diff options
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/innodb_priv.h | 2 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 13 | ||||
| -rw-r--r-- | sql/sql_parse.h | 2 | ||||
| -rw-r--r-- | sql/sql_show.cc | 8 | ||||
| -rw-r--r-- | sql/sql_trigger.cc | 3 |
5 files changed, 14 insertions, 14 deletions
diff --git a/sql/innodb_priv.h b/sql/innodb_priv.h index 5406c292b18..24ee848bed1 100644 --- a/sql/innodb_priv.h +++ b/sql/innodb_priv.h @@ -25,7 +25,7 @@ class THD; int get_quote_char_for_identifier(THD *thd, const char *name, uint length); bool schema_table_store_record(THD *thd, TABLE *table); void localtime_to_TIME(MYSQL_TIME *to, struct tm *from); -bool check_global_access(THD *thd, ulong want_access); +bool check_global_access(THD *thd, ulong want_access, bool no_errors=false); uint strconvert(CHARSET_INFO *from_cs, const char *from, CHARSET_INFO *to_cs, char *to, uint to_length, uint *errors); diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 808214402ff..989f1ed66de 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -1630,7 +1630,7 @@ int prepare_schema_table(THD *thd, LEX *lex, Table_ident *table_ident, break; case SCH_USER_STATS: case SCH_CLIENT_STATS: - if (check_global_access(thd, SUPER_ACL | PROCESS_ACL)) + if (check_global_access(thd, SUPER_ACL | PROCESS_ACL, true)) DBUG_RETURN(1); case SCH_TABLE_STATS: case SCH_INDEX_STATS: @@ -1805,7 +1805,7 @@ bool sp_process_definer(THD *thd) if ((strcmp(lex->definer->user.str, thd->security_ctx->priv_user) || my_strcasecmp(system_charset_info, lex->definer->host.str, thd->security_ctx->priv_host)) && - check_global_access(thd, SUPER_ACL)) + check_global_access(thd, SUPER_ACL, true)) { my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "SUPER"); DBUG_RETURN(TRUE); @@ -5316,14 +5316,17 @@ bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table) 1 Access denied. In this case an error is sent to the client */ -bool check_global_access(THD *thd, ulong want_access) +bool check_global_access(THD *thd, ulong want_access, bool no_errors) { #ifndef NO_EMBEDDED_ACCESS_CHECKS char command[128]; if ((thd->security_ctx->master_access & want_access)) return 0; - get_privilege_desc(command, sizeof(command), want_access); - my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command); + if (!no_errors) + { + get_privilege_desc(command, sizeof(command), want_access); + my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command); + } status_var_increment(thd->status_var.access_denied_errors); return 1; #else diff --git a/sql/sql_parse.h b/sql/sql_parse.h index 4510ebe94e2..6d47e648be2 100644 --- a/sql/sql_parse.h +++ b/sql/sql_parse.h @@ -196,7 +196,7 @@ check_table_access(THD *thd, ulong requirements,TABLE_LIST *tables, /* These were under the INNODB_COMPATIBILITY_HOOKS */ -bool check_global_access(THD *thd, ulong want_access); +bool check_global_access(THD *thd, ulong want_access, bool no_errors= false); inline bool is_supported_parser_charset(CHARSET_INFO *cs) { diff --git a/sql/sql_show.cc b/sql/sql_show.cc index cb96db0a46d..e4b83a68a68 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2920,8 +2920,8 @@ int fill_schema_user_stats(THD* thd, TABLE_LIST* tables, COND* cond) int result; DBUG_ENTER("fill_schema_user_stats"); - if (check_global_access(thd, SUPER_ACL | PROCESS_ACL)) - DBUG_RETURN(1); + if (check_global_access(thd, SUPER_ACL | PROCESS_ACL, true)) + DBUG_RETURN(0); /* Iterates through all the global stats and sends them to the client. @@ -2955,8 +2955,8 @@ int fill_schema_client_stats(THD* thd, TABLE_LIST* tables, COND* cond) int result; DBUG_ENTER("fill_schema_client_stats"); - if (check_global_access(thd, SUPER_ACL | PROCESS_ACL)) - DBUG_RETURN(1); + if (check_global_access(thd, SUPER_ACL | PROCESS_ACL, true)) + DBUG_RETURN(0); /* Iterates through all the global stats and sends them to the client. diff --git a/sql/sql_trigger.cc b/sql/sql_trigger.cc index aff00f9fcf4..11f2007f0bc 100644 --- a/sql/sql_trigger.cc +++ b/sql/sql_trigger.cc @@ -701,10 +701,7 @@ bool Table_triggers_list::create_trigger(THD *thd, TABLE_LIST *tables, thd->security_ctx->priv_host))) { if (check_global_access(thd, SUPER_ACL)) - { - my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "SUPER"); return TRUE; - } } /* |