merge 5.0-opt -> 5.1-opt

61085ae6 · gkodinov/kgeorge@magare.gmz · 5ac2fd0b · 93d44a18 · 61085ae6 · 61085ae6
Commit 61085ae6 authored Oct 01, 2007 by gkodinov/kgeorge@magare.gmz
8 changed files
--- a/mysql-test/r/func_math.result
+++ b/mysql-test/r/func_math.result
@@ -372,25 +372,17 @@ pow(cast(-2 as unsigned), 5)	pow(18446744073709551614, 5)	pow(-2, 5)
 CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1));
 INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0);
 SELECT a DIV 900 y FROM t1 GROUP BY y;
-Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
-def				y	y	8	19	11	Y	32800	0	63
 y
 22201025555
 22255916666
 SELECT DISTINCT a DIV 900 y FROM t1;
-Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
-def				y	y	8	19	11	Y	32800	0	63
 y
 22201025555
 22255916666
 SELECT b DIV 900 y FROM t1 GROUP BY y;
-Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
-def				y	y	8	20	1	Y	32768	0	63
 y
 0
 SELECT c DIV 900 y FROM t1 GROUP BY y;
-Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
-def				y	y	3	1	1	Y	32800	0	63
 y
 0
 DROP TABLE t1;

--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@@ -778,15 +778,60 @@ GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
 GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
 GRANT SELECT ON db26813.t1 TO u26813@localhost;
 ALTER VIEW v1 AS SELECT f2 FROM t1;
-ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1'
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
 ALTER VIEW v2 AS SELECT f2 FROM t1;
-ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2'
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
 ALTER VIEW v3 AS SELECT f2 FROM t1;
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
 SHOW CREATE VIEW v3;
 View	Create View	character_set_client	collation_connection
 v3	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1`	latin1	latin1_swedish_ci
 DROP USER u26813@localhost;
 DROP DATABASE db26813;
+#
+# Bug#29908: A user can gain additional access through the ALTER VIEW.
+#
+CREATE DATABASE mysqltest_29908;
+USE mysqltest_29908;
+CREATE TABLE t1(f1 INT, f2 INT);
+CREATE USER u29908_1@localhost;
+CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
+CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
+SELECT f1 FROM t1;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
+CREATE USER u29908_2@localhost;
+GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
+SHOW CREATE VIEW v2;
+View	Create View
+v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1`
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v2;
+View	Create View
+v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`
+ALTER VIEW v1 AS SELECT f1 FROM t1;
+SHOW CREATE VIEW v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1`
+ALTER VIEW v2 AS SELECT f1 FROM t1;
+SHOW CREATE VIEW v2;
+View	Create View
+v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
+DROP USER u29908_1@localhost;
+DROP USER u29908_2@localhost;
+DROP DATABASE mysqltest_29908;
+#######################################################################
 DROP DATABASE IF EXISTS mysqltest1;
 DROP DATABASE IF EXISTS mysqltest2;
 CREATE DATABASE mysqltest1;

--- a/mysql-test/t/func_math.test
+++ b/mysql-test/t/func_math.test
@@ -230,12 +230,10 @@ select pow(cast(-2 as unsigned), 5), pow(18446744073709551614, 5), pow(-2, 5);

 CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1));
 INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0);
--enable_metadata
 SELECT a DIV 900 y FROM t1 GROUP BY y;
 SELECT DISTINCT a DIV 900 y FROM t1;
 SELECT b DIV 900 y FROM t1 GROUP BY y;
 SELECT c DIV 900 y FROM t1 GROUP BY y;
--disable_metadata
 DROP TABLE t1;

 CREATE TABLE t1(a LONGBLOB);

--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@@ -1040,10 +1040,11 @@ GRANT SELECT ON db26813.t1 TO u26813@localhost;

 connect (u1,localhost,u26813,,db26813);
 connection u1;
--error 1142
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
 ALTER VIEW v1 AS SELECT f2 FROM t1;
--error 1142
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
 ALTER VIEW v2 AS SELECT f2 FROM t1;
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
 ALTER VIEW v3 AS SELECT f2 FROM t1;

 connection root;
@@ -1053,6 +1054,51 @@ DROP USER u26813@localhost;
 DROP DATABASE db26813;
 disconnect u1;

+--echo #
+--echo # Bug#29908: A user can gain additional access through the ALTER VIEW.
+--echo #
+connection root;
+CREATE DATABASE mysqltest_29908;
+USE mysqltest_29908;
+CREATE TABLE t1(f1 INT, f2 INT);
+CREATE USER u29908_1@localhost;
+CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
+CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
+  SELECT f1 FROM t1;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
+CREATE USER u29908_2@localhost;
+GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
+
+connect (u2,localhost,u29908_2,,mysqltest_29908);
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v2;
+
+connect (u1,localhost,u29908_1,,mysqltest_29908);
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v1;
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v2;
+
+connection root;
+ALTER VIEW v1 AS SELECT f1 FROM t1;
+SHOW CREATE VIEW v1;
+ALTER VIEW v2 AS SELECT f1 FROM t1;
+SHOW CREATE VIEW v2;
+
+DROP USER u29908_1@localhost;
+DROP USER u29908_2@localhost;
+DROP DATABASE mysqltest_29908;
+disconnect u1;
+disconnect u2;
+--echo #######################################################################
+
 #
 # BUG#24040: Create View don't succed with "all privileges" on a database.
 #

--- a/sql/field.cc
+++ b/sql/field.cc
@@ -1457,15 +1457,24 @@ void Field_num::add_zerofill_and_unsigned(String &res) const

 void Field::make_field(Send_field *field)
 {
-  if (orig_table->s->db.str && *orig_table->s->db.str)
+  if (orig_table && orig_table->s->db.str && *orig_table->s->db.str)
  {
    field->db_name= orig_table->s->db.str;
    field->org_table_name= orig_table->s->table_name.str;
  }
  else
    field->org_table_name= field->db_name= "";
-  field->table_name= orig_table->alias;
-  field->col_name= field->org_col_name= field_name;
+  if (orig_table)
+  {
+    field->table_name= orig_table->alias;
+    field->org_col_name= field_name;
+  }
+  else
+  {
+    field->table_name= "";
+    field->org_col_name= "";
+  }
+  field->col_name= field_name;
  field->charsetnr= charset()->number;
  field->length=field_length;
  field->type=type();

--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -14800,6 +14800,9 @@ change_to_use_tmp_fields(THD *thd, Item **ref_pointer_array,
 	  item_field= (Item*) new Item_field(field);
 	if (!item_field)
 	  DBUG_RETURN(TRUE);                    // Fatal error
+
+        if (item->real_item()->type() != Item::FIELD_ITEM)
+          field->orig_table= 0;
 	item_field->name= item->name;
        if (item->type() == Item::REF_ITEM)
        {

--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -223,9 +223,6 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
 {
  LEX *lex= thd->lex;
  bool link_to_local;
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
-  bool definer_check_is_needed= mode != VIEW_ALTER || lex->definer;
-#endif
  /* first table in list is target VIEW name => cut off it */
  TABLE_LIST *view= lex->unlink_first_table(&link_to_local);
  TABLE_LIST *tables= lex->query_tables;
@@ -280,7 +277,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
      - same as current user
      - current user has SUPER_ACL
  */
-  if (definer_check_is_needed &&
+  if (lex->definer &&
      (strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 ||
       my_strcasecmp(system_charset_info,
                     lex->definer->host.str,

--- a/tests/mysql_client_test.c
+++ b/tests/mysql_client_test.c
@@ -15999,7 +15999,7 @@ static void test_bug21635()
  char *query_end;
  MYSQL_RES *result;
  MYSQL_FIELD *field;
-  unsigned int field_count, i;
+  unsigned int field_count, i, j;
  int rc;

  DBUG_ENTER("test_bug21635");
@@ -16015,14 +16015,20 @@ static void test_bug21635()
  myquery(rc);
  rc= mysql_query(mysql, "CREATE TABLE t1 (i INT)");
  myquery(rc);
-  rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)");
-  myquery(rc);
+  /*
+    We need this loop to ensure correct behavior with both constant and
+    non-constant tables.
+  */
+  for (j= 0; j < 2 ; j++)
+  {
+    rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)");
+    myquery(rc);

-  rc= mysql_real_query(mysql, query, query_end - query);
-  myquery(rc);
+    rc= mysql_real_query(mysql, query, query_end - query);
+    myquery(rc);

-  result= mysql_use_result(mysql);
-  DIE_UNLESS(result);
+    result= mysql_use_result(mysql);
+    DIE_UNLESS(result);

  field_count= mysql_field_count(mysql);
  for (i= 0; i < field_count; ++i)
@@ -16038,7 +16044,8 @@ static void test_bug21635()
      puts("OK");
  }

-  mysql_free_result(result);
+    mysql_free_result(result);
+  }
  rc= mysql_query(mysql, "DROP TABLE t1");
  myquery(rc);