Commit 3dd927cf authored by unknown's avatar unknown

Fix for BUG#13198: SP executes if definer does not exist.

Basically, this fix contains a test case and removing of a workaround
for replication. This fix became possible after pushing WL#2897
(Complete definer support in stored routines).


mysql-test/r/sp-security.result:
  Updated the result file to contain results of test for BUG#13198.
mysql-test/t/sp-security.test:
  Added a test case for BUG#13198.
sql/sp_head.cc:
  Removed the workaround for replication, since WL#2897 is pushed and
  now definer attribute/clause is fully supported in stored routines.
parent 9a1fed13
...@@ -375,3 +375,47 @@ RETURN 3 ...@@ -375,3 +375,47 @@ RETURN 3
DROP USER mysqltest_1@localhost; DROP USER mysqltest_1@localhost;
DROP USER mysqltest_2@localhost; DROP USER mysqltest_2@localhost;
DROP DATABASE mysqltest; DROP DATABASE mysqltest;
---> connection: root
DROP DATABASE IF EXISTS mysqltest;
CREATE DATABASE mysqltest;
CREATE USER mysqltest_1@localhost;
GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
CREATE USER mysqltest_2@localhost;
GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
---> connection: mysqltest_1_con
use mysqltest;
CREATE PROCEDURE bug13198_p1()
SELECT 1;
CREATE FUNCTION bug13198_f1() RETURNS INT
RETURN 1;
CALL bug13198_p1();
1
1
SELECT bug13198_f1();
bug13198_f1()
1
---> connection: mysqltest_2_con
use mysqltest;
CALL bug13198_p1();
1
1
SELECT bug13198_f1();
bug13198_f1()
1
---> connection: root
DROP USER mysqltest_1@localhost;
---> connection: mysqltest_2_con
use mysqltest;
CALL bug13198_p1();
ERROR HY000: There is no 'mysqltest_1'@'localhost' registered
SELECT bug13198_f1();
ERROR HY000: There is no 'mysqltest_1'@'localhost' registered
---> connection: root
DROP USER mysqltest_2@localhost;
DROP DATABASE mysqltest;
...@@ -647,5 +647,100 @@ DROP USER mysqltest_2@localhost; ...@@ -647,5 +647,100 @@ DROP USER mysqltest_2@localhost;
DROP DATABASE mysqltest; DROP DATABASE mysqltest;
--disconnect mysqltest_1_con
--disconnect mysqltest_2_con
#
# BUG#13198: SP executes if definer does not exist
#
# Prepare environment.
--echo
--echo ---> connection: root
--connection con1root
--disable_warnings
DROP DATABASE IF EXISTS mysqltest;
--enable_warnings
CREATE DATABASE mysqltest;
CREATE USER mysqltest_1@localhost;
GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
CREATE USER mysqltest_2@localhost;
GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
--connect (mysqltest_1_con,localhost,mysqltest_1,,mysqltest)
--connect (mysqltest_2_con,localhost,mysqltest_2,,mysqltest)
# Create a procedure/function under u1.
--echo
--echo ---> connection: mysqltest_1_con
--connection mysqltest_1_con
use mysqltest;
CREATE PROCEDURE bug13198_p1()
SELECT 1;
CREATE FUNCTION bug13198_f1() RETURNS INT
RETURN 1;
CALL bug13198_p1();
SELECT bug13198_f1();
# Check that u2 can call the procedure/function.
--echo
--echo ---> connection: mysqltest_2_con
--connection mysqltest_2_con
use mysqltest;
CALL bug13198_p1();
SELECT bug13198_f1();
# Drop user u1 (definer of the object);
--echo
--echo ---> connection: root
--connection con1root
--disconnect mysqltest_1_con
DROP USER mysqltest_1@localhost;
# Check that u2 can not call the procedure/function.
--echo
--echo ---> connection: mysqltest_2_con
--connection mysqltest_2_con
use mysqltest;
--error ER_NO_SUCH_USER
CALL bug13198_p1();
--error ER_NO_SUCH_USER
SELECT bug13198_f1();
# Cleanup.
--echo
--echo ---> connection: root
--connection con1root
--disconnect mysqltest_2_con
DROP USER mysqltest_2@localhost;
DROP DATABASE mysqltest;
# End of 5.0 bugs. # End of 5.0 bugs.
...@@ -3171,24 +3171,9 @@ sp_change_security_context(THD *thd, sp_head *sp, Security_context **backup) ...@@ -3171,24 +3171,9 @@ sp_change_security_context(THD *thd, sp_head *sp, Security_context **backup)
sp->m_definer_host.str, sp->m_definer_host.str,
sp->m_db.str)) sp->m_db.str))
{ {
#ifdef NOT_YET_REPLICATION_SAFE
/*
Until we don't properly replicate information about stored routine
definer with stored routine creation statement all stored routines
on slave are created under ''@'' definer. Therefore we won't be able
to run any routine which was replicated from master on slave server
if we emit error here. This will cause big problems for users
who use slave for fail-over. So until we fully implement WL#2897
"Complete definer support in the stored routines" we run suid
stored routines for which we were unable to find definer under
invoker security context.
*/
my_error(ER_NO_SUCH_USER, MYF(0), sp->m_definer_user.str, my_error(ER_NO_SUCH_USER, MYF(0), sp->m_definer_user.str,
sp->m_definer_host.str); sp->m_definer_host.str);
return TRUE; return TRUE;
#else
return FALSE;
#endif
} }
*backup= thd->security_ctx; *backup= thd->security_ctx;
thd->security_ctx= &sp->m_security_ctx; thd->security_ctx= &sp->m_security_ctx;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment