Commit d3ecc66c authored by MySQL Build Team's avatar MySQL Build Team

Backport into build-201002030816-5.0.87sp1

> ------------------------------------------------------------
> revno: 2818.1.35
> revision-id: joro@sun.com-20091127095944-autr58itccge4z9l
> parent: satya.bn@sun.com-20091125095925-871384fcnwwa2yqt
> committer: Georgi Kodinov <joro@sun.com>
> branch nick: B48872-5.0-bugteam
> timestamp: Fri 2009-11-27 11:59:44 +0200
> message:
>   Bug #48872 : Privileges for stored functions ignored if function name
>     is mixed case
>   
>   Transcode the procedure name to lowercase when searching for it in the 
>   hash. This is the missing part of the fix for bug #41049.
parent f5feec0d
...@@ -519,4 +519,65 @@ DROP USER mysqltest_u1@localhost; ...@@ -519,4 +519,65 @@ DROP USER mysqltest_u1@localhost;
DROP PROCEDURE p_suid; DROP PROCEDURE p_suid;
DROP FUNCTION f_suid; DROP FUNCTION f_suid;
DROP TABLE t1; DROP TABLE t1;
#
# Bug #48872 : Privileges for stored functions ignored if function name
# is mixed case
#
CREATE DATABASE B48872;
USE B48872;
CREATE TABLE `TestTab` (id INT);
INSERT INTO `TestTab` VALUES (1),(2);
CREATE FUNCTION `f_Test`() RETURNS INT RETURN 123;
CREATE FUNCTION `f_Test_denied`() RETURNS INT RETURN 123;
CREATE USER 'tester';
CREATE USER 'Tester';
GRANT SELECT ON TABLE `TestTab` TO 'tester';
GRANT EXECUTE ON FUNCTION `f_Test` TO 'tester';
GRANT EXECUTE ON FUNCTION `f_Test_denied` TO 'Tester';
SELECT f_Test();
f_Test()
123
SELECT * FROM TestTab;
id
1
2
SELECT * FROM TestTab;
id
1
2
SELECT `f_Test`();
`f_Test`()
123
SELECT `F_TEST`();
`F_TEST`()
123
SELECT f_Test();
f_Test()
123
SELECT F_TEST();
F_TEST()
123
SELECT * FROM TestTab;
ERROR 42000: SELECT command denied to user 'Tester'@'localhost' for table 'TestTab'
SELECT `f_Test`();
ERROR 42000: execute command denied to user 'Tester'@'%' for routine 'B48872.f_Test'
SELECT `F_TEST`();
ERROR 42000: execute command denied to user 'Tester'@'%' for routine 'B48872.f_Test'
SELECT f_Test();
ERROR 42000: execute command denied to user 'Tester'@'%' for routine 'B48872.f_Test'
SELECT F_TEST();
ERROR 42000: execute command denied to user 'Tester'@'%' for routine 'B48872.f_Test'
SELECT `f_Test_denied`();
`f_Test_denied`()
123
SELECT `F_TEST_DENIED`();
`F_TEST_DENIED`()
123
DROP TABLE `TestTab`;
DROP FUNCTION `f_Test`;
DROP FUNCTION `f_Test_denied`;
USE test;
DROP USER 'tester';
DROP USER 'Tester';
DROP DATABASE B48872;
End of 5.0 tests. End of 5.0 tests.
...@@ -889,6 +889,63 @@ DROP PROCEDURE p_suid; ...@@ -889,6 +889,63 @@ DROP PROCEDURE p_suid;
DROP FUNCTION f_suid; DROP FUNCTION f_suid;
DROP TABLE t1; DROP TABLE t1;
--echo #
--echo # Bug #48872 : Privileges for stored functions ignored if function name
--echo # is mixed case
--echo #
CREATE DATABASE B48872;
USE B48872;
CREATE TABLE `TestTab` (id INT);
INSERT INTO `TestTab` VALUES (1),(2);
CREATE FUNCTION `f_Test`() RETURNS INT RETURN 123;
CREATE FUNCTION `f_Test_denied`() RETURNS INT RETURN 123;
CREATE USER 'tester';
CREATE USER 'Tester';
GRANT SELECT ON TABLE `TestTab` TO 'tester';
GRANT EXECUTE ON FUNCTION `f_Test` TO 'tester';
GRANT EXECUTE ON FUNCTION `f_Test_denied` TO 'Tester';
SELECT f_Test();
SELECT * FROM TestTab;
CONNECT (con_tester,localhost,tester,,B48872);
CONNECT (con_tester_denied,localhost,Tester,,B48872);
CONNECTION con_tester;
SELECT * FROM TestTab;
SELECT `f_Test`();
SELECT `F_TEST`();
SELECT f_Test();
SELECT F_TEST();
CONNECTION con_tester_denied;
--error ER_TABLEACCESS_DENIED_ERROR
SELECT * FROM TestTab;
--error ER_PROCACCESS_DENIED_ERROR
SELECT `f_Test`();
--error ER_PROCACCESS_DENIED_ERROR
SELECT `F_TEST`();
--error ER_PROCACCESS_DENIED_ERROR
SELECT f_Test();
--error ER_PROCACCESS_DENIED_ERROR
SELECT F_TEST();
SELECT `f_Test_denied`();
SELECT `F_TEST_DENIED`();
CONNECTION default;
DISCONNECT con_tester;
DISCONNECT con_tester_denied;
DROP TABLE `TestTab`;
DROP FUNCTION `f_Test`;
DROP FUNCTION `f_Test_denied`;
USE test;
DROP USER 'tester';
DROP USER 'Tester';
DROP DATABASE B48872;
--echo End of 5.0 tests. --echo End of 5.0 tests.
# Wait till all disconnects are completed # Wait till all disconnects are completed
......
...@@ -2265,14 +2265,17 @@ static GRANT_NAME *name_hash_search(HASH *name_hash, ...@@ -2265,14 +2265,17 @@ static GRANT_NAME *name_hash_search(HASH *name_hash,
const char *host,const char* ip, const char *host,const char* ip,
const char *db, const char *db,
const char *user, const char *tname, const char *user, const char *tname,
bool exact) bool exact, bool name_tolower)
{ {
char helping [NAME_LEN*2+USERNAME_LENGTH+3]; char helping [NAME_LEN*2+USERNAME_LENGTH+3], *name_ptr;
uint len; uint len;
GRANT_NAME *grant_name,*found=0; GRANT_NAME *grant_name,*found=0;
HASH_SEARCH_STATE state; HASH_SEARCH_STATE state;
len = (uint) (strmov(strmov(strmov(helping,user)+1,db)+1,tname)-helping)+ 1; name_ptr= strmov(strmov(helping, user) + 1, db) + 1;
len = (uint) (strmov(name_ptr, tname) - helping) + 1;
if (name_tolower)
my_casedn_str(files_charset_info, name_ptr);
for (grant_name= (GRANT_NAME*) hash_first(name_hash, (byte*) helping, for (grant_name= (GRANT_NAME*) hash_first(name_hash, (byte*) helping,
len, &state); len, &state);
grant_name ; grant_name ;
...@@ -2305,7 +2308,7 @@ routine_hash_search(const char *host, const char *ip, const char *db, ...@@ -2305,7 +2308,7 @@ routine_hash_search(const char *host, const char *ip, const char *db,
{ {
return (GRANT_TABLE*) return (GRANT_TABLE*)
name_hash_search(proc ? &proc_priv_hash : &func_priv_hash, name_hash_search(proc ? &proc_priv_hash : &func_priv_hash,
host, ip, db, user, tname, exact); host, ip, db, user, tname, exact, TRUE);
} }
...@@ -2314,7 +2317,7 @@ table_hash_search(const char *host, const char *ip, const char *db, ...@@ -2314,7 +2317,7 @@ table_hash_search(const char *host, const char *ip, const char *db,
const char *user, const char *tname, bool exact) const char *user, const char *tname, bool exact)
{ {
return (GRANT_TABLE*) name_hash_search(&column_priv_hash, host, ip, db, return (GRANT_TABLE*) name_hash_search(&column_priv_hash, host, ip, db,
user, tname, exact); user, tname, exact, FALSE);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment