Merge sergbook.mysql.com:/usr/home/serg/Abk/mysql-5.0-build

into sergbook.mysql.com:/usr/home/serg/Abk/mysql-5.0 client/mysqlbinlog.cc: Auto merged sql/sql_view.cc: Auto merged mysql-test/r/view_grant.result: merged mysql-test/t/view_grant.test: merged

Merge sergbook.mysql.com:/usr/home/serg/Abk/mysql-5.0-build
into sergbook.mysql.com:/usr/home/serg/Abk/mysql-5.0 client/mysqlbinlog.cc: Auto merged sql/sql_view.cc: Auto merged mysql-test/r/view_grant.result: merged mysql-test/t/view_grant.test: merged
48d4d50c · unknown · c62c0d9d · ddb23beb · 48d4d50c · 48d4d50c
Commit 48d4d50c authored Mar 23, 2007 by unknown
11 changed files
--- a/client/mysqlbinlog.cc
+++ b/client/mysqlbinlog.cc
@@ -1042,7 +1042,7 @@ static int dump_remote_log_entries(PRINT_EVENT_INFO *print_event_info,
  uint logname_len;
  NET* net;
  int error= 0;
-  my_off_t old_off= start_position_mot;
+  my_off_t old_off= min(start_position_mot, BIN_LOG_HEADER_SIZE);
  char fname[FN_REFLEN+1];
  DBUG_ENTER("dump_remote_log_entries");

@@ -1194,10 +1194,17 @@ could be out of memory");
      }
    }
    /*
-      Let's adjust offset for remote log as for local log to produce 
-      similar text.
+      Let's adjust offset for remote log as for local log to produce
+      similar text and to have --stop-position to work identically.
+
+      Exception - the server sends Format_description_log_event
+      in the beginning of the dump, and only after it the event from
+      start_position. Let the old_off reflect it.
    */
-    old_off+= len-1;
+    if (old_off < start_position_mot)
+      old_off= start_position_mot;
+    else
+      old_off+= len-1;
  }

 err:

--- a/mysql-test/r/grant.result
+++ b/mysql-test/r/grant.result
@@ -972,4 +972,51 @@ REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij123456789
 ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
 GRANT PROCESS ON * TO user@localhost;
 ERROR 3D000: No database selected
+DROP DATABASE IF EXISTS mysqltest1;
+DROP DATABASE IF EXISTS mysqltest2;
+DROP DATABASE IF EXISTS mysqltest3;
+DROP DATABASE IF EXISTS mysqltest4;
+CREATE DATABASE mysqltest1;
+CREATE DATABASE mysqltest2;
+CREATE DATABASE mysqltest3;
+CREATE DATABASE mysqltest4;
+CREATE PROCEDURE mysqltest1.p_def() SQL SECURITY DEFINER
+SELECT 1;
+CREATE PROCEDURE mysqltest2.p_inv() SQL SECURITY INVOKER
+SELECT 1;
+CREATE FUNCTION mysqltest3.f_def() RETURNS INT SQL SECURITY DEFINER
+RETURN 1;
+CREATE FUNCTION mysqltest4.f_inv() RETURNS INT SQL SECURITY INVOKER
+RETURN 1;
+GRANT EXECUTE ON PROCEDURE mysqltest1.p_def TO mysqltest_1@localhost;
+GRANT EXECUTE ON PROCEDURE mysqltest2.p_inv TO mysqltest_1@localhost;
+GRANT EXECUTE ON FUNCTION mysqltest3.f_def TO mysqltest_1@localhost;
+GRANT EXECUTE ON FUNCTION mysqltest4.f_inv TO mysqltest_1@localhost;
+GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
+
+---> connection: bug9504_con1
+use mysqltest1;
+use mysqltest2;
+use mysqltest3;
+use mysqltest4;
+use test;
+CALL mysqltest1.p_def();
+1
+1
+CALL mysqltest2.p_inv();
+1
+1
+SELECT mysqltest3.f_def();
+mysqltest3.f_def()
+1
+SELECT mysqltest4.f_inv();
+mysqltest4.f_inv()
+1
+
+---> connection: default
+DROP DATABASE mysqltest1;
+DROP DATABASE mysqltest2;
+DROP DATABASE mysqltest3;
+DROP DATABASE mysqltest4;
+DROP USER mysqltest_1@localhost;
 End of 5.0 tests
--- a/mysql-test/r/mysqlbinlog2.result
+++ b/mysql-test/r/mysqlbinlog2.result
@@ -122,6 +122,24 @@ DELIMITER ;
 ROLLBACK /* added by mysqlbinlog */;
 /*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;

+--- start and stop positions ---
+/*!40019 SET @@session.max_insert_delayed_threads=0*/;
+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
+DELIMITER /*!*/;
+SET INSERT_ID=4/*!*/;
+use test/*!*/;
+SET TIMESTAMP=1579609946/*!*/;
+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1/*!*/;
+SET @@session.sql_mode=0/*!*/;
+/*!\C latin1 *//*!*/;
+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/;
+insert into t1 values(null, "d")/*!*/;
+SET INSERT_ID=5/*!*/;
+DELIMITER ;
+# End of log file
+ROLLBACK /* added by mysqlbinlog */;
+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;
+
 --- start-datetime --
 /*!40019 SET @@session.max_insert_delayed_threads=0*/;
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
@@ -481,6 +499,24 @@ DELIMITER ;
 ROLLBACK /* added by mysqlbinlog */;
 /*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;

+--- start and stop positions ---
+/*!40019 SET @@session.max_insert_delayed_threads=0*/;
+/*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;
+DELIMITER /*!*/;
+SET INSERT_ID=4/*!*/;
+use test/*!*/;
+SET TIMESTAMP=1579609946/*!*/;
+SET @@session.foreign_key_checks=1, @@session.sql_auto_is_null=1, @@session.unique_checks=1/*!*/;
+SET @@session.sql_mode=0/*!*/;
+/*!\C latin1 *//*!*/;
+SET @@session.character_set_client=8,@@session.collation_connection=8,@@session.collation_server=8/*!*/;
+insert into t1 values(null, "d")/*!*/;
+SET INSERT_ID=5/*!*/;
+DELIMITER ;
+# End of log file
+ROLLBACK /* added by mysqlbinlog */;
+/*!50003 SET COMPLETION_TYPE=@OLD_COMPLETION_TYPE*/;
+
 --- start-datetime --
 /*!40019 SET @@session.max_insert_delayed_threads=0*/;
 /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/;

--- a/mysql-test/r/sp-security.result
+++ b/mysql-test/r/sp-security.result
@@ -8,22 +8,29 @@ create procedure db1_secret.dummy() begin end;
 drop procedure db1_secret.dummy;
 use db1_secret;
 create table t1 ( u varchar(64), i int );
+insert into t1 values('test', 0);
 create procedure stamp(i int)
 insert into db1_secret.t1 values (user(), i);
 show procedure status like 'stamp';
 Db	Name	Type	Definer	Modified	Created	Security_type	Comment
 db1_secret	stamp	PROCEDURE	root@localhost	0000-00-00 00:00:00	0000-00-00 00:00:00	DEFINER	
-create function db() returns varchar(64) return database();
+create function db() returns varchar(64)
+begin
+declare v varchar(64);
+select u into v from t1 limit 1;
+return v;
+end|
 show function status like 'db';
 Db	Name	Type	Definer	Modified	Created	Security_type	Comment
 db1_secret	db	FUNCTION	root@localhost	0000-00-00 00:00:00	0000-00-00 00:00:00	DEFINER	
 call stamp(1);
 select * from t1;
 u	i
+test	0
 root@localhost	1
 select db();
 db()
-db1_secret
+test
 grant execute on procedure db1_secret.stamp to user1@'%';
 grant execute on function db1_secret.db to user1@'%';
 grant execute on procedure db1_secret.stamp to ''@'%';
@@ -31,25 +38,34 @@ grant execute on function db1_secret.db to ''@'%';
 call db1_secret.stamp(2);
 select db1_secret.db();
 db1_secret.db()
-db1_secret
+test
 select * from db1_secret.t1;
 ERROR 42000: SELECT command denied to user 'user1'@'localhost' for table 't1'
 create procedure db1_secret.dummy() begin end;
 ERROR 42000: Access denied for user 'user1'@'localhost' to database 'db1_secret'
 drop procedure db1_secret.dummy;
 ERROR 42000: PROCEDURE db1_secret.dummy does not exist
+drop procedure db1_secret.stamp;
+ERROR 42000: alter routine command denied to user 'user1'@'localhost' for routine 'db1_secret.stamp'
+drop function db1_secret.db;
+ERROR 42000: alter routine command denied to user 'user1'@'localhost' for routine 'db1_secret.db'
 call db1_secret.stamp(3);
 select db1_secret.db();
 db1_secret.db()
-db1_secret
+test
 select * from db1_secret.t1;
 ERROR 42000: SELECT command denied to user ''@'localhost' for table 't1'
 create procedure db1_secret.dummy() begin end;
 ERROR 42000: Access denied for user ''@'%' to database 'db1_secret'
 drop procedure db1_secret.dummy;
 ERROR 42000: PROCEDURE db1_secret.dummy does not exist
+drop procedure db1_secret.stamp;
+ERROR 42000: alter routine command denied to user ''@'%' for routine 'db1_secret.stamp'
+drop function db1_secret.db;
+ERROR 42000: alter routine command denied to user ''@'%' for routine 'db1_secret.db'
 select * from t1;
 u	i
+test	0
 root@localhost	1
 user1@localhost	2
 anon@localhost	3
@@ -64,21 +80,22 @@ db1_secret	db	FUNCTION	root@localhost	0000-00-00 00:00:00	0000-00-00 00:00:00	IN
 call stamp(4);
 select * from t1;
 u	i
+test	0
 root@localhost	1
 user1@localhost	2
 anon@localhost	3
 root@localhost	4
 select db();
 db()
-db1_secret
+test
 call db1_secret.stamp(5);
-ERROR 42000: Access denied for user 'user1'@'localhost' to database 'db1_secret'
+ERROR 42000: INSERT command denied to user 'user1'@'localhost' for table 't1'
 select db1_secret.db();
-ERROR 42000: Access denied for user 'user1'@'localhost' to database 'db1_secret'
+ERROR 42000: SELECT command denied to user 'user1'@'localhost' for table 't1'
 call db1_secret.stamp(6);
-ERROR 42000: Access denied for user ''@'%' to database 'db1_secret'
+ERROR 42000: INSERT command denied to user ''@'localhost' for table 't1'
 select db1_secret.db();
-ERROR 42000: Access denied for user ''@'%' to database 'db1_secret'
+ERROR 42000: SELECT command denied to user ''@'localhost' for table 't1'
 drop database if exists db2;
 create database db2;
 use db2;

--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@@ -282,15 +282,6 @@ create view mysqltest.v3 as select b from mysqltest.t2;
 grant create view, update on mysqltest.v3 to mysqltest_1@localhost;
 drop view mysqltest.v3;
 create view mysqltest.v3 as select b from mysqltest.t2;
-grant create view, update, insert on mysqltest.v3 to mysqltest_1@localhost;
-drop view mysqltest.v3;
-create view mysqltest.v3 as select b from mysqltest.t2;
-ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
-create table mysqltest.v3 (b int);
-grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
-drop table mysqltest.v3;
-create view mysqltest.v3 as select b from mysqltest.t2;
-ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
 create view v4 as select b+1 from mysqltest.t2;
 ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'
 grant create view,update,select on test.* to mysqltest_1@localhost;
@@ -794,4 +785,92 @@ View	Create View
 v3	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1`
 DROP USER u26813@localhost;
 DROP DATABASE db26813;
+DROP DATABASE IF EXISTS mysqltest1;
+DROP DATABASE IF EXISTS mysqltest2;
+CREATE DATABASE mysqltest1;
+CREATE DATABASE mysqltest2;
+CREATE TABLE mysqltest1.t1(c1 INT);
+CREATE TABLE mysqltest1.t2(c2 INT);
+CREATE TABLE mysqltest1.t3(c3 INT);
+CREATE TABLE mysqltest1.t4(c4 INT);
+INSERT INTO mysqltest1.t1 VALUES (11), (12), (13), (14);
+INSERT INTO mysqltest1.t2 VALUES (21), (22), (23), (24);
+INSERT INTO mysqltest1.t3 VALUES (31), (32), (33), (34);
+INSERT INTO mysqltest1.t4 VALUES (41), (42), (43), (44);
+GRANT SELECT ON mysqltest1.t1 TO mysqltest_u1@localhost;
+GRANT INSERT ON mysqltest1.t2 TO mysqltest_u1@localhost;
+GRANT SELECT, UPDATE ON mysqltest1.t3 TO mysqltest_u1@localhost;
+GRANT SELECT, DELETE ON mysqltest1.t4 TO mysqltest_u1@localhost;
+GRANT ALL PRIVILEGES ON mysqltest2.* TO mysqltest_u1@localhost;
+
+---> connection: bug24040_con
+SELECT * FROM mysqltest1.t1;
+c1
+11
+12
+13
+14
+INSERT INTO mysqltest1.t2 VALUES(25);
+UPDATE mysqltest1.t3 SET c3 = 331 WHERE c3 = 31;
+DELETE FROM mysqltest1.t4 WHERE c4 = 44;
+CREATE VIEW v1 AS SELECT * FROM mysqltest1.t1;
+CREATE VIEW v2 AS SELECT * FROM mysqltest1.t2;
+CREATE VIEW v3 AS SELECT * FROM mysqltest1.t3;
+CREATE VIEW v4 AS SELECT * FROM mysqltest1.t4;
+SELECT * FROM v1;
+c1
+11
+12
+13
+14
+INSERT INTO v2 VALUES(26);
+UPDATE v3 SET c3 = 332 WHERE c3 = 32;
+DELETE FROM v4 WHERE c4 = 43;
+CREATE VIEW v12 AS SELECT c1, c2 FROM mysqltest1.t1, mysqltest1.t2;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v12'
+CREATE VIEW v13 AS SELECT c1, c3 FROM mysqltest1.t1, mysqltest1.t3;
+CREATE VIEW v14 AS SELECT c1, c4 FROM mysqltest1.t1, mysqltest1.t4;
+CREATE VIEW v21 AS SELECT c2, c1 FROM mysqltest1.t2, mysqltest1.t1;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c1' in table 'v21'
+CREATE VIEW v23 AS SELECT c2, c3 FROM mysqltest1.t2, mysqltest1.t3;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c3' in table 'v23'
+CREATE VIEW v24 AS SELECT c2, c4 FROM mysqltest1.t2, mysqltest1.t4;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c4' in table 'v24'
+CREATE VIEW v31 AS SELECT c3, c1 FROM mysqltest1.t3, mysqltest1.t1;
+CREATE VIEW v32 AS SELECT c3, c2 FROM mysqltest1.t3, mysqltest1.t2;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v32'
+CREATE VIEW v34 AS SELECT c3, c4 FROM mysqltest1.t3, mysqltest1.t4;
+CREATE VIEW v41 AS SELECT c4, c1 FROM mysqltest1.t4, mysqltest1.t1;
+CREATE VIEW v42 AS SELECT c4, c2 FROM mysqltest1.t4, mysqltest1.t2;
+ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v42'
+CREATE VIEW v43 AS SELECT c4, c3 FROM mysqltest1.t4, mysqltest1.t3;
+
+---> connection: default
+SELECT * FROM mysqltest1.t1;
+c1
+11
+12
+13
+14
+SELECT * FROM mysqltest1.t2;
+c2
+21
+22
+23
+24
+25
+26
+SELECT * FROM mysqltest1.t3;
+c3
+331
+332
+33
+34
+SELECT * FROM mysqltest1.t4;
+c4
+41
+42
+DROP DATABASE mysqltest1;
+DROP DATABASE mysqltest2;
+DROP USER mysqltest_u1@localhost;
 End of 5.0 tests.
--- a/mysql-test/t/grant.test
+++ b/mysql-test/t/grant.test
@@ -875,4 +875,87 @@ GRANT PROCESS ON * TO user@localhost;
 disconnect con1;
 connection default;

+
+#
+# BUG#9504: Stored procedures: execute privilege doesn't make 'use database'
+# okay.
+#
+
+# Prepare.
+
+--disable_warnings
+DROP DATABASE IF EXISTS mysqltest1;
+DROP DATABASE IF EXISTS mysqltest2;
+DROP DATABASE IF EXISTS mysqltest3;
+DROP DATABASE IF EXISTS mysqltest4;
+--enable_warnings
+
+CREATE DATABASE mysqltest1;
+CREATE DATABASE mysqltest2;
+CREATE DATABASE mysqltest3;
+CREATE DATABASE mysqltest4;
+
+CREATE PROCEDURE mysqltest1.p_def() SQL SECURITY DEFINER
+  SELECT 1;
+
+CREATE PROCEDURE mysqltest2.p_inv() SQL SECURITY INVOKER
+  SELECT 1;
+
+CREATE FUNCTION mysqltest3.f_def() RETURNS INT SQL SECURITY DEFINER
+  RETURN 1;                                                        
+                                                                   
+CREATE FUNCTION mysqltest4.f_inv() RETURNS INT SQL SECURITY INVOKER
+  RETURN 1;
+
+GRANT EXECUTE ON PROCEDURE mysqltest1.p_def TO mysqltest_1@localhost;
+GRANT EXECUTE ON PROCEDURE mysqltest2.p_inv TO mysqltest_1@localhost;
+GRANT EXECUTE ON FUNCTION mysqltest3.f_def TO mysqltest_1@localhost;
+GRANT EXECUTE ON FUNCTION mysqltest4.f_inv TO mysqltest_1@localhost;
+
+GRANT ALL PRIVILEGES ON test.* TO mysqltest_1@localhost;
+
+# Test.
+
+--connect (bug9504_con1,localhost,mysqltest_1,,)
+--echo
+--echo ---> connection: bug9504_con1
+
+# - Check that we can switch to the db;
+
+use mysqltest1;
+
+use mysqltest2;
+
+use mysqltest3;
+
+use mysqltest4;
+
+# - Check that we can call stored routines;
+
+use test;
+
+CALL mysqltest1.p_def();
+
+CALL mysqltest2.p_inv();
+
+SELECT mysqltest3.f_def();
+
+SELECT mysqltest4.f_inv();
+
+# Cleanup.
+
+--connection default
+--echo
+--echo ---> connection: default
+
+--disconnect bug9504_con1
+
+DROP DATABASE mysqltest1;
+DROP DATABASE mysqltest2;
+DROP DATABASE mysqltest3;
+DROP DATABASE mysqltest4;
+
+DROP USER mysqltest_1@localhost;
+
+
 --echo End of 5.0 tests
--- a/mysql-test/t/mysqlbinlog2.test
+++ b/mysql-test/t/mysqlbinlog2.test
@@ -55,6 +55,10 @@ select "--- stop-position --" as "";
 --enable_query_log
 --exec $MYSQL_BINLOG --short-form --stop-position=600 $MYSQLTEST_VARDIR/log/master-bin.000001 
 --disable_query_log
+select "--- start and stop positions ---" as "";
+--enable_query_log
+--exec $MYSQL_BINLOG --short-form --start-position=600 --stop-position 725 $MYSQLTEST_VARDIR/log/master-bin.000001 
+--disable_query_log
 select "--- start-datetime --" as "";
 --enable_query_log
 --exec $MYSQL_BINLOG --short-form "--start-datetime=2020-01-21 15:32:24" $MYSQLTEST_VARDIR/log/master-bin.000001 
@@ -111,6 +115,10 @@ select "--- stop-position --" as "";
 --enable_query_log
 --exec $MYSQL_BINLOG --short-form --stop-position=600 --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000001 
 --disable_query_log
+select "--- start and stop positions ---" as "";
+--enable_query_log
+--exec $MYSQL_BINLOG --short-form --start-position=600 --stop-position 725 --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000001
+--disable_query_log
 select "--- start-datetime --" as "";
 --enable_query_log
 --exec $MYSQL_BINLOG --short-form "--start-datetime=2020-01-21 15:32:24" --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000001

--- a/mysql-test/t/sp-security.test
+++ b/mysql-test/t/sp-security.test
@@ -28,6 +28,7 @@ drop procedure db1_secret.dummy;
 use db1_secret;

 create table t1 ( u varchar(64), i int );
+insert into t1 values('test', 0);

 # A test procedure and function
 create procedure stamp(i int)
@@ -35,7 +36,16 @@ create procedure stamp(i int)
 --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
 show procedure status like 'stamp';

-create function db() returns varchar(64) return database();
+delimiter |;
+create function db() returns varchar(64)
+begin
+  declare v varchar(64);
+
+  select u into v from t1 limit 1;
+
+  return v;
+end|
+delimiter ;|
 --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
 show function status like 'db';

@@ -63,14 +73,18 @@ call db1_secret.stamp(2);
 select db1_secret.db();

 # ...but not this
--error 1142
+--error ER_TABLEACCESS_DENIED_ERROR
 select * from db1_secret.t1;

 # ...and not this
--error 1044
+--error ER_DBACCESS_DENIED_ERROR
 create procedure db1_secret.dummy() begin end;
--error 1305
+--error ER_SP_DOES_NOT_EXIST
 drop procedure db1_secret.dummy;
+--error ER_PROCACCESS_DENIED_ERROR
+drop procedure db1_secret.stamp;
+--error ER_PROCACCESS_DENIED_ERROR
+drop function db1_secret.db;


 #
@@ -83,14 +97,18 @@ call db1_secret.stamp(3);
 select db1_secret.db();

 # ...but not this
--error 1142
+--error ER_TABLEACCESS_DENIED_ERROR
 select * from db1_secret.t1;

 # ...and not this
--error 1044
+--error ER_DBACCESS_DENIED_ERROR
 create procedure db1_secret.dummy() begin end;
--error 1305
+--error ER_SP_DOES_NOT_EXIST
 drop procedure db1_secret.dummy;
+--error ER_PROCACCESS_DENIED_ERROR
+drop procedure db1_secret.stamp;
+--error ER_PROCACCESS_DENIED_ERROR
+drop function db1_secret.db;


 #
@@ -121,9 +139,9 @@ select db();
 connection con2user1;

 # This should not work
--error 1044
+--error ER_TABLEACCESS_DENIED_ERROR
 call db1_secret.stamp(5);
--error 1044
+--error ER_TABLEACCESS_DENIED_ERROR
 select db1_secret.db();

 #
@@ -132,9 +150,9 @@ select db1_secret.db();
 connection con3anon;

 # This should not work
--error 1044
+--error ER_TABLEACCESS_DENIED_ERROR
 call db1_secret.stamp(6);
--error 1044
+--error ER_TABLEACCESS_DENIED_ERROR
 select db1_secret.db();

 #
@@ -165,7 +183,7 @@ use db2;
 create procedure p () insert into t2 values (1);

 # Check that this doesn't work.
--error 1142
+--error ER_TABLEACCESS_DENIED_ERROR
 call p();

 connect (con4user2,localhost,user2,,);
@@ -174,7 +192,7 @@ connection con4user2;
 use db2;

 # This should not work, since p is executed with definer's (user1's) rights.
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 call p();
 select * from t2;

@@ -207,9 +225,9 @@ alter procedure p modifies sql data;
 drop procedure p;

 # This should NOT work
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 alter procedure q modifies sql data;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 drop procedure q;

 connection con1root;
@@ -260,30 +278,30 @@ connect (con4userc,localhost,userc,,);

 connection con2usera;
 call sptest.p1(1);
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 grant execute on procedure sptest.p1 to userb@localhost;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 drop procedure sptest.p1;

 connection con3userb;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 call sptest.p1(2);
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 grant execute on procedure sptest.p1 to userb@localhost;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 drop procedure sptest.p1;

 connection con4userc;
 call sptest.p1(3);
 grant execute on procedure sptest.p1 to userb@localhost;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 drop procedure sptest.p1;

 connection con3userb;
 call sptest.p1(4);
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 grant execute on procedure sptest.p1 to userb@localhost;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 drop procedure sptest.p1;

 connection con1root;
@@ -332,7 +350,7 @@ delimiter ;//
 connect (user1,localhost,user1,,test);
 connection user1;
 use mysqltest;
-- error 1370
+-- error ER_PROCACCESS_DENIED_ERROR
 select bug_9503();

 connection root;
@@ -401,13 +419,13 @@ grant usage on *.* to mysqltest_1@localhost;

 connect (n1,localhost,mysqltest_1,,information_schema,$MASTER_MYPORT,$MASTER_MYSOCK);
 connection n1;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 call mysqltest_1.p1();
 disconnect n1;
 # Test also without a current database
 connect (n2,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK);
 connection n2;
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 call mysqltest_1.p1();
 disconnect n2;

@@ -433,9 +451,9 @@ end;
 create user user_bug12812@localhost IDENTIFIED BY 'ABC'|
 --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
 connect (test_user_12812,localhost,user_bug12812,ABC,test)|
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 SELECT test.bug12812()|
--error 1370
+--error ER_PROCACCESS_DENIED_ERROR
 CREATE VIEW v1 AS SELECT test.bug12812()|
 # Cleanup
 connection default|
@@ -489,7 +507,8 @@ drop database db_bug14834;


 #
-# BUG#14533: 'desc tbl' in stored procedure causes error 1142
+# BUG#14533: 'desc tbl' in stored procedure causes error
+# ER_TABLEACCESS_DENIED_ERROR
 #
 create database db_bug14533;
 use db_bug14533;

--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@@ -350,25 +350,6 @@ drop view mysqltest.v3;
 connection user1;
 create view mysqltest.v3 as select b from mysqltest.t2;

-# give UPDATE and INSERT privilege (to get more privileges then underlying
-# table)
-connection root;
-grant create view, update, insert on mysqltest.v3 to mysqltest_1@localhost;
-drop view mysqltest.v3;
-connection user1;
-- error 1143
-create view mysqltest.v3 as select b from mysqltest.t2;
-
-
-# If we would get more privileges on VIEW then we have on
-# underlying tables => creation prohibited
-connection root;
-create table mysqltest.v3 (b int);
-grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
-drop table mysqltest.v3;
-connection user1;
-- error 1143
-create view mysqltest.v3 as select b from mysqltest.t2;

 # Expression need select privileges
 -- error 1143
@@ -1066,4 +1047,95 @@ DROP USER u26813@localhost;
 DROP DATABASE db26813;
 disconnect u1;

+#
+# BUG#24040: Create View don't succed with "all privileges" on a database.
+#
+
+# Prepare.
+
+--disable_warnings
+DROP DATABASE IF EXISTS mysqltest1;
+DROP DATABASE IF EXISTS mysqltest2;
+--enable_warnings
+
+CREATE DATABASE mysqltest1;
+CREATE DATABASE mysqltest2;
+
+# Test.
+
+CREATE TABLE mysqltest1.t1(c1 INT);
+CREATE TABLE mysqltest1.t2(c2 INT);
+CREATE TABLE mysqltest1.t3(c3 INT);
+CREATE TABLE mysqltest1.t4(c4 INT);
+
+INSERT INTO mysqltest1.t1 VALUES (11), (12), (13), (14);
+INSERT INTO mysqltest1.t2 VALUES (21), (22), (23), (24);
+INSERT INTO mysqltest1.t3 VALUES (31), (32), (33), (34);
+INSERT INTO mysqltest1.t4 VALUES (41), (42), (43), (44);
+
+GRANT SELECT ON mysqltest1.t1 TO mysqltest_u1@localhost;
+GRANT INSERT ON mysqltest1.t2 TO mysqltest_u1@localhost;
+GRANT SELECT, UPDATE ON mysqltest1.t3 TO mysqltest_u1@localhost;
+GRANT SELECT, DELETE ON mysqltest1.t4 TO mysqltest_u1@localhost;
+
+GRANT ALL PRIVILEGES ON mysqltest2.* TO mysqltest_u1@localhost;
+
+--connect (bug24040_con,localhost,mysqltest_u1,,mysqltest2)
+--echo
+--echo ---> connection: bug24040_con
+
+SELECT * FROM mysqltest1.t1;
+INSERT INTO mysqltest1.t2 VALUES(25);
+UPDATE mysqltest1.t3 SET c3 = 331 WHERE c3 = 31;
+DELETE FROM mysqltest1.t4 WHERE c4 = 44;
+
+CREATE VIEW v1 AS SELECT * FROM mysqltest1.t1;
+CREATE VIEW v2 AS SELECT * FROM mysqltest1.t2;
+CREATE VIEW v3 AS SELECT * FROM mysqltest1.t3;
+CREATE VIEW v4 AS SELECT * FROM mysqltest1.t4;
+
+SELECT * FROM v1;
+INSERT INTO v2 VALUES(26);
+UPDATE v3 SET c3 = 332 WHERE c3 = 32;
+DELETE FROM v4 WHERE c4 = 43;
+
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v12 AS SELECT c1, c2 FROM mysqltest1.t1, mysqltest1.t2;
+CREATE VIEW v13 AS SELECT c1, c3 FROM mysqltest1.t1, mysqltest1.t3;
+CREATE VIEW v14 AS SELECT c1, c4 FROM mysqltest1.t1, mysqltest1.t4;
+
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v21 AS SELECT c2, c1 FROM mysqltest1.t2, mysqltest1.t1;
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v23 AS SELECT c2, c3 FROM mysqltest1.t2, mysqltest1.t3;
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v24 AS SELECT c2, c4 FROM mysqltest1.t2, mysqltest1.t4;
+
+CREATE VIEW v31 AS SELECT c3, c1 FROM mysqltest1.t3, mysqltest1.t1;
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v32 AS SELECT c3, c2 FROM mysqltest1.t3, mysqltest1.t2;
+CREATE VIEW v34 AS SELECT c3, c4 FROM mysqltest1.t3, mysqltest1.t4;
+
+CREATE VIEW v41 AS SELECT c4, c1 FROM mysqltest1.t4, mysqltest1.t1;
+--error ER_COLUMNACCESS_DENIED_ERROR
+CREATE VIEW v42 AS SELECT c4, c2 FROM mysqltest1.t4, mysqltest1.t2;
+CREATE VIEW v43 AS SELECT c4, c3 FROM mysqltest1.t4, mysqltest1.t3;
+
+--connection default
+--echo
+--echo ---> connection: default
+
+SELECT * FROM mysqltest1.t1;
+SELECT * FROM mysqltest1.t2;
+SELECT * FROM mysqltest1.t3;
+SELECT * FROM mysqltest1.t4;
+
+# Cleanup.
+
+-- disconnect bug24040_con
+
+DROP DATABASE mysqltest1;
+DROP DATABASE mysqltest2;
+DROP USER mysqltest_u1@localhost;
+
 --echo End of 5.0 tests.
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3893,6 +3893,26 @@ bool check_grant_all_columns(THD *thd, ulong want_access, GRANT_INFO *grant,
 }


+static bool check_grant_db_routine(THD *thd, const char *db, HASH *hash)
+{
+  Security_context *sctx= thd->security_ctx;
+
+  for (uint idx= 0; idx < hash->records; ++idx)
+  {
+    GRANT_NAME *item= (GRANT_NAME*) hash_element(hash, idx);
+
+    if (strcmp(item->user, sctx->priv_user) == 0 &&
+        strcmp(item->db, db) == 0 &&
+        compare_hostname(&item->host, sctx->host, sctx->ip))
+    {
+      return FALSE;
+    }
+  }
+
+  return TRUE;
+}
+
+
 /*
  Check if a user has the right to access a database
  Access is accepted if he has a grant for any table/routine in the database
@@ -3904,9 +3924,10 @@ bool check_grant_db(THD *thd,const char *db)
  Security_context *sctx= thd->security_ctx;
  char helping [NAME_LEN+USERNAME_LENGTH+2];
  uint len;
-  bool error= 1;
+  bool error= TRUE;

  len= (uint) (strmov(strmov(helping, sctx->priv_user) + 1, db) - helping) + 1;
+
  rw_rdlock(&LOCK_grant);

  for (uint idx=0 ; idx < column_priv_hash.records ; idx++)
@@ -3917,11 +3938,17 @@ bool check_grant_db(THD *thd,const char *db)
 	!memcmp(grant_table->hash_key,helping,len) &&
        compare_hostname(&grant_table->host, sctx->host, sctx->ip))
    {
-      error=0;					// Found match
+      error= FALSE; /* Found match. */
      break;
    }
  }
+
+  if (error)
+    error= check_grant_db_routine(thd, db, &proc_priv_hash) &&
+           check_grant_db_routine(thd, db, &func_priv_hash);
+
  rw_unlock(&LOCK_grant);
+
  return error;
 }


--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -496,35 +496,46 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
  /*
    Compare/check grants on view with grants of underlying tables
  */
+
+  fill_effective_table_privileges(thd, &view->grant, view->db,
+                                  view->table_name);
+
+  {
+    Item *report_item= NULL;
+    uint final_priv= VIEW_ANY_ACL;
+
  for (sl= select_lex; sl; sl= sl->next_select())
  {
    DBUG_ASSERT(view->db);                     /* Must be set in the parser */
    List_iterator_fast<Item> it(sl->item_list);
    Item *item;
-    fill_effective_table_privileges(thd, &view->grant, view->db,
-                                    view->table_name);
    while ((item= it++))
    {
-      Item_field *fld;
+        Item_field *fld= item->filed_for_view_update();
      uint priv= (get_column_grant(thd, &view->grant, view->db,
                                    view->table_name, item->name) &
                  VIEW_ANY_ACL);
-      if ((fld= item->filed_for_view_update()))
+
+        if (fld && !fld->field->table->s->tmp_table)
      {
-        /*
-          Do we have more privileges on view field then underlying table field?
-        */
-        if (!fld->field->table->s->tmp_table && (~fld->have_privileges & priv))
+          final_priv&= fld->have_privileges;
+
+          if (~fld->have_privileges & priv)
+            report_item= item;
+        }
+      }
+    }
+
+    if (!final_priv)
        {
-          /* VIEW column has more privileges */
+      DBUG_ASSERT(report_item);
+
          my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
                   "create view", thd->security_ctx->priv_user,
-                   thd->security_ctx->priv_host, item->name,
+               thd->security_ctx->priv_host, report_item->name,
                   view->table_name);
          res= TRUE;
          goto err;
-        }
-      }
    }
  }
 #endif