diff options
| author | bell@sanja.is.com.ua <> | 2003-05-28 00:49:24 +0300 |
|---|---|---|
| committer | bell@sanja.is.com.ua <> | 2003-05-28 00:49:24 +0300 |
| commit | a02d89de30ca1437da500f1c91811c7ab9d8418c (patch) | |
| tree | 310cc948cc102d59d2aa68604bc99a30cd0adf48 /sql | |
| parent | e436736d29dcde08eee20b49e0c6c148b8b6dd02 (diff) | |
| download | mariadb-git-a02d89de30ca1437da500f1c91811c7ab9d8418c.tar.gz | |
fixed priority checking bug in sub select handling
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/sql_parse.cc | 54 |
1 files changed, 44 insertions, 10 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index e6ffec7ef26..473c1dd07f6 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -2285,15 +2285,23 @@ mysql_execute_command(THD *thd) TABLE_LIST *table; if (check_db_used(thd,tables)) goto error; - for (table=tables ; table ; table=table->next) + + if (check_access(thd,UPDATE_ACL,tables->db,&tables->grant.privilege)) + goto error; { - if (table->derived) - table->grant.privilege= SELECT_ACL; - else if (check_access(thd,UPDATE_ACL,table->db,&table->grant.privilege)) + // Show only 1 table for check_grant + TABLE_LIST *subselects_tables= tables->next; + tables->next= 0; + if (grant_option && check_grant(thd, UPDATE_ACL, tables)) + goto error; + tables->next= subselects_tables; + + // check rights on tables of subselect (if exists) + if (subselects_tables && + (res= check_table_access(thd, SELECT_ACL, subselects_tables))) goto error; } - if (grant_option && check_grant(thd,UPDATE_ACL,tables)) - goto error; + if (select_lex->item_list.elements != lex->value_list.elements) { send_error(thd,ER_WRONG_VALUE_COUNT); @@ -2349,8 +2357,21 @@ mysql_execute_command(THD *thd) INSERT_ACL | DELETE_ACL : INSERT_ACL | update); if (check_access(thd,privilege,tables->db,&tables->grant.privilege)) goto error; /* purecov: inspected */ - if (grant_option && check_grant(thd,privilege,tables)) - goto error; + + { + // Show only 1 table for check_grant + TABLE_LIST *subselects_tables= tables->next; + tables->next= 0; + if (grant_option && check_grant(thd, privilege, tables)) + goto error; + tables->next= subselects_tables; + + // check rights on tables of subselect (if exists) + if (subselects_tables && + (res= check_table_access(thd, SELECT_ACL, subselects_tables))) + goto error; + } + if (select_lex->item_list.elements != lex->value_list.elements) { send_error(thd,ER_WRONG_VALUE_COUNT); @@ -2434,8 +2455,21 @@ mysql_execute_command(THD *thd) { if (check_access(thd,DELETE_ACL,tables->db,&tables->grant.privilege)) goto error; /* purecov: inspected */ - if (grant_option && check_grant(thd,DELETE_ACL,tables)) - goto error; + + { + // Show only 1 table for check_grant + TABLE_LIST *subselects_tables= tables->next; + tables->next= 0; + if (grant_option && check_grant(thd, DELETE_ACL, tables)) + goto error; + tables->next= subselects_tables; + + // check rights on tables of subselect (if exists) + if (subselects_tables && + (res= check_table_access(thd, SELECT_ACL, subselects_tables))) + goto error; + } + // Set privilege for the WHERE clause tables->grant.want_privilege=(SELECT_ACL & ~tables->grant.privilege); res = mysql_delete(thd,tables, select_lex->where, |