Commit 65eee0be authored by Sergei Golubchik's avatar Sergei Golubchik

MDEV-5176 Server crashes in fill_schema_applicable_roles on select from...

MDEV-5176 Server crashes in fill_schema_applicable_roles on select from APPLICABLE_ROLES after a suicide

Don't assume that thd->security_ctx->priv_user is an actually existing user account
parent 7761a278
grant create user on *.* to foo@localhost;
drop user foo@localhost;
select * from information_schema.applicable_roles;
GRANTEE ROLE_NAME IS_GRANTABLE
show grants;
ERROR 42000: There is no such grant defined for user 'foo' on host 'localhost'
select current_user();
current_user()
foo@localhost
#
# MDEV-5176 Server crashes in fill_schema_applicable_roles on select from APPLICABLE_ROLES after a suicide
#
grant create user on *.* to foo@localhost;
--connect (foo,localhost,foo,,)
drop user foo@localhost;
select * from information_schema.applicable_roles;
--error ER_NONEXISTING_GRANT
show grants;
select current_user();
...@@ -9921,6 +9921,7 @@ int fill_schema_enabled_roles(THD *thd, TABLE_LIST *tables, COND *cond) ...@@ -9921,6 +9921,7 @@ int fill_schema_enabled_roles(THD *thd, TABLE_LIST *tables, COND *cond)
*/ */
int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond) int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond)
{ {
int res= 0;
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
if (initialized) if (initialized)
{ {
...@@ -9929,7 +9930,8 @@ int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond) ...@@ -9929,7 +9930,8 @@ int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond)
mysql_rwlock_rdlock(&LOCK_grant); mysql_rwlock_rdlock(&LOCK_grant);
mysql_mutex_lock(&acl_cache->lock); mysql_mutex_lock(&acl_cache->lock);
ACL_USER *user= find_user_exact(sctx->priv_host, sctx->priv_user); ACL_USER *user= find_user_exact(sctx->priv_host, sctx->priv_user);
if (user)
{
char buff[USER_HOST_BUFF_SIZE+10]; char buff[USER_HOST_BUFF_SIZE+10];
DBUG_ASSERT(user->user.length + user->hostname_length +2 < sizeof(buff)); DBUG_ASSERT(user->user.length + user->hostname_length +2 < sizeof(buff));
char *end= strxmov(buff, user->user.str, "@", user->host.hostname, NULL); char *end= strxmov(buff, user->user.str, "@", user->host.hostname, NULL);
...@@ -9938,16 +9940,15 @@ int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond) ...@@ -9938,16 +9940,15 @@ int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond)
{ buff, (size_t)(end - buff) }, user { buff, (size_t)(end - buff) }, user
}; };
int res= traverse_role_graph_down(user, &data, 0, applicable_roles_insert); res= traverse_role_graph_down(user, &data, 0, applicable_roles_insert);
}
mysql_mutex_unlock(&acl_cache->lock); mysql_mutex_unlock(&acl_cache->lock);
mysql_rwlock_unlock(&LOCK_grant); mysql_rwlock_unlock(&LOCK_grant);
return res;
} }
#endif #endif
return 0; return res;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment