diff options
| -rw-r--r-- | mysql-test/r/view_grant.result | 17 | ||||
| -rw-r--r-- | mysql-test/t/view_grant.test | 36 | ||||
| -rw-r--r-- | sql/sql_base.cc | 17 |
3 files changed, 61 insertions, 9 deletions
diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result index 89067ec23a2..e2ee02351d7 100644 --- a/mysql-test/r/view_grant.result +++ b/mysql-test/r/view_grant.result @@ -501,3 +501,20 @@ drop user test14256; insert into mysql.user select * from t1; flush privileges; drop table t1; +create database mysqltest; +use mysqltest; +CREATE TABLE t1 (i INT); +CREATE VIEW v1 AS SELECT * FROM t1; +SHOW CREATE VIEW v1; +View Create View +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1` +GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; +use mysqltest; +LOCK TABLES v1 READ; +SHOW CREATE TABLE v1; +ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1' +UNLOCK TABLES; +use test; +use test; +drop user mysqltest_1@localhost; +drop database mysqltest; diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test index b4f367c2065..04d6d2f323b 100644 --- a/mysql-test/t/view_grant.test +++ b/mysql-test/t/view_grant.test @@ -664,3 +664,39 @@ insert into mysql.user select * from t1; flush privileges; drop table t1; + +# +# BUG#14726: freeing stack variable in case of an error of opening +# a view when we have locked tables with LOCK TABLES statement. +# +connection root; +--disable_warnings +create database mysqltest; +--enable_warnings + +use mysqltest; +CREATE TABLE t1 (i INT); +CREATE VIEW v1 AS SELECT * FROM t1; +SHOW CREATE VIEW v1; +GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; + +connection user1; + +use mysqltest; +LOCK TABLES v1 READ; +-- error ER_TABLEACCESS_DENIED_ERROR +SHOW CREATE TABLE v1; +UNLOCK TABLES; +use test; + +connection root; +use test; +drop user mysqltest_1@localhost; +drop database mysqltest; + +# +# switch to default connaction +# +disconnect user1; +disconnect root; +connection default; diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 771a70ffebb..cfd06008690 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -1200,17 +1200,16 @@ TABLE *open_table(THD *thd, TABLE_LIST *table_list, MEM_ROOT *mem_root, (void) unpack_filename(path, path); if (mysql_frm_type(thd, path, ¬_used) == FRMTYPE_VIEW) { - TABLE tab;// will not be used (because it's VIEW) but have to be passed + /* + Will not be used (because it's VIEW) but has to be passed. + Also we will not free it (because it is a stack variable). + */ + TABLE tab; table= &tab; VOID(pthread_mutex_lock(&LOCK_open)); - if (open_unireg_entry(thd, table, table_list->db, - table_list->table_name, - alias, table_list, mem_root)) - { - table->next=table->prev=table; - free_cache_entry(table); - } - else + if (!open_unireg_entry(thd, table, table_list->db, + table_list->table_name, + alias, table_list, mem_root)) { DBUG_ASSERT(table_list->view != 0); VOID(pthread_mutex_unlock(&LOCK_open)); |