From 36a26abd8f912c18efba651ad4d6f6f99747af15 Mon Sep 17 00:00:00 2001 From: "jimw@rama.(none)" <> Date: Mon, 24 Jul 2006 16:45:26 -0700 Subject: [PATCH] Bug #10668: CREATE USER does not enforce username length limit This appears to have just been an oversight -- CREATE USER was not enforcing the existing username limitations. --- mysql-test/r/grant.result | 3 +++ mysql-test/t/grant.test | 6 ++++++ sql/sql_acl.cc | 11 ++++++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/mysql-test/r/grant.result b/mysql-test/r/grant.result index 3f3325354ee..bb69202f1df 100644 --- a/mysql-test/r/grant.result +++ b/mysql-test/r/grant.result @@ -867,3 +867,6 @@ insert into mysql.user select * from t2; flush privileges; drop table t2; drop table t1; +create user mysqltest1_thisisreallytoolong; +ERROR HY000: Operation CREATE USER failed for 'mysqltest1_thisisreallytoolong'@'%' +End of 5.0 tests diff --git a/mysql-test/t/grant.test b/mysql-test/t/grant.test index a9d52f559ca..d025709cc21 100644 --- a/mysql-test/t/grant.test +++ b/mysql-test/t/grant.test @@ -680,4 +680,10 @@ drop table t2; drop table t1; +# +# Bug #10668: CREATE USER does not enforce username length limit +# +--error ER_CANNOT_USER +create user mysqltest1_thisisreallytoolong; +--echo End of 5.0 tests diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ae5ea210a47..3735f4403de 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -5220,7 +5220,16 @@ bool mysql_create_user(THD *thd, List &list) { result= TRUE; continue; - } + } + + if (user_name->host.length > HOSTNAME_LENGTH || + user_name->user.length > USERNAME_LENGTH) + { + append_user(&wrong_users, user_name); + result= TRUE; + continue; + } + /* Search all in-memory structures and grant tables for a mention of the new user name.