From 718128db908c921b3ad8b45342be33d66660bae4 Mon Sep 17 00:00:00 2001
From: unknown <pem@mysql.com>
Date: Thu, 15 Dec 2005 15:23:16 +0100
Subject: Fixed BUG#14834: Server denies to execute Stored Procedure   The
 problem was that databases with '_' in the name did not match a   correct ACL
 with a literal '_' (i.e. '\_') in the db name, only identical   strings
 matched. The fix makes this work, and also ACLs with wildcards in   the db
 name work.

mysql-test/r/sp-security.result:
  New test case for BUG#14834
mysql-test/t/sp-security.test:
  New test case for BUG#14834
sql/sql_acl.cc:
  Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security
  context switching when invoking stored routines)
---
 mysql-test/t/sp-security.test | 44 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

(limited to 'mysql-test/t')

diff --git a/mysql-test/t/sp-security.test b/mysql-test/t/sp-security.test
index 8d4f99abd71..0b24881a056 100644
--- a/mysql-test/t/sp-security.test
+++ b/mysql-test/t/sp-security.test
@@ -437,4 +437,48 @@ disconnect test_user_12812|
 DROP USER user_bug12812@localhost|
 drop function bug12812|
 delimiter ;|
+
+
+#
+# BUG#14834: Server denies to execute Stored Procedure
+#
+# The problem here was with '_' in the database name.
+#
+create database db_bug14834;
+
+create user user1_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user1_bug14834@localhost;
+
+create user user2_bug14834@localhost identified by '';
+# The exact name of the database (no wildcard)
+grant all on `db\_bug14834`.* to user2_bug14834@localhost;
+
+create user user3_bug14834@localhost identified by '';
+# Wildcards in the database name
+grant all on `db__ug14834`.* to user3_bug14834@localhost;
+
+connect (user1_bug14834,localhost,user1_bug14834,,db_bug14834);
+# Create the procedure and check that we can call it
+create procedure p_bug14834() select user(), current_user();
+call p_bug14834();
+
+connect (user2_bug14834,localhost,user2_bug14834,,db_bug14834);
+# This didn't work before
+call p_bug14834();
+
+connect (user3_bug14834,localhost,user3_bug14834,,db_bug14834);
+# Should also work
+call p_bug14834();
+
+# Cleanup
+connection default;
+disconnect user1_bug14834;
+disconnect user2_bug14834;
+disconnect user3_bug14834;
+drop user user1_bug14834@localhost;
+drop user user2_bug14834@localhost;
+drop user user3_bug14834@localhost;
+drop database db_bug14834;
+
 # End of 5.0 bugs.
-- 
cgit v1.2.1