Commit 0efc5005 authored by Sergey Glukhov's avatar Sergey Glukhov

Bug#41456 SET PASSWORD hates CURRENT_USER()

init user->user struct with 
thd->security_ctx->priv_user context
if user->user is not initializied

mysql-test/r/grant.result:
  test result
mysql-test/t/grant.test:
  test case
sql/set_var.cc:
  init user->user struct with 
  thd->security_ctx->priv_user context
  if user->user is not initializied
parent 9c7f798a
...@@ -1151,4 +1151,9 @@ drop user 'greg'@'localhost'; ...@@ -1151,4 +1151,9 @@ drop user 'greg'@'localhost';
drop view v1; drop view v1;
drop table test; drop table test;
drop function test_function; drop function test_function;
SELECT CURRENT_USER();
CURRENT_USER()
root@localhost
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
End of 5.0 tests End of 5.0 tests
...@@ -1175,4 +1175,11 @@ drop view v1; ...@@ -1175,4 +1175,11 @@ drop view v1;
drop table test; drop table test;
drop function test_function; drop function test_function;
#
# Bug#41456 SET PASSWORD hates CURRENT_USER()
#
SELECT CURRENT_USER();
SET PASSWORD FOR CURRENT_USER() = PASSWORD("admin");
SET PASSWORD FOR CURRENT_USER() = PASSWORD("");
--echo End of 5.0 tests --echo End of 5.0 tests
...@@ -3475,6 +3475,7 @@ int set_var_password::check(THD *thd) ...@@ -3475,6 +3475,7 @@ int set_var_password::check(THD *thd)
#ifndef NO_EMBEDDED_ACCESS_CHECKS #ifndef NO_EMBEDDED_ACCESS_CHECKS
if (!user->host.str) if (!user->host.str)
{ {
DBUG_ASSERT(thd->security_ctx->priv_host);
if (*thd->security_ctx->priv_host != 0) if (*thd->security_ctx->priv_host != 0)
{ {
user->host.str= (char *) thd->security_ctx->priv_host; user->host.str= (char *) thd->security_ctx->priv_host;
...@@ -3486,6 +3487,12 @@ int set_var_password::check(THD *thd) ...@@ -3486,6 +3487,12 @@ int set_var_password::check(THD *thd)
user->host.length= 1; user->host.length= 1;
} }
} }
if (!user->user.str)
{
DBUG_ASSERT(thd->security_ctx->priv_user);
user->user.str= (char *) thd->security_ctx->priv_user;
user->user.length= strlen(thd->security_ctx->priv_user);
}
/* Returns 1 as the function sends error to client */ /* Returns 1 as the function sends error to client */
return check_change_password(thd, user->host.str, user->user.str, return check_change_password(thd, user->host.str, user->user.str,
password, strlen(password)) ? 1 : 0; password, strlen(password)) ? 1 : 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment