Merge from mysql-5.0-security to mysql-5.1-security

Text conflict in sql/sp_head.cc

mysql-test/r/sp-security.result

@@ -567,3 +567,33 @@ DROP USER 'tester';
 DROP USER 'Tester';
 DROP DATABASE B48872;
 End of 5.0 tests.
+#
+# Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
+#              DEFINITION OF ANY ROUTINE. 
+#
+DROP DATABASE IF EXISTS db1;
+CREATE DATABASE db1;
+CREATE PROCEDURE db1.p1() SELECT 1;
+CREATE USER user2@localhost IDENTIFIED BY '';
+GRANT SELECT(db) ON mysql.proc TO user2@localhost;
+# Connection con2 as user2
+# The below statements before disclosed info from body_utf8 column.
+SHOW CREATE PROCEDURE db1.p1;
+ERROR 42000: PROCEDURE p1 does not exist
+SHOW PROCEDURE CODE db1.p1;
+ERROR 42000: PROCEDURE p1 does not exist
+# Check that SHOW works with SELECT grant on whole table
+# Connection default
+GRANT SELECT ON mysql.proc TO user2@localhost;
+# Connection con2
+# This should work
+SHOW CREATE PROCEDURE db1.p1;
+Procedure	sql_mode	Create Procedure	character_set_client	collation_connection	Database Collation
+p1		CREATE DEFINER=`root`@`localhost` PROCEDURE `p1`()
+SELECT 1	latin1	latin1_swedish_ci	latin1_swedish_ci
+SHOW PROCEDURE CODE db1.p1;
+Pos	Instruction
+0	stmt 0 "SELECT 1"
+# Connection default
+DROP USER user2@localhost;
+DROP DATABASE db1;

mysql-test/t/sp-security.test

@@ -926,6 +926,46 @@ DROP DATABASE B48872;
 
 --echo End of 5.0 tests.
 
+--echo #
+--echo # Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
+--echo #              DEFINITION OF ANY ROUTINE. 
+--echo #
+
+--disable_warnings
+DROP DATABASE IF EXISTS db1;
+--enable_warnings
+
+CREATE DATABASE db1;
+CREATE PROCEDURE db1.p1() SELECT 1;
+CREATE USER user2@localhost IDENTIFIED BY '';
+GRANT SELECT(db) ON mysql.proc TO user2@localhost;
+ 
+--echo # Connection con2 as user2
+connect (con2, localhost, user2);
+--echo # The below statements before disclosed info from body_utf8 column.
+--error ER_SP_DOES_NOT_EXIST
+SHOW CREATE PROCEDURE db1.p1;
+--error ER_SP_DOES_NOT_EXIST
+SHOW PROCEDURE CODE db1.p1;
+
+--echo # Check that SHOW works with SELECT grant on whole table
+--echo # Connection default
+connection default;
+GRANT SELECT ON mysql.proc TO user2@localhost;
+
+--echo # Connection con2
+connection con2;
+--echo # This should work
+SHOW CREATE PROCEDURE db1.p1;
+SHOW PROCEDURE CODE db1.p1;
+
+--echo # Connection default
+connection default;
+disconnect con2;
+DROP USER user2@localhost;
+DROP DATABASE db1;
+
+
 # Wait till all disconnects are completed
 --source include/wait_until_count_sessions.inc
 

sql/sp_head.cc

@@ -2386,7 +2386,8 @@ bool check_show_routine_access(THD *thd, sp_head *sp, bool *full_access)
   bzero((char*) &tables,sizeof(tables));
   tables.db= (char*) "mysql";
   tables.table_name= tables.alias= (char*) "proc";
-  *full_access= (!check_table_access(thd, SELECT_ACL, &tables, 1, TRUE) ||
+  *full_access= ((!check_table_access(thd, SELECT_ACL, &tables, 1, TRUE) &&
+                  (tables.grant.privilege & SELECT_ACL) != 0) ||
                  (!strcmp(sp->m_definer_user.str,
                           thd->security_ctx->priv_user) &&
                   !strcmp(sp->m_definer_host.str,