MDEV-25141 JSON_TABLE: SELECT into outfile bypasses file privilege check.

access rights checking fixed.
author: Alexey Botchkov <holyfoot@askmonty.org> 2021-03-17 18:28:31 +0400
committer: Alexey Botchkov <holyfoot@askmonty.org> 2021-04-21 10:21:44 +0400
commit: 047eb2258dfc0ad4004e51094c144873f70b3386 (patch)
tree: 3f9e3cf1d0548bc8a326dd02c4d4f7c6ac28205f /sql/sql_parse.cc
parent: abdc39b0a72f2912e5c4d2e8e0212370d5fdf1c3 (diff)
download: mariadb-git-047eb2258dfc0ad4004e51094c144873f70b3386.tar.gz
1 files changed, 3 insertions, 4 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 237944be44d..4c331c05735 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -7104,9 +7104,6 @@ check_table_access(THD *thd, privilege_t requirements, TABLE_LIST *tables,
     if (table_ref->is_anonymous_derived_table())
       continue;
 
-    if (table_ref->table_function)
-      continue;
-
     if (table_ref->sequence)
     {
       /* We want to have either SELECT or INSERT rights to sequences depending
@@ -7116,7 +7113,9 @@ check_table_access(THD *thd, privilege_t requirements, TABLE_LIST *tables,
                     INSERT_ACL : SELECT_ACL);
     }
 
-    if (check_access(thd, want_access, table_ref->get_db_name(),
+    if (check_access(thd, want_access,
+                     table_ref->table_function ? any_db :
+                                                 table_ref->get_db_name(),
                      &table_ref->grant.privilege,
                      &table_ref->grant.m_internal,
                      0, no_errors))
author	Alexey Botchkov <holyfoot@askmonty.org>	2021-03-17 18:28:31 +0400
committer	Alexey Botchkov <holyfoot@askmonty.org>	2021-04-21 10:21:44 +0400
commit	047eb2258dfc0ad4004e51094c144873f70b3386 (patch)
tree	3f9e3cf1d0548bc8a326dd02c4d4f7c6ac28205f /sql/sql_parse.cc
parent	abdc39b0a72f2912e5c4d2e8e0212370d5fdf1c3 (diff)
download	mariadb-git-047eb2258dfc0ad4004e51094c144873f70b3386.tar.gz