Commit 005f91d2 authored by Jon Olav Hauglid's avatar Jon Olav Hauglid

Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE

             DEFINITION OF ANY ROUTINE.

This follow-up patch removes SHOW PROCEDURE CODE from the test
case as this command is only available on debug versions of the
server and therefore caused the test to fail on release builds.
parent 108ad9e4
...@@ -586,11 +586,9 @@ CREATE PROCEDURE db1.p1() SELECT 1; ...@@ -586,11 +586,9 @@ CREATE PROCEDURE db1.p1() SELECT 1;
CREATE USER user2@localhost IDENTIFIED BY ''; CREATE USER user2@localhost IDENTIFIED BY '';
GRANT SELECT(db) ON mysql.proc TO user2@localhost; GRANT SELECT(db) ON mysql.proc TO user2@localhost;
# Connection con2 as user2 # Connection con2 as user2
# The below statements before disclosed info from body_utf8 column. # The statement below before disclosed info from body_utf8 column.
SHOW CREATE PROCEDURE db1.p1; SHOW CREATE PROCEDURE db1.p1;
ERROR 42000: PROCEDURE p1 does not exist ERROR 42000: PROCEDURE p1 does not exist
SHOW PROCEDURE CODE db1.p1;
ERROR 42000: PROCEDURE p1 does not exist
# Check that SHOW works with SELECT grant on whole table # Check that SHOW works with SELECT grant on whole table
# Connection default # Connection default
GRANT SELECT ON mysql.proc TO user2@localhost; GRANT SELECT ON mysql.proc TO user2@localhost;
...@@ -600,9 +598,6 @@ SHOW CREATE PROCEDURE db1.p1; ...@@ -600,9 +598,6 @@ SHOW CREATE PROCEDURE db1.p1;
Procedure sql_mode Create Procedure Procedure sql_mode Create Procedure
p1 CREATE DEFINER=`root`@`localhost` PROCEDURE `p1`() p1 CREATE DEFINER=`root`@`localhost` PROCEDURE `p1`()
SELECT 1 SELECT 1
SHOW PROCEDURE CODE db1.p1;
Pos Instruction
0 stmt 0 "SELECT 1"
# Connection default # Connection default
DROP USER user2@localhost; DROP USER user2@localhost;
DROP DATABASE db1; DROP DATABASE db1;
...@@ -966,11 +966,9 @@ GRANT SELECT(db) ON mysql.proc TO user2@localhost; ...@@ -966,11 +966,9 @@ GRANT SELECT(db) ON mysql.proc TO user2@localhost;
--echo # Connection con2 as user2 --echo # Connection con2 as user2
connect (con2, localhost, user2); connect (con2, localhost, user2);
--echo # The below statements before disclosed info from body_utf8 column. --echo # The statement below before disclosed info from body_utf8 column.
--error ER_SP_DOES_NOT_EXIST --error ER_SP_DOES_NOT_EXIST
SHOW CREATE PROCEDURE db1.p1; SHOW CREATE PROCEDURE db1.p1;
--error ER_SP_DOES_NOT_EXIST
SHOW PROCEDURE CODE db1.p1;
--echo # Check that SHOW works with SELECT grant on whole table --echo # Check that SHOW works with SELECT grant on whole table
--echo # Connection default --echo # Connection default
...@@ -981,7 +979,6 @@ GRANT SELECT ON mysql.proc TO user2@localhost; ...@@ -981,7 +979,6 @@ GRANT SELECT ON mysql.proc TO user2@localhost;
connection con2; connection con2;
--echo # This should work --echo # This should work
SHOW CREATE PROCEDURE db1.p1; SHOW CREATE PROCEDURE db1.p1;
SHOW PROCEDURE CODE db1.p1;
--echo # Connection default --echo # Connection default
connection default; connection default;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment