Bug #23675 Partitions: possible security breach via alter

now we return different error message if user doesn't have
SELECT grants
parent 45fb6c90
...@@ -19,7 +19,16 @@ revoke alter on mysqltest_1.* from mysqltest_1@localhost; ...@@ -19,7 +19,16 @@ revoke alter on mysqltest_1.* from mysqltest_1@localhost;
alter table t1 drop partition p3; alter table t1 drop partition p3;
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1' ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost; revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
drop user mysqltest_1@localhost;
drop table t1; drop table t1;
create table t1 (s1 int);
insert into t1 values (1);
grant alter on mysqltest_1.* to mysqltest_1@localhost;
alter table t1 partition by list (s1) (partition p1 values in (2));
ERROR HY000: Table has no partition for some existing values
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
alter table t1 partition by list (s1) (partition p1 values in (2));
ERROR HY000: Table has no partition for value 1
drop table t1;
drop user mysqltest_1@localhost;
drop schema mysqltest_1; drop schema mysqltest_1;
End of 5.1 tests End of 5.1 tests
...@@ -52,8 +52,30 @@ disconnect conn3; ...@@ -52,8 +52,30 @@ disconnect conn3;
connection default; connection default;
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost; revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
drop user mysqltest_1@localhost;
drop table t1; drop table t1;
#
# Bug #23675 Partitions: possible security breach via alter
#
create table t1 (s1 int);
insert into t1 values (1);
grant alter on mysqltest_1.* to mysqltest_1@localhost;
connect (conn4,localhost,mysqltest_1,,mysqltest_1);
connection conn4;
--error 1514
alter table t1 partition by list (s1) (partition p1 values in (2));
connection default;
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
disconnect conn4;
connect (conn5,localhost,mysqltest_1,,mysqltest_1);
--error 1514
alter table t1 partition by list (s1) (partition p1 values in (2));
disconnect conn5;
connection default;
drop table t1;
drop user mysqltest_1@localhost;
drop schema mysqltest_1; drop schema mysqltest_1;
--echo End of 5.1 tests --echo End of 5.1 tests
...@@ -598,7 +598,7 @@ class THD; ...@@ -598,7 +598,7 @@ class THD;
void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0); void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables); bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables);
bool check_single_table_access(THD *thd, ulong privilege, bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables); TABLE_LIST *tables, bool no_errors);
bool check_routine_access(THD *thd,ulong want_access,char *db,char *name, bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
bool is_proc, bool no_errors); bool is_proc, bool no_errors);
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table); bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
......
...@@ -849,8 +849,19 @@ void partition_info::print_no_partition_found(TABLE *table) ...@@ -849,8 +849,19 @@ void partition_info::print_no_partition_found(TABLE *table)
{ {
char buf[100]; char buf[100];
char *buf_ptr= (char*)&buf; char *buf_ptr= (char*)&buf;
my_bitmap_map *old_map= dbug_tmp_use_all_columns(table, table->read_set); TABLE_LIST table_list;
bzero(&table_list, sizeof(table_list));
table_list.db= table->s->db.str;
table_list.table_name= table->s->table_name.str;
if (check_single_table_access(current_thd,
SELECT_ACL, &table_list, TRUE))
my_message(ER_NO_PARTITION_FOR_GIVEN_VALUE,
ER(ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT), MYF(0));
else
{
my_bitmap_map *old_map= dbug_tmp_use_all_columns(table, table->read_set);
if (part_expr->null_value) if (part_expr->null_value)
buf_ptr= (char*)"NULL"; buf_ptr= (char*)"NULL";
else else
...@@ -858,6 +869,7 @@ void partition_info::print_no_partition_found(TABLE *table) ...@@ -858,6 +869,7 @@ void partition_info::print_no_partition_found(TABLE *table)
part_expr->unsigned_flag ? 10 : -10); part_expr->unsigned_flag ? 10 : -10);
my_error(ER_NO_PARTITION_FOR_GIVEN_VALUE, MYF(0), buf_ptr); my_error(ER_NO_PARTITION_FOR_GIVEN_VALUE, MYF(0), buf_ptr);
dbug_tmp_restore_column_map(table->read_set, old_map); dbug_tmp_restore_column_map(table->read_set, old_map);
}
} }
/* /*
Set up buffers and arrays for fields requiring preparation Set up buffers and arrays for fields requiring preparation
......
...@@ -6053,3 +6053,5 @@ ER_DUP_ENTRY_WITH_KEY_NAME 23000 S1009 ...@@ -6053,3 +6053,5 @@ ER_DUP_ENTRY_WITH_KEY_NAME 23000 S1009
ER_BINLOG_PURGE_EMFILE ER_BINLOG_PURGE_EMFILE
eng "Too many files opened, please execute the command again" eng "Too many files opened, please execute the command again"
ger "Zu viele offene Dateien, bitte fhren Sie den Befehl noch einmal aus" ger "Zu viele offene Dateien, bitte fhren Sie den Befehl noch einmal aus"
ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT
eng "Table has no partition for some existing values"
...@@ -5781,7 +5781,7 @@ bool setup_tables_and_check_access(THD *thd, ...@@ -5781,7 +5781,7 @@ bool setup_tables_and_check_access(THD *thd,
{ {
if (leaves_tmp->belong_to_view && if (leaves_tmp->belong_to_view &&
check_single_table_access(thd, first_table ? want_access_first : check_single_table_access(thd, first_table ? want_access_first :
want_access, leaves_tmp)) want_access, leaves_tmp, FALSE))
{ {
tables->hide_view_error(thd); tables->hide_view_error(thd);
return TRUE; return TRUE;
......
...@@ -4433,6 +4433,8 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables) ...@@ -4433,6 +4433,8 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
thd Thread handler thd Thread handler
privilege requested privilege privilege requested privilege
all_tables global table list of query all_tables global table list of query
no_errors FALSE/TRUE - report/don't report error to
the client (using my_error() call).
RETURN RETURN
0 - OK 0 - OK
...@@ -4440,7 +4442,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables) ...@@ -4440,7 +4442,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
*/ */
bool check_single_table_access(THD *thd, ulong privilege, bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *all_tables) TABLE_LIST *all_tables, bool no_errors)
{ {
Security_context * backup_ctx= thd->security_ctx; Security_context * backup_ctx= thd->security_ctx;
...@@ -4456,12 +4458,12 @@ bool check_single_table_access(THD *thd, ulong privilege, ...@@ -4456,12 +4458,12 @@ bool check_single_table_access(THD *thd, ulong privilege,
db_name= all_tables->db; db_name= all_tables->db;
if (check_access(thd, privilege, db_name, if (check_access(thd, privilege, db_name,
&all_tables->grant.privilege, 0, 0, &all_tables->grant.privilege, 0, no_errors,
test(all_tables->schema_table))) test(all_tables->schema_table)))
goto deny; goto deny;
/* Show only 1 table for check_grant */ /* Show only 1 table for check_grant */
if (grant_option && check_grant(thd, privilege, all_tables, 0, 1, 0)) if (grant_option && check_grant(thd, privilege, all_tables, 0, 1, no_errors))
goto deny; goto deny;
thd->security_ctx= backup_ctx; thd->security_ctx= backup_ctx;
...@@ -4489,7 +4491,7 @@ deny: ...@@ -4489,7 +4491,7 @@ deny:
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables) bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
{ {
if (check_single_table_access (thd,privilege,all_tables)) if (check_single_table_access (thd,privilege,all_tables, FALSE))
return 1; return 1;
/* Check rights on tables of subselects and implictly opened tables */ /* Check rights on tables of subselects and implictly opened tables */
...@@ -4502,7 +4504,7 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables) ...@@ -4502,7 +4504,7 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
*/ */
if (view && subselects_tables->belong_to_view == view) if (view && subselects_tables->belong_to_view == view)
{ {
if (check_single_table_access (thd, privilege, subselects_tables)) if (check_single_table_access (thd, privilege, subselects_tables, FALSE))
return 1; return 1;
subselects_tables= subselects_tables->next_global; subselects_tables= subselects_tables->next_global;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment