Commit 40affabb authored by unknown's avatar unknown

merge 5.0-opt -> 5.1-opt


mysql-test/r/func_math.result:
  Auto merged
mysql-test/t/func_math.test:
  Auto merged
mysql-test/t/view_grant.test:
  Auto merged
sql/item_func.cc:
  Auto merged
sql/sql_select.cc:
  Auto merged
sql/sql_view.cc:
  Auto merged
parents cff94452 5d04190d
...@@ -372,25 +372,17 @@ pow(cast(-2 as unsigned), 5) pow(18446744073709551614, 5) pow(-2, 5) ...@@ -372,25 +372,17 @@ pow(cast(-2 as unsigned), 5) pow(18446744073709551614, 5) pow(-2, 5)
CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1)); CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1));
INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0); INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0);
SELECT a DIV 900 y FROM t1 GROUP BY y; SELECT a DIV 900 y FROM t1 GROUP BY y;
Catalog Database Table Table_alias Column Column_alias Type Length Max length Is_null Flags Decimals Charsetnr
def y y 8 19 11 Y 32800 0 63
y y
22201025555 22201025555
22255916666 22255916666
SELECT DISTINCT a DIV 900 y FROM t1; SELECT DISTINCT a DIV 900 y FROM t1;
Catalog Database Table Table_alias Column Column_alias Type Length Max length Is_null Flags Decimals Charsetnr
def y y 8 19 11 Y 32800 0 63
y y
22201025555 22201025555
22255916666 22255916666
SELECT b DIV 900 y FROM t1 GROUP BY y; SELECT b DIV 900 y FROM t1 GROUP BY y;
Catalog Database Table Table_alias Column Column_alias Type Length Max length Is_null Flags Decimals Charsetnr
def y y 8 20 1 Y 32768 0 63
y y
0 0
SELECT c DIV 900 y FROM t1 GROUP BY y; SELECT c DIV 900 y FROM t1 GROUP BY y;
Catalog Database Table Table_alias Column Column_alias Type Length Max length Is_null Flags Decimals Charsetnr
def y y 3 1 1 Y 32800 0 63
y y
0 0
DROP TABLE t1; DROP TABLE t1;
......
...@@ -778,15 +778,60 @@ GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost; ...@@ -778,15 +778,60 @@ GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost; GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
GRANT SELECT ON db26813.t1 TO u26813@localhost; GRANT SELECT ON db26813.t1 TO u26813@localhost;
ALTER VIEW v1 AS SELECT f2 FROM t1; ALTER VIEW v1 AS SELECT f2 FROM t1;
ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1' ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v2 AS SELECT f2 FROM t1; ALTER VIEW v2 AS SELECT f2 FROM t1;
ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2' ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v3 AS SELECT f2 FROM t1; ALTER VIEW v3 AS SELECT f2 FROM t1;
ERROR 42000: Access denied; you need the SUPER privilege for this operation
SHOW CREATE VIEW v3; SHOW CREATE VIEW v3;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1` latin1 latin1_swedish_ci v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1` latin1 latin1_swedish_ci
DROP USER u26813@localhost; DROP USER u26813@localhost;
DROP DATABASE db26813; DROP DATABASE db26813;
#
# Bug#29908: A user can gain additional access through the ALTER VIEW.
#
CREATE DATABASE mysqltest_29908;
USE mysqltest_29908;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE USER u29908_1@localhost;
CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
SELECT f1 FROM t1;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
CREATE USER u29908_2@localhost;
GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
ALTER VIEW v1 AS SELECT f2 FROM t1;
ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v2 AS SELECT f2 FROM t1;
ERROR 42000: Access denied; you need the SUPER privilege for this operation
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
ALTER VIEW v1 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v1;
View Create View
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1`
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`
ALTER VIEW v1 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v1;
View Create View
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1`
ALTER VIEW v2 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
DROP USER u29908_1@localhost;
DROP USER u29908_2@localhost;
DROP DATABASE mysqltest_29908;
#######################################################################
DROP DATABASE IF EXISTS mysqltest1; DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest2; DROP DATABASE IF EXISTS mysqltest2;
CREATE DATABASE mysqltest1; CREATE DATABASE mysqltest1;
......
...@@ -230,12 +230,10 @@ select pow(cast(-2 as unsigned), 5), pow(18446744073709551614, 5), pow(-2, 5); ...@@ -230,12 +230,10 @@ select pow(cast(-2 as unsigned), 5), pow(18446744073709551614, 5), pow(-2, 5);
CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1)); CREATE TABLE t1 (a timestamp, b varchar(20), c bit(1));
INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0); INSERT INTO t1 VALUES('1998-09-23', 'str1', 1), ('2003-03-25', 'str2', 0);
--enable_metadata
SELECT a DIV 900 y FROM t1 GROUP BY y; SELECT a DIV 900 y FROM t1 GROUP BY y;
SELECT DISTINCT a DIV 900 y FROM t1; SELECT DISTINCT a DIV 900 y FROM t1;
SELECT b DIV 900 y FROM t1 GROUP BY y; SELECT b DIV 900 y FROM t1 GROUP BY y;
SELECT c DIV 900 y FROM t1 GROUP BY y; SELECT c DIV 900 y FROM t1 GROUP BY y;
--disable_metadata
DROP TABLE t1; DROP TABLE t1;
CREATE TABLE t1(a LONGBLOB); CREATE TABLE t1(a LONGBLOB);
......
...@@ -1040,10 +1040,11 @@ GRANT SELECT ON db26813.t1 TO u26813@localhost; ...@@ -1040,10 +1040,11 @@ GRANT SELECT ON db26813.t1 TO u26813@localhost;
connect (u1,localhost,u26813,,db26813); connect (u1,localhost,u26813,,db26813);
connection u1; connection u1;
--error 1142 --error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v1 AS SELECT f2 FROM t1; ALTER VIEW v1 AS SELECT f2 FROM t1;
--error 1142 --error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v2 AS SELECT f2 FROM t1; ALTER VIEW v2 AS SELECT f2 FROM t1;
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v3 AS SELECT f2 FROM t1; ALTER VIEW v3 AS SELECT f2 FROM t1;
connection root; connection root;
...@@ -1053,6 +1054,51 @@ DROP USER u26813@localhost; ...@@ -1053,6 +1054,51 @@ DROP USER u26813@localhost;
DROP DATABASE db26813; DROP DATABASE db26813;
disconnect u1; disconnect u1;
--echo #
--echo # Bug#29908: A user can gain additional access through the ALTER VIEW.
--echo #
connection root;
CREATE DATABASE mysqltest_29908;
USE mysqltest_29908;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE USER u29908_1@localhost;
CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
SELECT f1 FROM t1;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
CREATE USER u29908_2@localhost;
GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
connect (u2,localhost,u29908_2,,mysqltest_29908);
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v1 AS SELECT f2 FROM t1;
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
connect (u1,localhost,u29908_1,,mysqltest_29908);
ALTER VIEW v1 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v1;
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
connection root;
ALTER VIEW v1 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v1;
ALTER VIEW v2 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v2;
DROP USER u29908_1@localhost;
DROP USER u29908_2@localhost;
DROP DATABASE mysqltest_29908;
disconnect u1;
disconnect u2;
--echo #######################################################################
# #
# BUG#24040: Create View don't succed with "all privileges" on a database. # BUG#24040: Create View don't succed with "all privileges" on a database.
# #
......
...@@ -1457,15 +1457,24 @@ void Field_num::add_zerofill_and_unsigned(String &res) const ...@@ -1457,15 +1457,24 @@ void Field_num::add_zerofill_and_unsigned(String &res) const
void Field::make_field(Send_field *field) void Field::make_field(Send_field *field)
{ {
if (orig_table->s->db.str && *orig_table->s->db.str) if (orig_table && orig_table->s->db.str && *orig_table->s->db.str)
{ {
field->db_name= orig_table->s->db.str; field->db_name= orig_table->s->db.str;
field->org_table_name= orig_table->s->table_name.str; field->org_table_name= orig_table->s->table_name.str;
} }
else else
field->org_table_name= field->db_name= ""; field->org_table_name= field->db_name= "";
field->table_name= orig_table->alias; if (orig_table)
field->col_name= field->org_col_name= field_name; {
field->table_name= orig_table->alias;
field->org_col_name= field_name;
}
else
{
field->table_name= "";
field->org_col_name= "";
}
field->col_name= field_name;
field->charsetnr= charset()->number; field->charsetnr= charset()->number;
field->length=field_length; field->length=field_length;
field->type=type(); field->type=type();
......
...@@ -14800,6 +14800,9 @@ change_to_use_tmp_fields(THD *thd, Item **ref_pointer_array, ...@@ -14800,6 +14800,9 @@ change_to_use_tmp_fields(THD *thd, Item **ref_pointer_array,
item_field= (Item*) new Item_field(field); item_field= (Item*) new Item_field(field);
if (!item_field) if (!item_field)
DBUG_RETURN(TRUE); // Fatal error DBUG_RETURN(TRUE); // Fatal error
if (item->real_item()->type() != Item::FIELD_ITEM)
field->orig_table= 0;
item_field->name= item->name; item_field->name= item->name;
if (item->type() == Item::REF_ITEM) if (item->type() == Item::REF_ITEM)
{ {
......
...@@ -223,9 +223,6 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, ...@@ -223,9 +223,6 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
{ {
LEX *lex= thd->lex; LEX *lex= thd->lex;
bool link_to_local; bool link_to_local;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
bool definer_check_is_needed= mode != VIEW_ALTER || lex->definer;
#endif
/* first table in list is target VIEW name => cut off it */ /* first table in list is target VIEW name => cut off it */
TABLE_LIST *view= lex->unlink_first_table(&link_to_local); TABLE_LIST *view= lex->unlink_first_table(&link_to_local);
TABLE_LIST *tables= lex->query_tables; TABLE_LIST *tables= lex->query_tables;
...@@ -280,7 +277,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, ...@@ -280,7 +277,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
- same as current user - same as current user
- current user has SUPER_ACL - current user has SUPER_ACL
*/ */
if (definer_check_is_needed && if (lex->definer &&
(strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 || (strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 ||
my_strcasecmp(system_charset_info, my_strcasecmp(system_charset_info,
lex->definer->host.str, lex->definer->host.str,
......
...@@ -15999,7 +15999,7 @@ static void test_bug21635() ...@@ -15999,7 +15999,7 @@ static void test_bug21635()
char *query_end; char *query_end;
MYSQL_RES *result; MYSQL_RES *result;
MYSQL_FIELD *field; MYSQL_FIELD *field;
unsigned int field_count, i; unsigned int field_count, i, j;
int rc; int rc;
DBUG_ENTER("test_bug21635"); DBUG_ENTER("test_bug21635");
...@@ -16015,14 +16015,20 @@ static void test_bug21635() ...@@ -16015,14 +16015,20 @@ static void test_bug21635()
myquery(rc); myquery(rc);
rc= mysql_query(mysql, "CREATE TABLE t1 (i INT)"); rc= mysql_query(mysql, "CREATE TABLE t1 (i INT)");
myquery(rc); myquery(rc);
rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)"); /*
myquery(rc); We need this loop to ensure correct behavior with both constant and
non-constant tables.
*/
for (j= 0; j < 2 ; j++)
{
rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)");
myquery(rc);
rc= mysql_real_query(mysql, query, query_end - query); rc= mysql_real_query(mysql, query, query_end - query);
myquery(rc); myquery(rc);
result= mysql_use_result(mysql); result= mysql_use_result(mysql);
DIE_UNLESS(result); DIE_UNLESS(result);
field_count= mysql_field_count(mysql); field_count= mysql_field_count(mysql);
for (i= 0; i < field_count; ++i) for (i= 0; i < field_count; ++i)
...@@ -16038,7 +16044,8 @@ static void test_bug21635() ...@@ -16038,7 +16044,8 @@ static void test_bug21635()
puts("OK"); puts("OK");
} }
mysql_free_result(result); mysql_free_result(result);
}
rc= mysql_query(mysql, "DROP TABLE t1"); rc= mysql_query(mysql, "DROP TABLE t1");
myquery(rc); myquery(rc);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment