summaryrefslogtreecommitdiff
path: root/mysql-test/t/sp-security.test
diff options
context:
space:
mode:
Diffstat (limited to 'mysql-test/t/sp-security.test')
-rw-r--r--mysql-test/t/sp-security.test74
1 files changed, 72 insertions, 2 deletions
diff --git a/mysql-test/t/sp-security.test b/mysql-test/t/sp-security.test
index 96f82c92248..ca4e6b04f13 100644
--- a/mysql-test/t/sp-security.test
+++ b/mysql-test/t/sp-security.test
@@ -82,7 +82,7 @@ select * from db1_secret.t1;
# ...and not this
--error ER_DBACCESS_DENIED_ERROR
create procedure db1_secret.dummy() begin end;
---error ER_SP_DOES_NOT_EXIST
+--error ER_PROCACCESS_DENIED_ERROR
drop procedure db1_secret.dummy;
--error ER_PROCACCESS_DENIED_ERROR
drop procedure db1_secret.stamp;
@@ -106,7 +106,7 @@ select * from db1_secret.t1;
# ...and not this
--error ER_DBACCESS_DENIED_ERROR
create procedure db1_secret.dummy() begin end;
---error ER_SP_DOES_NOT_EXIST
+--error ER_PROCACCESS_DENIED_ERROR
drop procedure db1_secret.dummy;
--error ER_PROCACCESS_DENIED_ERROR
drop procedure db1_secret.stamp;
@@ -926,6 +926,76 @@ DROP DATABASE B48872;
--echo End of 5.0 tests.
+
+--echo #
+--echo # Test for bug#57061 "User without privilege on routine can discover
+--echo # its existence."
+--echo #
+--disable_warnings
+drop database if exists mysqltest_db;
+--enable_warnings
+create database mysqltest_db;
+--echo # Create user with no privileges on mysqltest_db database.
+create user bug57061_user@localhost;
+create function mysqltest_db.f1() returns int return 0;
+create procedure mysqltest_db.p1() begin end;
+--echo # Connect as user 'bug57061_user@localhost'
+connect (conn1, localhost, bug57061_user,,);
+--echo # Attempt to drop routine on which user doesn't have privileges
+--echo # should result in the same 'access denied' type of error whether
+--echo # routine exists or not.
+--error ER_PROCACCESS_DENIED_ERROR
+drop function if exists mysqltest_db.f_does_not_exist;
+--error ER_PROCACCESS_DENIED_ERROR
+drop procedure if exists mysqltest_db.p_does_not_exist;
+--error ER_PROCACCESS_DENIED_ERROR
+drop function if exists mysqltest_db.f1;
+--error ER_PROCACCESS_DENIED_ERROR
+drop procedure if exists mysqltest_db.p1;
+--echo # Connection 'default'.
+connection default;
+disconnect conn1;
+drop user bug57061_user@localhost;
+drop database mysqltest_db;
+
+
+--echo #
+--echo # Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
+--echo # DEFINITION OF ANY ROUTINE.
+--echo #
+
+--disable_warnings
+DROP DATABASE IF EXISTS db1;
+--enable_warnings
+
+CREATE DATABASE db1;
+CREATE PROCEDURE db1.p1() SELECT 1;
+CREATE USER user2@localhost IDENTIFIED BY '';
+GRANT SELECT(db) ON mysql.proc TO user2@localhost;
+
+--echo # Connection con2 as user2
+connect (con2, localhost, user2);
+--echo # The statement below before disclosed info from body_utf8 column.
+--error ER_SP_DOES_NOT_EXIST
+SHOW CREATE PROCEDURE db1.p1;
+
+--echo # Check that SHOW works with SELECT grant on whole table
+--echo # Connection default
+connection default;
+GRANT SELECT ON mysql.proc TO user2@localhost;
+
+--echo # Connection con2
+connection con2;
+--echo # This should work
+SHOW CREATE PROCEDURE db1.p1;
+
+--echo # Connection default
+connection default;
+disconnect con2;
+DROP USER user2@localhost;
+DROP DATABASE db1;
+
+
# Wait till all disconnects are completed
--source include/wait_until_count_sessions.inc
View Lorry Controller Status