An error occurred fetching the project authors.
- 26 Nov, 2007 1 commit
-
-
thek@adventure.(none) authored
Loading 4.1 into 5.0 or 5.1 failed silently because procs_priv table missing. This caused the server to crash on any attempt to store new grants because of uninitialized structures. This patch breaks up the grant loading function into two phases to allow for procs_priv table to fail with an warning instead of crashing the server.
-
- 20 Sep, 2007 1 commit
-
-
tnurnberg@sin.intern.azundris.com authored
clean up SHOW GRANTS so it will show host-names with case as entered. make REVOKE and friends case-sensitive to make things more intuitive. Patch by Martin Friebe.
-
- 26 Jun, 2007 1 commit
-
-
tsmith@maint1.mysql.com authored
Fix some error messages so that all error codes are equivalent in 5.0 and 5.1
-
- 01 Jun, 2007 2 commits
-
-
msvensson@pilot.(none) authored
only one of those is allowed
-
msvensson@pilot.(none) authored
-
- 11 May, 2007 2 commits
-
-
evgen@moonbone.local authored
Corrected test case for the bug#27878.
-
evgen@moonbone.local authored
database. If a user has a right to update anything in the current database then the access was granted and further checks of access rights for underlying tables wasn't done correctly. The check is done before a view is opened and thus no check of access rights for underlying tables can be carried out. This allows a user to update through a view a table from another database for which he hasn't enough rights. Now the mysql_update() and the mysql_test_update() functions are forces re-checking of access rights after a view is opened.
-
- 24 Apr, 2007 1 commit
-
-
- 17 Apr, 2007 1 commit
-
-
Added missed DROP privilege check on the original table for RENAME TABLE command.
-
- 13 Apr, 2007 1 commit
-
-
- 03 Apr, 2007 2 commits
-
-
gluh@mysql.com/eagle.(none) authored
-
anozdrin/alik@ibm.opbmk authored
The problem was that THD::db_access variable was not restored after database switch in stored-routine-execution code. The fix is to restore THD::db_access in this case. Unfortunately, this fix requires additional changes, because in prepare_schema_table(), called on the parsing stage, we checked privileges. That was wrong according to our design, but this flaw haven't struck so far, because it was masked. All privilege checkings must be done on the execution stage in order to be compatible with prepared statements and stored routines. So, this patch also contains patch for prepare_schema_table(), which moves the checkings to the execution phase.
-
- 23 Mar, 2007 1 commit
-
-
anozdrin/alik@booka.opbmk authored
make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check.
-
- 24 Jan, 2007 1 commit
-
-
kaa@polly.local authored
Added a test case for bug #6774 "Replication fails with Wrong usage of DB GRANT and GLOBAL PRIVILEGES"
-
- 04 Dec, 2006 1 commit
-
-
andrey@example.com authored
with other alterations causes lost tables Using RENAME clause combined with other clauses of ALTER TABLE led to data loss (the data was there but not accessible). This could happen if the changes do not change the table much. Adding and droppping of fields and indices was safe. Renaming a column with MODIFY or CHANGE was unsafe operation, if the actual column didn't change (changing from int to int, which is a noop) Depending on the storage engine (SE) the behavior is different: 1)MyISAM/MEMORY - the ALTER TABLE statement completes without any error but next SELECT against the new table fails. 2)InnoDB (and every other transactional table) - The ALTER TABLE statement fails. There are the the following files in the db dir - `new_table_name.frm` and a temporary table's frm. If the SE is file based, then the data and index files will be present but with the old names. What happens is that for InnoDB the table is not renamed in the internal DDIC. Fixed by adding additional call to mysql_rename_table() method, which should not include FRM file rename, because it has been already done during file names juggling.
-
- 21 Nov, 2006 1 commit
-
-
gkodinov/kgeorge@macbook.gmz authored
- TRUNCATE requires DROP privilege, not DELETE
-
- 20 Nov, 2006 1 commit
-
-
monty@mysql.com/nosik.monty.fi authored
(Mostly in DBUG_PRINT() and unused arguments) Fixed bug in query cache when used with traceing (--with-debug) Fixed memory leak in mysqldump Removed warnings from mysqltest scripts (replaced -- with #)
-
- 30 Aug, 2006 1 commit
-
-
kostja@bodhi.local authored
-
- 29 Aug, 2006 2 commits
-
-
kostja@bodhi.local authored
-
kostja@bodhi.local authored
length limit", it's superseded by the fix for Bug#16899 "Possible buffer overflow in handling of DEFINER-clause". Update test results.
-
- 24 Aug, 2006 1 commit
-
-
anozdrin/alik@alik. authored
User name (host name) has limit on length. The server code relies on these limits when storing the names. The problem was that sometimes these limits were not checked properly, so that could lead to buffer overflow. The fix is to check length of user/host name in parser and if string is too long, throw an error.
-
- 23 Aug, 2006 1 commit
-
-
anozdrin/alik@alik. authored
User name (host name) has limit on length. The server code relies on these limits when storing the names. The problem was that sometimes these limits were not checked properly, so that could lead to buffer overflow. The fix is to check length of user/host name in parser and if string is too long, throw an error.
-
- 11 Aug, 2006 1 commit
-
-
svoj@may.pils.ru authored
-
- 03 Aug, 2006 2 commits
-
-
"A SELECT privilege on a view is required for SHOW CREATE VIEW and it will stay that way because of compatibility reasons." (see #20136) a test case to illustrate how the ACLs work in this case (and ensure they will continue to do so in the future)
-
svoj@may.pils.ru authored
privileges This problem is 4.1 specific. It doesn't affect 4.0 and was fixed in 5.x before. Having any mysql user who is allowed to issue multi table update statement and any column/table grants, allows this user to update any table on a server (mysql grant tables are not exception). check_grant() accepts number of tables (in table list) to be checked in 5-th param. While checking grants for multi table update, number of tables must be 1. It must never be 0 (actually we have DBUG_ASSERT(number > 0) in 5.x in grant_check() function).
-
- 24 Jul, 2006 1 commit
-
-
jimw@rama.(none) authored
This appears to have just been an oversight -- CREATE USER was not enforcing the existing username limitations.
-
- 06 Jun, 2006 1 commit
-
-
monty@mysql.com authored
Add define YASSL_PREFIX when compiling yassl Import patch from yaSSL - avoid allocating memory for each call to 'EVP_md5' and 'EVP_des_ede3_cbc' which were not released until server was stopped - Those functions are used from the SQL function 'des_encrypt' and 'des_decrypt'. Add new define YASSL_PREFIX beforee including ssl.h to activate inclusion of prefix_*.h files Bug#20022 mysql-test-run can't be run with secure connections turned on for all testcases - Part 1, fixes rpl- and federated-tests where connection is made to 127.0.0.1 - Include prefix files that renames all public functions in yaSSLs OpenSSL API to ya<function_name>. They will otherwise conflict with OpenSSL functions if loaded by an application that uses OpenSSL as well as libmysqlclient with yaSSL support. Bug#18235: assertion/crash when windows mysqld is ended with ctrl-c Two threads both try a shutdown sequence which creates a race to the de-init/free of certain resources. This exists in similar form in the client as 17926: "mysql.exe crashes when ctrl-c is pressed in windows." Update after merge to 5.0 BUG#18669: Session COM_STATISTICS breaks mysqladmin status. Changed COM_STATISTICS to display the global status, instead of thead status, for slow queries and table opens. - In function 'handle_grant_struct' when searching the memory structures for an entry to modify, convert all entries here host.hostname is NULL to "" and compare that with the host passed in argument "user_from". - A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means that "any host" can connect. Thus is's correct to turn on allow_all_hosts when such a user is found. - Review and fix other places where host.hostname may be NULL. BUG#19394 OPT_INNODB_THREAD_CONCURRENCY duplicated Removed duplication (not a user-visible change)
-
- 29 May, 2006 1 commit
-
-
msvensson@neptunus.(none) authored
-
- 26 May, 2006 1 commit
-
-
gkodinov@mysql.com authored
The check for view security was lacking several points : 1. Check with the right set of permissions : for each table ref that participates in a view there were the right credentials to use in it's security_ctx member, but these weren't used for checking the credentials. This makes hard enforcing the SQL SECURITY DEFINER|INVOKER property consistently. 2. Because of the above the security checking for views was just ruled out in explicit ways in several places. 3. The security was checked only for the columns of the tables that are brought into the query from a view. So if there is no column reference outside of the view definition it was not detecting the lack of access to the tables in the view in SQL SECURITY INVOKER mode. The fix below tries to fix the above 3 points.
-
- 23 May, 2006 1 commit
-
-
msvensson@neptunus.(none) authored
- In function 'handle_grant_struct' when searching the memory structures for an entry to modify, convert all entries here host.hostname is NULL to "" and compare that with the host passed in argument "user_from". - A user created with hostname "" is stored in "mysql.user" table as host="" but when loaded into memory it'll be stored as host.hostname NULL. Specifiying "" as hostname means that "any host" can connect. Thus is's correct to turn on allow_all_hosts when such a user is found. - Review and fix other places where host.hostname may be NULL.
-
- 06 Mar, 2006 1 commit
-
-
gluh@eagle.intranet.mysql.r18.ru authored
Check if the host of table hash record exactly matches host from GRANT command
-
- 09 Jan, 2006 2 commits
-
-
msvensson@neptunus.(none) authored
- Comparing host string against NULL caused crash. - If host.hostname is NULL treat it as ""
-
msvensson@neptunus.(none) authored
- When acl_user->host.hostname is NULL compare it as ""
-
- 14 Nov, 2005 1 commit
-
-
bar@mysql.com authored
ps_grant.result: Fixing result order. grant.result: Adding test case, fixing result order. grant.test: Adding test case. sql_acl.cc: Fixed that my_charset_latin1 was incorrectly used instead of system_charset_info. This problem was previously fixed by Ingo in 5.0. This patch is basically a backport of the same changes into 4.1.
-
- 04 Aug, 2005 1 commit
-
-
bar@mysql.com authored
fixing tests accordingly item.cc: Bug #10892 user variables not auto cast for comparisons When mixing strings with different character sets, and coercibility is the same, we allow conversion if one character set is superset for other character set.
-
- 28 Jul, 2005 1 commit
-
-
monty@mysql.com authored
-
- 05 Jul, 2005 2 commits
-
-
jimw@mysql.com authored
-
bell@sanja.is.com.ua authored
-
- 20 Jun, 2005 1 commit
-
-
jimw@mysql.com authored
table with an empty hostname. (Bug #11330)
-
- 29 Mar, 2005 1 commit
-
-
jimw@mysql.com authored
mysql-test-run to the tests themselves.
-