Bug#24988 FLUSH PRIVILEGES causes brief unavailability

- A race condition caused brief unavailablility when trying to acccess a table. - The variable 'grant_option' was removed to resolve the race condition and to simplify the design pattern. This flag was originally intended to optimize grant checks. sql/mysql_priv.h: - removed 'grant_option' flag. sql/sql_acl.cc: - removed 'grant_option' flag. sql/sql_db.cc: - removed 'grant_option' flag. sql/sql_insert.cc: - removed 'grant_option' flag. sql/sql_parse.cc: - removed 'grant_option' flag. - removed unnecessary variables found_access, found sql/sql_show.cc: - removed 'grant_option' flag. sql/sql_update.cc: - removed 'grant_option' flag. sql/sql_view.cc: - removed 'grant_option' flag.

Bug#24988 FLUSH PRIVILEGES causes brief unavailability
- A race condition caused brief unavailablility when trying to acccess a table. - The variable 'grant_option' was removed to resolve the race condition and to simplify the design pattern. This flag was originally intended to optimize grant checks. sql/mysql_priv.h: - removed 'grant_option' flag. sql/sql_acl.cc: - removed 'grant_option' flag. sql/sql_db.cc: - removed 'grant_option' flag. sql/sql_insert.cc: - removed 'grant_option' flag. sql/sql_parse.cc: - removed 'grant_option' flag. - removed unnecessary variables found_access, found sql/sql_show.cc: - removed 'grant_option' flag. sql/sql_update.cc: - removed 'grant_option' flag. sql/sql_view.cc: - removed 'grant_option' flag.
416122b2 · unknown · 2c06c07a · 416122b2 · 416122b2 · 416122b2
Commit 416122b2 authored May 28, 2007 by unknown
8 changed files
--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@@ -1678,7 +1678,7 @@ extern ulong log_output_options;
 extern my_bool opt_log_queries_not_using_indexes;
 extern bool opt_disable_networking, opt_skip_show_db;
 extern my_bool opt_character_set_client_handshake;
-extern bool volatile abort_loop, shutdown_in_progress, grant_option;
+extern bool volatile abort_loop, shutdown_in_progress;
 extern uint volatile thread_count, thread_running, global_read_lock;
 extern my_bool opt_sql_bin_update, opt_safe_user_create, opt_no_mix_types;
 extern my_bool opt_safe_show_db, opt_local_infile, opt_myisam_use_mmap;

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3136,7 +3136,6 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
      }
    }
  }
  thd->mem_root= old_root;
  pthread_mutex_unlock(&acl_cache->lock);
@@ -3310,7 +3309,6 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc,
      continue;
    }
  }
  thd->mem_root= old_root;
  pthread_mutex_unlock(&acl_cache->lock);
  if (!result && !no_error)
@@ -3458,7 +3456,6 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
 void  grant_free(void)
 {
  DBUG_ENTER("grant_free");
-  grant_option = FALSE;
  hash_free(&column_priv_hash);
  hash_free(&proc_priv_hash);
  hash_free(&func_priv_hash);
@@ -3493,8 +3490,6 @@ my_bool grant_init()
  delete thd;
  /* Remember that we don't have a THD */
  my_pthread_setspecific_ptr(THR_THD,  0);
-  /* Set the grant option flag so we will check grants */
-  grant_option= TRUE;
  DBUG_RETURN(return_val);
 }
@@ -3553,7 +3548,6 @@ static my_bool grant_load(TABLE_LIST *tables)
      if (!(mem_check=new (memex_ptr) GRANT_TABLE(t_table,c_table)))
      {
 	/* This could only happen if we are out memory */
-	grant_option= FALSE;
 	goto end_unlock;
      }
@@ -3576,7 +3570,6 @@ static my_bool grant_load(TABLE_LIST *tables)
      else if (my_hash_insert(&column_priv_hash,(byte*) mem_check))
      {
 	delete mem_check;
-	grant_option= FALSE;
 	goto end_unlock;
      }
    }
@@ -3593,7 +3586,6 @@ static my_bool grant_load(TABLE_LIST *tables)
      if (!(mem_check=new (&memex) GRANT_NAME(p_table)))
      {
 	/* This could only happen if we are out memory */
-	grant_option= FALSE;
 	goto end_unlock;
      }
@@ -3632,7 +3624,6 @@ static my_bool grant_load(TABLE_LIST *tables)
      else if (my_hash_insert(hash, (byte*) mem_check))
      {
 	delete mem_check;
-	grant_option= FALSE;
 	goto end_unlock;
      }
    }
@@ -4004,8 +3995,6 @@ bool check_grant_all_columns(THD *thd, ulong want_access, GRANT_INFO *grant,
  want_access &= ~grant->privilege;
  if (!want_access)
    return 0;				// Already checked
-  if (!grant_option)
-    goto err2;
  rw_rdlock(&LOCK_grant);
@@ -4195,18 +4184,15 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
                             bool is_proc)
 {
  bool no_routine_acl= 1;
-  if (grant_option)
+  GRANT_NAME *grant_proc;
-  {
+  Security_context *sctx= thd->security_ctx;
-    GRANT_NAME *grant_proc;
+  rw_rdlock(&LOCK_grant);
-    Security_context *sctx= thd->security_ctx;
+  if ((grant_proc= routine_hash_search(sctx->priv_host,
-    rw_rdlock(&LOCK_grant);
+                                       sctx->ip, db,
-    if ((grant_proc= routine_hash_search(sctx->priv_host,
+                                       sctx->priv_user,
-                                         sctx->ip, db,
+                                       name, is_proc, 0)))
-                                         sctx->priv_user,
+    no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
-                                         name, is_proc, 0)))
+  rw_unlock(&LOCK_grant);
-      no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
-    rw_unlock(&LOCK_grant);
-  }
  return no_routine_acl;
 }
@@ -6400,12 +6386,6 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
  /* db privileges */
  grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
-  if (!grant_option)
-  {
-    DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
-    DBUG_VOID_RETURN;
-  }
  /* table privileges */
  rw_rdlock(&LOCK_grant);
  if (grant->version != grant_version)

--- a/sql/sql_db.cc
+++ b/sql/sql_db.cc
@@ -1448,7 +1448,7 @@ bool mysql_change_db(THD *thd, const LEX_STRING *new_db_name, bool force_switch)
  if (!force_switch &&
      !(db_access & DB_ACLS) &&
-      (!grant_option || check_grant_db(thd, new_db_file_name.str)))
+      check_grant_db(thd, new_db_file_name.str))
  {
    my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
             sctx->priv_user,

--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -189,15 +189,12 @@ static int check_insert_fields(THD *thd, TABLE_LIST *table_list,
      return -1;
    }
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-    if (grant_option)
+    Field_iterator_table field_it;
-    {
+    field_it.set_table(table);
-      Field_iterator_table field_it;
+    if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
-      field_it.set_table(table);
+                                table->s->db.str, table->s->table_name.str,
-      if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
+                                &field_it))
-                                  table->s->db.str, table->s->table_name.str,
+      return -1;
-                                  &field_it))
-        return -1;
-    }
 #endif
    clear_timestamp_auto_bits(table->timestamp_field_type,
                              TIMESTAMP_AUTO_SET_ON_INSERT);

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -987,8 +987,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
    if (check_access(thd,SELECT_ACL,table_list.db,&table_list.grant.privilege,
 		     0, 0, test(table_list.schema_table)))
      break;
-    if (grant_option &&
+    if (check_grant(thd, SELECT_ACL, &table_list, 2, UINT_MAX, 0))
-	check_grant(thd, SELECT_ACL, &table_list, 2, UINT_MAX, 0))
      break;
    /* init structures for VIEW processing */
    table_list.select_lex= &(thd->lex->select_lex);
@@ -2049,12 +2048,10 @@ mysql_execute_command(THD *thd)
 		     &first_table->grant.privilege, 0, 0,
                     test(first_table->schema_table)))
      goto error;				/* purecov: inspected */
-    if (grant_option)
+    /* Check that the first table has CREATE privilege */
-    {
+    if (check_grant(thd, CREATE_ACL, all_tables, 0, 1, 0))
-      /* Check that the first table has CREATE privilege */
+      goto error;
-      if (check_grant(thd, CREATE_ACL, all_tables, 0, 1, 0))
-	goto error;
-    }
    pthread_mutex_lock(&LOCK_active_mi);
    /*
      fetch_master_table will send the error to the client on failure.
@@ -2320,22 +2317,20 @@ mysql_execute_command(THD *thd)
 				   (TABLE_LIST *)
 				   lex->create_info.merge_list.first))
 	goto error;				/* purecov: inspected */
-      if (grant_option)
+      if (check_grant(thd, priv_needed, all_tables, 0, UINT_MAX, 0))
-      {
+        goto error;
-	if (check_grant(thd, priv_needed, all_tables, 0, UINT_MAX, 0))
+      if (lex->name.str && !test_all_bits(priv,INSERT_ACL | CREATE_ACL))
-	  goto error;
+      { // Rename of table
-	if (lex->name.str && !test_all_bits(priv,INSERT_ACL | CREATE_ACL))
+          TABLE_LIST tmp_table;
-	{					// Rename of table
+          bzero((char*) &tmp_table,sizeof(tmp_table));
-	  TABLE_LIST tmp_table;
+          tmp_table.table_name= lex->name.str;
-	  bzero((char*) &tmp_table,sizeof(tmp_table));
+          tmp_table.db=select_lex->db;
-	  tmp_table.table_name= lex->name.str;
+          tmp_table.grant.privilege=priv;
-	  tmp_table.db=select_lex->db;
+          if (check_grant(thd, INSERT_ACL | CREATE_ACL, &tmp_table, 0,
-	  tmp_table.grant.privilege=priv;
+              UINT_MAX, 0))
-	  if (check_grant(thd, INSERT_ACL | CREATE_ACL, &tmp_table, 0,
+            goto error;
-			  UINT_MAX, 0))
-	    goto error;
-	}
      }
      /* Don't yet allow changing of symlinks with ALTER TABLE */
      if (lex->create_info.data_file_name)
        push_warning(thd, MYSQL_ERROR::WARN_LEVEL_WARN, 0,
@@ -2377,21 +2372,18 @@ mysql_execute_command(THD *thd)
 		       &table->next_local->grant.privilege, 0, 0,
                       test(table->next_local->schema_table)))
 	goto error;
-      if (grant_option)
+      TABLE_LIST old_list, new_list;
-      {
+      /*
-	TABLE_LIST old_list, new_list;
+        we do not need initialize old_list and new_list because we will
-	/*
+        come table[0] and table->next[0] there
-	  we do not need initialize old_list and new_list because we will
+      */
-	  come table[0] and table->next[0] there
+      old_list= table[0];
-	*/
+      new_list= table->next_local[0];
-	old_list= table[0];
+      if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, 1, 0) ||
-	new_list= table->next_local[0];
+         (!test_all_bits(table->next_local->grant.privilege,
-	if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, 1, 0) ||
+                         INSERT_ACL | CREATE_ACL) &&
-	    (!test_all_bits(table->next_local->grant.privilege,
+          check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0, 1, 0)))
-			    INSERT_ACL | CREATE_ACL) &&
+        goto error;
-	     check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0, 1, 0)))
-	  goto error;
-      }
    }
    query_cache_invalidate3(thd, first_table, 0);
    if (end_active_trans(thd) || mysql_rename_tables(thd, first_table, 0))
@@ -2898,7 +2890,7 @@ mysql_execute_command(THD *thd)
    goto error;
 #else
    {
-      if (grant_option && check_access(thd, FILE_ACL, any_db,0,0,0,0))
+      if (check_access(thd, FILE_ACL, any_db,0,0,0,0))
 	goto error;
      res= ha_show_status(thd, lex->create_info.db_type, HA_ENGINE_LOGS);
      break;
@@ -3345,8 +3337,7 @@ mysql_execute_command(THD *thd)
        uint grants= lex->all_privileges 
 		   ? (PROC_ACLS & ~GRANT_ACL) | (lex->grant & GRANT_ACL)
 		   : lex->grant;
-        if (grant_option && 
+        if (check_grant_routine(thd, grants | GRANT_ACL, all_tables,
-	    check_grant_routine(thd, grants | GRANT_ACL, all_tables,
                                lex->type == TYPE_ENUM_PROCEDURE, 0))
 	  goto error;
        /* Conditionally writes to binlog */
@@ -3357,10 +3348,8 @@ mysql_execute_command(THD *thd)
      }
      else
      {
-	if (grant_option && check_grant(thd,
+	if (check_grant(thd,(lex->grant | lex->grant_tot_col | GRANT_ACL),
-					(lex->grant | lex->grant_tot_col |
+                        all_tables, 0, UINT_MAX, 0))
-					 GRANT_ACL),
-					all_tables, 0, UINT_MAX, 0))
 	  goto error;
        /* Conditionally writes to binlog */
        res= mysql_table_grant(thd, all_tables, lex->users_list,
@@ -4475,8 +4464,7 @@ bool check_single_table_access(THD *thd, ulong privilege,
    goto deny;
  /* Show only 1 table for check_grant */
-  if (grant_option &&
+  if (!(all_tables->belong_to_view &&
-      !(all_tables->belong_to_view &&
        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
      check_grant(thd, privilege, all_tables, 0, 1, no_errors))
    goto deny;
@@ -4644,9 +4632,8 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
                     db_access, want_access));
  db_access= ((*save_priv=(db_access | sctx->master_access)) & want_access);
-  /* grant_option is set if there exists a single table or column grant */
  if (db_access == want_access ||
-      (grant_option && !dont_check_global_grants &&
+      (!dont_check_global_grants &&
       !(want_access & ~(db_access | TABLE_ACLS | PROC_ACLS))))
    DBUG_RETURN(FALSE);				/* Ok */
@@ -4745,8 +4732,7 @@ static bool check_show_access(THD *thd, TABLE_LIST *table)
                     test(dst_table->schema_table)))
      return FALSE;
-    return (grant_option &&
+    return (check_grant(thd, SELECT_ACL, dst_table, 2, UINT_MAX, FALSE));
-            check_grant(thd, SELECT_ACL, dst_table, 2, UINT_MAX, FALSE));
  }
  default:
    break;
@@ -4783,8 +4769,6 @@ bool
 check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
 		   bool no_errors)
 {
-  uint found=0;
-  ulong found_access=0;
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
  TABLE_LIST *org_tables= tables;
 #endif
@@ -4835,26 +4819,17 @@ check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
      tables->grant.privilege= want_access;
    else if (tables->db && thd->db && strcmp(tables->db, thd->db) == 0)
    {
-      if (found && !grant_option)		// db already checked
+      if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
-	tables->grant.privilege=found_access;
-      else
-      {
-	if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
 			 0, no_errors, test(tables->schema_table)))
-	  goto deny;                            // Access denied
+        goto deny;                            // Access denied
-	found_access=tables->grant.privilege;
-	found=1;
-      }
    }
    else if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
 			  0, no_errors, test(tables->schema_table)))
      goto deny;
  }
  thd->security_ctx= backup_ctx;
-  if (grant_option)
+  return check_grant(thd,want_access & ~EXTRA_ACL,org_tables,
-    return check_grant(thd,want_access & ~EXTRA_ACL,org_tables,
 		       test(want_access & EXTRA_ACL), UINT_MAX, no_errors);
-  return FALSE;
 deny:
  thd->security_ctx= backup_ctx;
  return TRUE;
@@ -4884,11 +4859,10 @@ check_routine_access(THD *thd, ulong want_access,char *db, char *name,
    return TRUE;
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  if (grant_option)
    return check_grant_routine(thd, want_access, tables, is_proc, no_errors);
-#endif
+#else
  return FALSE;
+#endif
 }
@@ -4950,7 +4924,7 @@ bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table)
      if (!check_access(thd, access, table->db,
                        &table->grant.privilege, 0, 1,
                        test(table->schema_table)) &&
-          !grant_option || !check_grant(thd, access, table, 0, 1, 1))
+          !check_grant(thd, access, table, 0, 1, 1))
        DBUG_RETURN(0);
    }
  }
@@ -6611,12 +6585,11 @@ bool multi_update_precheck(THD *thd, TABLE_LIST *tables)
    else if ((check_access(thd, UPDATE_ACL, table->db,
                           &table->grant.privilege, 0, 1,
                           test(table->schema_table)) ||
-              grant_option &&
              check_grant(thd, UPDATE_ACL, table, 0, 1, 1)) &&
             (check_access(thd, SELECT_ACL, table->db,
                           &table->grant.privilege, 0, 0,
                           test(table->schema_table)) ||
-              grant_option && check_grant(thd, SELECT_ACL, table, 0, 1, 0)))
+              check_grant(thd, SELECT_ACL, table, 0, 1, 0)))
      DBUG_RETURN(TRUE);
    table->table_in_first_from_clause= 1;
@@ -6634,7 +6607,7 @@ bool multi_update_precheck(THD *thd, TABLE_LIST *tables)
 	if (check_access(thd, SELECT_ACL, table->db,
 			 &table->grant.privilege, 0, 0,
                         test(table->schema_table)) ||
-	    grant_option && check_grant(thd, SELECT_ACL, table, 0, 1, 0))
+	    check_grant(thd, SELECT_ACL, table, 0, 1, 0))
 	  DBUG_RETURN(TRUE);
      }
    }
@@ -6856,7 +6829,7 @@ static bool check_show_create_table_access(THD *thd, TABLE_LIST *table)
  return check_access(thd, SELECT_ACL | EXTRA_ACL, table->db,
                      &table->grant.privilege, 0, 0,
                      test(table->schema_table)) ||
-         grant_option && check_grant(thd, SELECT_ACL, table, 2, UINT_MAX, 0);
+         check_grant(thd, SELECT_ACL, table, 2, UINT_MAX, 0);
 }
@@ -6893,7 +6866,7 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
 			       (TABLE_LIST *)
 			       lex->create_info.merge_list.first))
    goto err;
-  if (grant_option && want_priv != CREATE_TMP_ACL &&
+  if (want_priv != CREATE_TMP_ACL &&
      check_grant(thd, want_priv, create_table, 0, 1, 0))
    goto err;

--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -706,7 +706,7 @@ bool mysqld_show_create_db(THD *thd, char *dbname,
  else
    db_access= (acl_get(sctx->host, sctx->ip, sctx->priv_user, dbname, 0) |
 		sctx->master_access);
-  if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
+  if (!(db_access & DB_ACLS) && check_grant_db(thd,dbname))
  {
    my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
             sctx->priv_user, sctx->host_or_ip, dbname);
@@ -2649,7 +2649,7 @@ int get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond)
                      &thd->col_access, 0, 1, with_i_schema) ||
        sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
 	acl_get(sctx->host, sctx->ip, sctx->priv_user, base_name,0) ||
-	(grant_option && !check_grant_db(thd, base_name)))
+	!check_grant_db(thd, base_name))
 #endif
    {
      List<char> files;
@@ -2849,7 +2849,7 @@ int fill_schema_shemata(THD *thd, TABLE_LIST *tables, COND *cond)
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
    if (sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
 	acl_get(sctx->host, sctx->ip, sctx->priv_user, file_name,0) ||
-	(grant_option && !check_grant_db(thd, file_name)))
+	!check_grant_db(thd, file_name))
 #endif
    {
      load_db_opt_by_name(thd, file_name, &create);

--- a/sql/sql_update.cc
+++ b/sql/sql_update.cc
@@ -936,7 +936,7 @@ bool mysql_multi_update_prepare(THD *thd)
      if (check_access(thd, want_privilege,
                       tl->db, &tl->grant.privilege, 0, 0, 
                       test(tl->schema_table)) ||
-          (grant_option && check_grant(thd, want_privilege, tl, 0, 1, 0)))
+          check_grant(thd, want_privilege, tl, 0, 1, 0))
        DBUG_RETURN(TRUE);
    }
  }

--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -322,11 +322,11 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
  */
  if ((check_access(thd, CREATE_VIEW_ACL, view->db, &view->grant.privilege,
                    0, 0, is_schema_db(view->db)) ||
-       grant_option && check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
+       check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
      (mode != VIEW_CREATE_NEW &&
       (check_access(thd, DROP_ACL, view->db, &view->grant.privilege,
                     0, 0, is_schema_db(view->db)) ||
-        grant_option && check_grant(thd, DROP_ACL, view, 0, 1, 0))))
+        check_grant(thd, DROP_ACL, view, 0, 1, 0))))
  {
    res= TRUE;
    goto err;
@@ -379,7 +379,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
      {
        if (check_access(thd, SELECT_ACL, tbl->db,
                         &tbl->grant.privilege, 0, 0, test(tbl->schema_table)) ||
-            grant_option && check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
+            check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
        {
          res= TRUE;
          goto err;