Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
f65b42dc
Commit
f65b42dc
authored
Apr 04, 2007
by
holyfoot/hf@hfmain.(none)
Browse files
Options
Browse Files
Download
Plain Diff
Merge mysql.com:/home/hf/work/23675/my51-23675
into mysql.com:/home/hf/work/my_mrg/my51-my_mrg
parents
8c18c3ea
f55ab9ef
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
63 additions
and
16 deletions
+63
-16
mysql-test/r/partition_grant.result
mysql-test/r/partition_grant.result
+10
-1
mysql-test/t/partition_grant.test
mysql-test/t/partition_grant.test
+23
-1
sql/mysql_priv.h
sql/mysql_priv.h
+1
-1
sql/partition_info.cc
sql/partition_info.cc
+19
-7
sql/share/errmsg.txt
sql/share/errmsg.txt
+2
-0
sql/sql_base.cc
sql/sql_base.cc
+1
-1
sql/sql_parse.cc
sql/sql_parse.cc
+7
-5
No files found.
mysql-test/r/partition_grant.result
View file @
f65b42dc
...
@@ -19,7 +19,16 @@ revoke alter on mysqltest_1.* from mysqltest_1@localhost;
...
@@ -19,7 +19,16 @@ revoke alter on mysqltest_1.* from mysqltest_1@localhost;
alter table t1 drop partition p3;
alter table t1 drop partition p3;
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
ERROR 42000: ALTER command denied to user 'mysqltest_1'@'localhost' for table 't1'
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
drop user mysqltest_1@localhost;
drop table t1;
drop table t1;
create table t1 (s1 int);
insert into t1 values (1);
grant alter on mysqltest_1.* to mysqltest_1@localhost;
alter table t1 partition by list (s1) (partition p1 values in (2));
ERROR HY000: Table has no partition for some existing values
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
alter table t1 partition by list (s1) (partition p1 values in (2));
ERROR HY000: Table has no partition for value 1
drop table t1;
drop user mysqltest_1@localhost;
drop schema mysqltest_1;
drop schema mysqltest_1;
End of 5.1 tests
End of 5.1 tests
mysql-test/t/partition_grant.test
View file @
f65b42dc
...
@@ -52,8 +52,30 @@ disconnect conn3;
...
@@ -52,8 +52,30 @@ disconnect conn3;
connection
default
;
connection
default
;
revoke
select
,
alter
,
drop
on
mysqltest_1
.*
from
mysqltest_1
@
localhost
;
revoke
select
,
alter
,
drop
on
mysqltest_1
.*
from
mysqltest_1
@
localhost
;
drop
user
mysqltest_1
@
localhost
;
drop
table
t1
;
drop
table
t1
;
#
# Bug #23675 Partitions: possible security breach via alter
#
create
table
t1
(
s1
int
);
insert
into
t1
values
(
1
);
grant
alter
on
mysqltest_1
.*
to
mysqltest_1
@
localhost
;
connect
(
conn4
,
localhost
,
mysqltest_1
,,
mysqltest_1
);
connection
conn4
;
--
error
1514
alter
table
t1
partition
by
list
(
s1
)
(
partition
p1
values
in
(
2
));
connection
default
;
grant
select
,
alter
on
mysqltest_1
.*
to
mysqltest_1
@
localhost
;
disconnect
conn4
;
connect
(
conn5
,
localhost
,
mysqltest_1
,,
mysqltest_1
);
--
error
1514
alter
table
t1
partition
by
list
(
s1
)
(
partition
p1
values
in
(
2
));
disconnect
conn5
;
connection
default
;
drop
table
t1
;
drop
user
mysqltest_1
@
localhost
;
drop
schema
mysqltest_1
;
drop
schema
mysqltest_1
;
--
echo
End
of
5.1
tests
--
echo
End
of
5.1
tests
sql/mysql_priv.h
View file @
f65b42dc
...
@@ -599,7 +599,7 @@ class THD;
...
@@ -599,7 +599,7 @@ class THD;
void
close_thread_tables
(
THD
*
thd
,
bool
locked
=
0
,
bool
skip_derived
=
0
);
void
close_thread_tables
(
THD
*
thd
,
bool
locked
=
0
,
bool
skip_derived
=
0
);
bool
check_one_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
tables
);
bool
check_one_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
tables
);
bool
check_single_table_access
(
THD
*
thd
,
ulong
privilege
,
bool
check_single_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
tables
);
TABLE_LIST
*
tables
,
bool
no_errors
);
bool
check_routine_access
(
THD
*
thd
,
ulong
want_access
,
char
*
db
,
char
*
name
,
bool
check_routine_access
(
THD
*
thd
,
ulong
want_access
,
char
*
db
,
char
*
name
,
bool
is_proc
,
bool
no_errors
);
bool
is_proc
,
bool
no_errors
);
bool
check_some_access
(
THD
*
thd
,
ulong
want_access
,
TABLE_LIST
*
table
);
bool
check_some_access
(
THD
*
thd
,
ulong
want_access
,
TABLE_LIST
*
table
);
...
...
sql/partition_info.cc
View file @
f65b42dc
...
@@ -849,8 +849,19 @@ void partition_info::print_no_partition_found(TABLE *table)
...
@@ -849,8 +849,19 @@ void partition_info::print_no_partition_found(TABLE *table)
{
{
char
buf
[
100
];
char
buf
[
100
];
char
*
buf_ptr
=
(
char
*
)
&
buf
;
char
*
buf_ptr
=
(
char
*
)
&
buf
;
my_bitmap_map
*
old_map
=
dbug_tmp_use_all_columns
(
table
,
table
->
read_set
);
TABLE_LIST
table_list
;
bzero
(
&
table_list
,
sizeof
(
table_list
));
table_list
.
db
=
table
->
s
->
db
.
str
;
table_list
.
table_name
=
table
->
s
->
table_name
.
str
;
if
(
check_single_table_access
(
current_thd
,
SELECT_ACL
,
&
table_list
,
TRUE
))
my_message
(
ER_NO_PARTITION_FOR_GIVEN_VALUE
,
ER
(
ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT
),
MYF
(
0
));
else
{
my_bitmap_map
*
old_map
=
dbug_tmp_use_all_columns
(
table
,
table
->
read_set
);
if
(
part_expr
->
null_value
)
if
(
part_expr
->
null_value
)
buf_ptr
=
(
char
*
)
"NULL"
;
buf_ptr
=
(
char
*
)
"NULL"
;
else
else
...
@@ -858,6 +869,7 @@ void partition_info::print_no_partition_found(TABLE *table)
...
@@ -858,6 +869,7 @@ void partition_info::print_no_partition_found(TABLE *table)
part_expr
->
unsigned_flag
?
10
:
-
10
);
part_expr
->
unsigned_flag
?
10
:
-
10
);
my_error
(
ER_NO_PARTITION_FOR_GIVEN_VALUE
,
MYF
(
0
),
buf_ptr
);
my_error
(
ER_NO_PARTITION_FOR_GIVEN_VALUE
,
MYF
(
0
),
buf_ptr
);
dbug_tmp_restore_column_map
(
table
->
read_set
,
old_map
);
dbug_tmp_restore_column_map
(
table
->
read_set
,
old_map
);
}
}
}
/*
/*
Set up buffers and arrays for fields requiring preparation
Set up buffers and arrays for fields requiring preparation
...
...
sql/share/errmsg.txt
View file @
f65b42dc
...
@@ -6057,3 +6057,5 @@ ER_EVENT_CANNOT_ALTER_IN_THE_PAST
...
@@ -6057,3 +6057,5 @@ ER_EVENT_CANNOT_ALTER_IN_THE_PAST
eng "Event execution time is in the past and ON COMPLETION NOT PRESERVE is set. Event has not been altered"
eng "Event execution time is in the past and ON COMPLETION NOT PRESERVE is set. Event has not been altered"
ER_SLAVE_INCIDENT
ER_SLAVE_INCIDENT
eng "The incident %s occured on the master. Message: %-.64s"
eng "The incident %s occured on the master. Message: %-.64s"
ER_NO_PARTITION_FOR_GIVEN_VALUE_SILENT
eng "Table has no partition for some existing values"
sql/sql_base.cc
View file @
f65b42dc
...
@@ -5852,7 +5852,7 @@ bool setup_tables_and_check_access(THD *thd,
...
@@ -5852,7 +5852,7 @@ bool setup_tables_and_check_access(THD *thd,
{
{
if
(
leaves_tmp
->
belong_to_view
&&
if
(
leaves_tmp
->
belong_to_view
&&
check_single_table_access
(
thd
,
first_table
?
want_access_first
:
check_single_table_access
(
thd
,
first_table
?
want_access_first
:
want_access
,
leaves_tmp
))
want_access
,
leaves_tmp
,
FALSE
))
{
{
tables
->
hide_view_error
(
thd
);
tables
->
hide_view_error
(
thd
);
return
TRUE
;
return
TRUE
;
...
...
sql/sql_parse.cc
View file @
f65b42dc
...
@@ -4452,6 +4452,8 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
...
@@ -4452,6 +4452,8 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
thd Thread handler
thd Thread handler
privilege requested privilege
privilege requested privilege
all_tables global table list of query
all_tables global table list of query
no_errors FALSE/TRUE - report/don't report error to
the client (using my_error() call).
RETURN
RETURN
0 - OK
0 - OK
...
@@ -4459,7 +4461,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
...
@@ -4459,7 +4461,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
*/
*/
bool
check_single_table_access
(
THD
*
thd
,
ulong
privilege
,
bool
check_single_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
all_tables
)
TABLE_LIST
*
all_tables
,
bool
no_errors
)
{
{
Security_context
*
backup_ctx
=
thd
->
security_ctx
;
Security_context
*
backup_ctx
=
thd
->
security_ctx
;
...
@@ -4475,12 +4477,12 @@ bool check_single_table_access(THD *thd, ulong privilege,
...
@@ -4475,12 +4477,12 @@ bool check_single_table_access(THD *thd, ulong privilege,
db_name
=
all_tables
->
db
;
db_name
=
all_tables
->
db
;
if
(
check_access
(
thd
,
privilege
,
db_name
,
if
(
check_access
(
thd
,
privilege
,
db_name
,
&
all_tables
->
grant
.
privilege
,
0
,
0
,
&
all_tables
->
grant
.
privilege
,
0
,
no_errors
,
test
(
all_tables
->
schema_table
)))
test
(
all_tables
->
schema_table
)))
goto
deny
;
goto
deny
;
/* Show only 1 table for check_grant */
/* Show only 1 table for check_grant */
if
(
grant_option
&&
check_grant
(
thd
,
privilege
,
all_tables
,
0
,
1
,
0
))
if
(
grant_option
&&
check_grant
(
thd
,
privilege
,
all_tables
,
0
,
1
,
no_errors
))
goto
deny
;
goto
deny
;
thd
->
security_ctx
=
backup_ctx
;
thd
->
security_ctx
=
backup_ctx
;
...
@@ -4508,7 +4510,7 @@ deny:
...
@@ -4508,7 +4510,7 @@ deny:
bool
check_one_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
all_tables
)
bool
check_one_table_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
all_tables
)
{
{
if
(
check_single_table_access
(
thd
,
privilege
,
all_tables
))
if
(
check_single_table_access
(
thd
,
privilege
,
all_tables
,
FALSE
))
return
1
;
return
1
;
/* Check rights on tables of subselects and implictly opened tables */
/* Check rights on tables of subselects and implictly opened tables */
...
@@ -4521,7 +4523,7 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
...
@@ -4521,7 +4523,7 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
*/
*/
if
(
view
&&
subselects_tables
->
belong_to_view
==
view
)
if
(
view
&&
subselects_tables
->
belong_to_view
==
view
)
{
{
if
(
check_single_table_access
(
thd
,
privilege
,
subselects_tables
))
if
(
check_single_table_access
(
thd
,
privilege
,
subselects_tables
,
FALSE
))
return
1
;
return
1
;
subselects_tables
=
subselects_tables
->
next_global
;
subselects_tables
=
subselects_tables
->
next_global
;
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment