MDEV-23010 UPDATE privilege at Database and Table level fail to update with SELECT command denied to user

check both column- and table-level grants when looking for SELECT privilege on UPDATE statement.
author: Sergei Golubchik <serg@mariadb.org> 2020-07-29 12:17:31 +0200
committer: Sergei Golubchik <serg@mariadb.org> 2020-07-29 14:56:24 +0200
commit: e54a7ac1b38f77b64a0aafeb165082a9788d56f8 (patch)
tree: 1bb752e4f4e56b6d0daffe62666f4be04e80cf43 /sql/sql_acl.cc
parent: 2ba70f69fd6cb3508de2744191c200c11d2fcd5f (diff)
download: mariadb-git-e54a7ac1b38f77b64a0aafeb165082a9788d56f8.tar.gz
1 files changed, 7 insertions, 3 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index b2703dba76f..7925ec58852 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -7135,9 +7135,13 @@ static void check_grant_column_int(GRANT_TABLE *grant_table, const char *name,
 {
   if (grant_table)
   {
-    GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length);
-    if (grant_column)
-      *want_access&= ~grant_column->rights;
+    *want_access&= ~grant_table->privs;
+    if (*want_access & grant_table->cols)
+    {
+      GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length);
+      if (grant_column)
+        *want_access&= ~grant_column->rights;
+    }
   }
 }
author	Sergei Golubchik <serg@mariadb.org>	2020-07-29 12:17:31 +0200
committer	Sergei Golubchik <serg@mariadb.org>	2020-07-29 14:56:24 +0200
commit	e54a7ac1b38f77b64a0aafeb165082a9788d56f8 (patch)
tree	1bb752e4f4e56b6d0daffe62666f4be04e80cf43 /sql/sql_acl.cc
parent	2ba70f69fd6cb3508de2744191c200c11d2fcd5f (diff)
download	mariadb-git-e54a7ac1b38f77b64a0aafeb165082a9788d56f8.tar.gz