MDEV-28548: ER_TABLEACCESS_DENIED_ERROR is missing information about DB

- Added missing information about database of corresponding table for various types of commands - Update some typos - Reviewed by: <vicentiu@mariadb.org>
author: Anel Husakovic <anel@mariadb.org> 2022-07-16 14:39:17 +0200
committer: Anel <an3l@users.noreply.github.com> 2022-09-30 08:48:57 +0200
commit: 1f51d6c0f6527324dfe7c066fc60fc2292ea7e11 (patch)
tree: d66f53de3b296ee131a038055cd98b737778389e /sql
parent: f9605eb20947f5533cfe74dda44c9a22b43c551f (diff)
download: mariadb-git-1f51d6c0f6527324dfe7c066fc60fc2292ea7e11.tar.gz
7 files changed, 42 insertions, 52 deletions
diff --git a/sql/share/errmsg-utf8.txt b/sql/share/errmsg-utf8.txt
index aff9874edc2..ebffa4ba0c4 100644
--- a/sql/share/errmsg-utf8.txt
+++ b/sql/share/errmsg-utf8.txt
@@ -3247,25 +3247,25 @@ ER_NONEXISTING_GRANT 42000
         swe "Det finns inget privilegium definierat för användare '%-.48s' på '%-.64s'"
         ukr "Повноважень не визначено для користувача '%-.48s' з хосту '%-.64s'"
 ER_TABLEACCESS_DENIED_ERROR 42000 
-        cze "%-.100T příkaz nepřístupný pro uživatele: '%s'@'%s' pro tabulku '%-.192s'"
-        dan "%-.100T-kommandoen er ikke tilladt for brugeren '%s'@'%s' for tabellen '%-.192s'"
-        nla "%-.100T commando geweigerd voor gebruiker: '%s'@'%s' voor tabel '%-.192s'"
-        eng "%-.100T command denied to user '%s'@'%s' for table '%-.192s'"
-        jps "コマンド %-.100T は ユーザー '%s'@'%s' ,テーブル '%-.192s' に対して許可されていません",
-        est "%-.100T käsk ei ole lubatud kasutajale '%s'@'%s' tabelis '%-.192s'"
-        fre "La commande '%-.100T' est interdite à l'utilisateur: '%s'@'%s' sur la table '%-.192s'"
-        ger "%-.100T Befehl nicht erlaubt für Benutzer '%s'@'%s' auf Tabelle '%-.192s'"
-        hun "%-.100T parancs a '%s'@'%s' felhasznalo szamara nem engedelyezett a '%-.192s' tablaban"
-        ita "Comando %-.100T negato per l'utente: '%s'@'%s' sulla tabella '%-.192s'"
-        jpn "コマンド %-.100T は ユーザー '%s'@'%s' ,テーブル '%-.192s' に対して許可されていません"
-        kor "'%-.100T' 명령은 다음 사용자에게 거부되었습니다. : '%s'@'%s' for 테이블 '%-.192s'"
-        por "Comando '%-.100T' negado para o usuário '%s'@'%s' na tabela '%-.192s'"
-        rum "Comanda %-.100T interzisa utilizatorului: '%s'@'%s' pentru tabela '%-.192s'"
-        rus "Команда %-.100T запрещена пользователю '%s'@'%s' для таблицы '%-.192s'"
-        serbian "%-.100T komanda zabranjena za korisnika '%s'@'%s' za tabelu '%-.192s'"
-        spa "%-.100T comando negado para usuario: '%s'@'%s' para tabla '%-.192s'"
-        swe "%-.100T ej tillåtet för '%s'@'%s' för tabell '%-.192s'"
-        ukr "%-.100T команда заборонена користувачу: '%s'@'%s' у таблиці '%-.192s'"
+        cze "%-.100T příkaz nepřístupný pro uživatele: '%s'@'%s' pro tabulku %`s.%`s"
+        dan "%-.100T-kommandoen er ikke tilladt for brugeren '%s'@'%s' for tabellen %`s.%`s"
+        nla "%-.100T commando geweigerd voor gebruiker: '%s'@'%s' voor tabel %`s.%`s"
+        eng "%-.100T command denied to user '%s'@'%s' for table %`s.%`s"
+        jps "コマンド %-.100T は ユーザー '%s'@'%s' ,テーブル %`s.%`s に対して許可されていません",
+        est "%-.100T käsk ei ole lubatud kasutajale '%s'@'%s' tabelis %`s.%`s"
+        fre "La commande '%-.100T' est interdite à l'utilisateur: '%s'@'%s' sur la table %`s.%`s"
+        ger "%-.100T Befehl nicht erlaubt für Benutzer '%s'@'%s' auf Tabelle %`s.%`s"
+        hun "%-.100T parancs a '%s'@'%s' felhasznalo szamara nem engedelyezett a %`s.%`s tablaban"
+        ita "Comando %-.100T negato per l'utente: '%s'@'%s' sulla tabella %`s.%`s"
+        jpn "コマンド %-.100T は ユーザー '%s'@'%s' ,テーブル %`s.%`s に対して許可されていません"
+        kor "'%-.100T' 명령은 다음 사용자에게 거부되었습니다. : '%s'@'%s' for 테이블 %`s.%`s"
+        por "Comando '%-.100T' negado para o usuário '%s'@'%s' na tabela %`s.%`s"
+        rum "Comanda %-.100T interzisa utilizatorului: '%s'@'%s' pentru tabela %`s.%`s"
+        rus "Команда %-.100T запрещена пользователю '%s'@'%s' для таблицы %`s.%`s"
+        serbian "%-.100T komanda zabranjena za korisnika '%s'@'%s' za tabelu %`s.%`s"
+        spa "%-.100T comando negado para usuario: '%s'@'%s' para tabla %`s.%`s"
+        swe "%-.100T ej tillåtet för '%s'@'%s' för tabell %`s.%`s"
+        ukr "%-.100T команда заборонена користувачу: '%s'@'%s' у таблиці %`s.%`s"
 ER_COLUMNACCESS_DENIED_ERROR 42000 
         cze "%-.32s příkaz nepřístupný pro uživatele: '%s'@'%s' pro sloupec '%-.192s' v tabulce '%-.192s'"
         dan "%-.32s-kommandoen er ikke tilladt for brugeren '%s'@'%s' for kolonne '%-.192s' in tabellen '%-.192s'"
diff --git a/sql/sp_head.cc b/sql/sp_head.cc
index cc121c05a01..df4ef8522ba 100644
--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -1837,7 +1837,7 @@ sp_head::execute_trigger(THD *thd,
 
     my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), priv_desc,
              thd->security_ctx->priv_user, thd->security_ctx->host_or_ip,
-             table_name->str);
+             db_name->str, table_name->str);
 
     m_security_ctx.restore_security_context(thd, save_ctx);
     DBUG_RETURN(TRUE);
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 0110a1f0c65..5b5150acab1 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -6540,7 +6540,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list,
                            table_list->grant.want_privilege);
         my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
                  command, thd->security_ctx->priv_user,
-                 thd->security_ctx->host_or_ip, table_list->alias.str);
+                 thd->security_ctx->host_or_ip, table_list->db.str,
+                 table_list->alias.str);
         DBUG_RETURN(-1);
       }
     }
@@ -7600,8 +7601,8 @@ bool grant_reload(THD *thd)
   @see check_table_access
 
   @note
-     This functions assumes that either number of tables to be inspected
-     by it is limited explicitly (i.e. is is not UINT_MAX) or table list
+     This function assumes that either number of tables to be inspected
+     by it is limited explicitly (i.e. is not UINT_MAX) or table list
      used and thd->lex->query_tables_own_last value correspond to each
      other (the latter should be either 0 or point to next_global member
      of one of elements of this table list).
@@ -7810,7 +7811,7 @@ err:
     my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
              command,
              sctx->priv_user,
-             sctx->host_or_ip,
+             sctx->host_or_ip, tl ? tl->db.str : "unknown",
              tl ? tl->get_table_name() : "unknown");
   }
   DBUG_RETURN(TRUE);
@@ -7993,7 +7994,7 @@ bool check_grant_all_columns(THD *thd, ulong want_access_arg,
   Security_context *sctx= thd->security_ctx;
   ulong UNINIT_VAR(want_access);
   const char *table_name= NULL;
-  const char* db_name;
+  const char* db_name= NULL;
   GRANT_INFO *grant;
   GRANT_TABLE *UNINIT_VAR(grant_table);
   GRANT_TABLE *UNINIT_VAR(grant_table_role);
@@ -8081,7 +8082,7 @@ err:
   if (using_column_privileges)
     my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
              command, sctx->priv_user,
-             sctx->host_or_ip, table_name);
+             sctx->host_or_ip, db_name, table_name);
   else
     my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
              command,
diff --git a/sql/sql_base.cc b/sql/sql_base.cc
index 60b0b88bf5f..614d6d58c0b 100644
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@@ -8101,19 +8101,20 @@ insert_fields(THD *thd, Name_resolution_context *context, const char *db_name,
                     tables->is_natural_join);
         DBUG_ASSERT(item->type() == Item::FIELD_ITEM);
         Item_field *fld= (Item_field*) item;
+        const char *field_db_name= field_iterator.get_db_name();
         const char *field_table_name= field_iterator.get_table_name();
 
         if (!tables->schema_table && 
             !(fld->have_privileges=
               (get_column_grant(thd, field_iterator.grant(),
-                                field_iterator.get_db_name(),
+                                field_db_name,
                                 field_table_name, fld->field_name.str) &
                VIEW_ANY_ACL)))
         {
           my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), "ANY",
                    thd->security_ctx->priv_user,
                    thd->security_ctx->host_or_ip,
-                   field_table_name);
+                   field_db_name, field_table_name);
           DBUG_RETURN(TRUE);
         }
       }
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 5807be62339..ca82c36d568 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -7158,7 +7158,6 @@ bool check_fk_parent_table_access(THD *thd,
     if (key->type == Key::FOREIGN_KEY)
     {
       TABLE_LIST parent_table;
-      bool is_qualified_table_name;
       Foreign_key *fk_key= (Foreign_key *)key;
       LEX_CSTRING db_name;
       LEX_CSTRING table_name= { fk_key->ref_table.str,
@@ -7176,7 +7175,6 @@ bool check_fk_parent_table_access(THD *thd,
 
       if (fk_key->ref_db.str)
       {
-        is_qualified_table_name= true;
         if (!(db_name.str= (char *) thd->memdup(fk_key->ref_db.str,
                                                 fk_key->ref_db.length+1)))
           return true;
@@ -7198,7 +7196,6 @@ bool check_fk_parent_table_access(THD *thd,
           if (!(db_name.str= (char *) thd->memdup(create_db,
                                                   db_name.length+1)))
             return true;
-          is_qualified_table_name= true;
 
           if (check_db_name((LEX_STRING*) &db_name))
           {
@@ -7210,8 +7207,6 @@ bool check_fk_parent_table_access(THD *thd,
         {
           if (thd->lex->copy_db_to(&db_name))
             return true;
-          else
-           is_qualified_table_name= false;
         }
       }
 
@@ -7237,22 +7232,11 @@ bool check_fk_parent_table_access(THD *thd,
       if (check_some_access(thd, privileges, &parent_table) ||
           parent_table.grant.want_privilege)
       {
-        if (is_qualified_table_name)
-        {
-          const size_t qualified_table_name_len= NAME_LEN + 1 + NAME_LEN + 1;
-          char *qualified_table_name= (char *) thd->alloc(qualified_table_name_len);
-
-          my_snprintf(qualified_table_name, qualified_table_name_len, "%s.%s",
-                      db_name.str, table_name.str);
-          table_name.str= qualified_table_name;
-        }
-
         my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
-                 "REFERENCES",
-                 thd->security_ctx->priv_user,
-                 thd->security_ctx->host_or_ip,
-                 table_name.str);
-
+                "REFERENCES",
+                thd->security_ctx->priv_user,
+                thd->security_ctx->host_or_ip,
+                db_name.str, table_name.str);
         return true;
       }
     }
diff --git a/sql/sql_show.cc b/sql/sql_show.cc
index b2851d7defc..eaed36a3506 100644
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -1172,7 +1172,8 @@ public:
       my_snprintf(m_view_access_denied_message, MYSQL_ERRMSG_SIZE,
                   ER_THD(thd, ER_TABLEACCESS_DENIED_ERROR), "SHOW VIEW",
                   m_sctx->priv_user,
-                  m_sctx->host_or_ip, m_top_view->get_table_name());
+                  m_sctx->host_or_ip,
+                  m_top_view->get_db_name(), m_top_view->get_table_name());
     }
     return m_view_access_denied_message_ptr;
   }
@@ -1264,7 +1265,8 @@ mysqld_show_create_get_fields(THD *thd, TABLE_LIST *table_list,
       DBUG_PRINT("debug", ("check_table_access failed"));
       my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
               "SHOW", thd->security_ctx->priv_user,
-              thd->security_ctx->host_or_ip, table_list->alias.str);
+              thd->security_ctx->host_or_ip,
+              table_list->db.str, table_list->alias.str);
       goto exit;
     }
     DBUG_PRINT("debug", ("check_table_access succeeded"));
@@ -1293,7 +1295,8 @@ mysqld_show_create_get_fields(THD *thd, TABLE_LIST *table_list,
     {
       my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
               "SHOW", thd->security_ctx->priv_user,
-              thd->security_ctx->host_or_ip, table_list->alias.str);
+              thd->security_ctx->host_or_ip,
+              table_list->db.str, table_list->alias.str);
       goto exit;
     }
   }
diff --git a/sql/sql_view.cc b/sql/sql_view.cc
index b6787a1cb8b..d8b68725f3e 100644
--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -302,7 +302,8 @@ bool create_view_precheck(THD *thd, TABLE_LIST *tables, TABLE_LIST *view,
       {
         my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
                  "ANY", thd->security_ctx->priv_user,
-                 thd->security_ctx->priv_host, tbl->table_name.str);
+                 thd->security_ctx->priv_host,
+                 tbl->db.str, tbl->table_name.str);
         goto err;
       }
       /*
author	Anel Husakovic <anel@mariadb.org>	2022-07-16 14:39:17 +0200
committer	Anel <an3l@users.noreply.github.com>	2022-09-30 08:48:57 +0200
commit	1f51d6c0f6527324dfe7c066fc60fc2292ea7e11 (patch)
tree	d66f53de3b296ee131a038055cd98b737778389e /sql
parent	f9605eb20947f5533cfe74dda44c9a22b43c551f (diff)
download	mariadb-git-1f51d6c0f6527324dfe7c066fc60fc2292ea7e11.tar.gz