diff options
| -rw-r--r-- | mysql-test/r/ps.result | 18 | ||||
| -rw-r--r-- | mysql-test/r/view_grant.result | 20 | ||||
| -rw-r--r-- | mysql-test/t/ps.test | 23 | ||||
| -rw-r--r-- | mysql-test/t/view_grant.test | 37 | ||||
| -rw-r--r-- | sql/sql_base.cc | 6 | ||||
| -rw-r--r-- | sql/table.cc | 13 |
6 files changed, 116 insertions, 1 deletions
diff --git a/mysql-test/r/ps.result b/mysql-test/r/ps.result index 694a934f8b7..931fb430df3 100644 --- a/mysql-test/r/ps.result +++ b/mysql-test/r/ps.result @@ -1477,6 +1477,24 @@ i 1 DEALLOCATE PREPARE stmt; DROP TABLE t1, t2; +CREATE TABLE t1 (i INT); +CREATE VIEW v1 AS SELECT * FROM t1; +INSERT INTO t1 VALUES (1), (2); +SELECT t1.i FROM t1 JOIN v1 ON t1.i = v1.i +WHERE EXISTS (SELECT * FROM t1 WHERE v1.i = 1); +i +1 +PREPARE stmt FROM "SELECT t1.i FROM t1 JOIN v1 ON t1.i = v1.i +WHERE EXISTS (SELECT * FROM t1 WHERE v1.i = 1)"; +EXECUTE stmt; +i +1 +EXECUTE stmt; +i +1 +DEALLOCATE PREPARE stmt; +DROP VIEW v1; +DROP TABLE t1; DROP PROCEDURE IF EXISTS p1; flush status; prepare sq from 'show status like "slow_queries"'; diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result index f325d1ed7b6..b30997600ee 100644 --- a/mysql-test/r/view_grant.result +++ b/mysql-test/r/view_grant.result @@ -714,3 +714,23 @@ DROP FUNCTION f1; DROP VIEW v2; DROP VIEW v1; DROP USER mysqltest_u1@localhost; +CREATE DATABASE db17254; +USE db17254; +CREATE TABLE t1 (f1 INT); +INSERT INTO t1 VALUES (10),(20); +CREATE USER def_17254@localhost; +GRANT SELECT ON db17254.* TO def_17254@localhost; +CREATE USER inv_17254@localhost; +GRANT SELECT ON db17254.t1 TO inv_17254@localhost; +GRANT CREATE VIEW ON db17254.* TO def_17254@localhost; +CREATE VIEW v1 AS SELECT * FROM t1; +DROP USER def_17254@localhost; +for a user +SELECT * FROM v1; +ERROR 42000: SELECT command denied to user 'inv_17254'@'localhost' for table 'v1 +' +for a superuser +SELECT * FROM v1; +ERROR HY000: There is no 'def_17254'@'localhost' registered +DROP USER inv_17254@localhost; +DROP DATABASE db17254; diff --git a/mysql-test/t/ps.test b/mysql-test/t/ps.test index 827f46664bf..4f5bdca5057 100644 --- a/mysql-test/t/ps.test +++ b/mysql-test/t/ps.test @@ -1515,6 +1515,29 @@ DROP TABLE t1, t2; # +# BUG#20327: Marking of a wrong field leads to a wrong result on select with +# view, prepared statement and subquery. +# +CREATE TABLE t1 (i INT); +CREATE VIEW v1 AS SELECT * FROM t1; + +INSERT INTO t1 VALUES (1), (2); + +let $query = SELECT t1.i FROM t1 JOIN v1 ON t1.i = v1.i + WHERE EXISTS (SELECT * FROM t1 WHERE v1.i = 1); +eval $query; +eval PREPARE stmt FROM "$query"; +# Statement execution should return '1'. +EXECUTE stmt; +# Check re-execution. +EXECUTE stmt; + +DEALLOCATE PREPARE stmt; +DROP VIEW v1; +DROP TABLE t1; + + +# # BUG#21856: Prepared Statments: crash if bad create # --disable_warnings diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test index 39444a97984..5c920a2fc4c 100644 --- a/mysql-test/t/view_grant.test +++ b/mysql-test/t/view_grant.test @@ -933,4 +933,41 @@ DROP VIEW v2; DROP VIEW v1; DROP USER mysqltest_u1@localhost; +# +# Bug#17254: Error for DEFINER security on VIEW provides too much info +# +connect (root,localhost,root,,); +connection root; +CREATE DATABASE db17254; +USE db17254; +CREATE TABLE t1 (f1 INT); +INSERT INTO t1 VALUES (10),(20); +CREATE USER def_17254@localhost; +GRANT SELECT ON db17254.* TO def_17254@localhost; +CREATE USER inv_17254@localhost; +GRANT SELECT ON db17254.t1 TO inv_17254@localhost; +GRANT CREATE VIEW ON db17254.* TO def_17254@localhost; + +connect (def,localhost,def_17254,,db17254); +connection def; +CREATE VIEW v1 AS SELECT * FROM t1; + +connection root; +DROP USER def_17254@localhost; + +connect (inv,localhost,inv_17254,,db17254); +connection inv; +--echo for a user +--error 1142 +SELECT * FROM v1; + +connection root; +--echo for a superuser +--error 1449 +SELECT * FROM v1; +DROP USER inv_17254@localhost; +DROP DATABASE db17254; +disconnect def; +disconnect inv; + # End of 5.0 tests. diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 75becc31bc1..afd287630ad 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -4225,6 +4225,12 @@ find_field_in_tables(THD *thd, Item_ident *item, { if (found == WRONG_GRANT) return (Field*) 0; + + /* + Only views fields should be marked as dependent, not an underlying + fields. + */ + if (!table_ref->belong_to_view) { SELECT_LEX *current_sel= thd->lex->current_select; SELECT_LEX *last_select= table_ref->select_lex; diff --git a/sql/table.cc b/sql/table.cc index 926b44dedbc..298651324a1 100644 --- a/sql/table.cc +++ b/sql/table.cc @@ -3263,7 +3263,18 @@ bool st_table_list::prepare_view_securety_context(THD *thd) } else { - my_error(ER_NO_SUCH_USER, MYF(0), definer.user.str, definer.host.str); + if (thd->security_ctx->master_access & SUPER_ACL) + { + my_error(ER_NO_SUCH_USER, MYF(0), definer.user.str, definer.host.str); + + } + else + { + my_error(ER_ACCESS_DENIED_ERROR, MYF(0), + thd->security_ctx->priv_user, + thd->security_ctx->priv_host, + (thd->password ? ER(ER_YES) : ER(ER_NO))); + } DBUG_RETURN(TRUE); } } |