summaryrefslogtreecommitdiff
path: root/sql/sql_cte.cc
diff options
context:
space:
mode:
authorIgor Babaev <igor@askmonty.org>2017-11-14 12:22:30 -0800
committerIgor Babaev <igor@askmonty.org>2017-11-14 12:23:31 -0800
commit3afc9629fd84fbbc615f02aac0154e6b5ba92168 (patch)
tree9445aa9d8ee86603d34577344e4e82912d1a85b3 /sql/sql_cte.cc
parent24184938ad9954f25c082a1afd74a053a8ab6d8c (diff)
downloadmariadb-git-3afc9629fd84fbbc615f02aac0154e6b5ba92168.tar.gz
Fixed bug mdev-13453 Executing a query via CTE requires more permissions
than the query itself ACL checks were not properly supported for tables used in CTE specifications. This patch fixes the problem.
Diffstat (limited to 'sql/sql_cte.cc')
-rw-r--r--sql/sql_cte.cc3
1 files changed, 2 insertions, 1 deletions
diff --git a/sql/sql_cte.cc b/sql/sql_cte.cc
index 6fe08e3c0ed..e1bd455830d 100644
--- a/sql/sql_cte.cc
+++ b/sql/sql_cte.cc
@@ -823,9 +823,10 @@ st_select_lex_unit *With_element::clone_parsed_spec(THD *thd,
tbl;
tbl= tbl->next_global)
{
- tbl->grant.privilege= with_table->grant.privilege;
spec_tables_tail= tbl;
}
+ if (check_table_access(thd, SELECT_ACL, spec_tables, FALSE, UINT_MAX, FALSE))
+ goto err;
if (spec_tables)
{
if (with_table->next_global)