT SELECT ON t2 TO testuser@localhost;
GRANT SELECT ON mysqltest2.* TO testuser@localhost;
--echo
--echo # Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
--connect (bug57952_con1,localhost,testuser,,mysqltest1)
PREPARE s1 FROM 'SELECT b FROM t1';
PREPARE s2 FROM 'SELECT a FROM t2';
PREPARE s3 FROM 'SHOW TABLES FROM mysqltest2';
CREATE PROCEDURE p1() SELECT b FROM t1;
CREATE PROCEDURE p2() SELECT a FROM t2;
CREATE PROCEDURE p3() SHOW TABLES FROM mysqltest2;
CALL p1;
CALL p2;
CALL p3;
--echo
--echo # Connection: default
--connection default
REVOKE SELECT ON t1 FROM testuser@localhost;
GRANT SELECT(a) ON t1 TO testuser@localhost;
REVOKE SELECT ON t2 FROM testuser@localhost;
REVOKE SELECT ON mysqltest2.* FROM testuser@localhost;
--echo
--echo # Connection: bug57952_con1 (testuser@localhost, db: mysqltest1)
--connection bug57952_con1
--echo # - Check column-level privileges...
--error ER_COLUMNACCESS_DENIED_ERROR
EXECUTE s1;
--error ER_COLUMNACCESS_DENIED_ERROR
SELECT b FROM t1;
--error ER_COLUMNACCESS_DENIED_ERROR
EXECUTE s1;
--error ER_COLUMNACCESS_DENIED_ERROR
CALL p1;
--echo # - Check table-level privileges...
--error ER_TABLEACCESS_DENIED_ERROR
SELECT a FROM t2;
--error ER_TABLEACCESS_DENIED_ERROR
EXECUTE s2;
--error ER_TABLEACCESS_DENIED_ERROR
CALL p2;
--echo # - Check database-level privileges...
--error ER_DBACCESS_DENIED_ERROR
SHOW TABLES FROM mysqltest2;
--error ER_DBACCESS_DENIED_ERROR
EXECUTE s3;
--error ER_DBACCESS_DENIED_ERROR
CALL p3;
--echo
--echo # Connection: default
--connection default
--disconnect bug57952_con1
DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2;
DROP USER testuser@localhost;
use test;
--echo
--echo End of 5.0 tests --echo End of 5.0 tests
# #

12
sql/sql_base.cc
View File

@ -5936,6 +5936,8 @@ find_field_in_natural_join(THD *thd, TABLE_LIST *table_ref, const char *name,
/* /*
Find field by name in a base table or a view with temp table algorithm. Find field by name in a base table or a view with temp table algorithm.
The caller is expected to check column-level privileges.
SYNOPSIS SYNOPSIS
find_field_in_table() find_field_in_table()
thd thread handler thd thread handler
@ -6043,6 +6045,8 @@ find_field_in_table(THD *thd, TABLE *table, const char *name, uint length,
This procedure detects the type of the table reference 'table_list' This procedure detects the type of the table reference 'table_list'
and calls the corresponding search routine. and calls the corresponding search routine.
The routine checks column-level privieleges for the found field.
RETURN RETURN
0 field is not found 0 field is not found
view_ref_found found value in VIEW (real result is in *ref) view_ref_found found value in VIEW (real result is in *ref)
@ -6316,8 +6320,16 @@ find_field_in_tables(THD *thd, Item_ident *item,
when table_ref->field_translation != NULL. when table_ref->field_translation != NULL.
*/ */
if (table_ref->table && !table_ref->view) if (table_ref->table && !table_ref->view)
{
found= find_field_in_table(thd, table_ref->table, name, length, found= find_field_in_table(thd, table_ref->table, name, length,
TRUE, &(item->cached_field_index)); TRUE, &(item->cached_field_index));
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/* Check if there are sufficient access rights to the found field. */
if (found && check_privileges &&
check_column_grant_in_table_ref(thd, table_ref, name, length))
found= WRONG_GRANT;
#endif
}
else else
found= find_field_in_table_ref(thd, table_ref, name, length, item->name, found= find_field_in_table_ref(thd, table_ref, name, length, item->name,
NULL, NULL, ref, check_privileges, NULL, NULL, ref, check_privileges,