fixed priority checking bug in sub select handling

mysql-test/r/subselect.result: fixed subselect test mysql-test/t/subselect.test: fixed subselect test
2025-07-30 16:24:05 +03:00 · 2003-05-28 00:49:24 +03:00
parent da9bf1dec3
commit 2029fa02c3
3 changed files with 49 additions and 13 deletions
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@ -2285,15 +2285,23 @@ mysql_execute_command(THD *thd)
    TABLE_LIST *table;
    if (check_db_used(thd,tables))
      goto error;
-    for (table=tables ; table ; table=table->next)
+
+    if (check_access(thd,UPDATE_ACL,tables->db,&tables->grant.privilege))
+      goto error;
    {
-      if (table->derived)
-	table->grant.privilege= SELECT_ACL;
-      else if (check_access(thd,UPDATE_ACL,table->db,&table->grant.privilege))
+      // Show only 1 table for check_grant
+      TABLE_LIST *subselects_tables= tables->next;
+      tables->next= 0;
+      if (grant_option && check_grant(thd, UPDATE_ACL, tables))
+	goto error;
+      tables->next= subselects_tables;
+
+      // check rights on tables of subselect (if exists)
+      if (subselects_tables &&
+	  (res= check_table_access(thd, SELECT_ACL, subselects_tables)))
 	goto error;
    }
-    if (grant_option && check_grant(thd,UPDATE_ACL,tables))
-      goto error;
+
    if (select_lex->item_list.elements != lex->value_list.elements)
    {
      send_error(thd,ER_WRONG_VALUE_COUNT);
@ -2349,8 +2357,21 @@ mysql_execute_command(THD *thd)
                      INSERT_ACL | DELETE_ACL : INSERT_ACL | update);
    if (check_access(thd,privilege,tables->db,&tables->grant.privilege))
      goto error; /* purecov: inspected */
-    if (grant_option && check_grant(thd,privilege,tables))
-      goto error;
+    
+    {
+      // Show only 1 table for check_grant
+      TABLE_LIST *subselects_tables= tables->next;
+      tables->next= 0;
+      if (grant_option && check_grant(thd, privilege, tables))
+	goto error;
+      tables->next= subselects_tables;
+
+      // check rights on tables of subselect (if exists)
+      if (subselects_tables &&
+	  (res= check_table_access(thd, SELECT_ACL, subselects_tables)))
+	goto error;
+    }
+
    if (select_lex->item_list.elements != lex->value_list.elements)
    {
      send_error(thd,ER_WRONG_VALUE_COUNT);
@ -2434,8 +2455,21 @@ mysql_execute_command(THD *thd)
  {
    if (check_access(thd,DELETE_ACL,tables->db,&tables->grant.privilege))
      goto error; /* purecov: inspected */
-    if (grant_option && check_grant(thd,DELETE_ACL,tables))
-      goto error;
+
+    {
+      // Show only 1 table for check_grant
+      TABLE_LIST *subselects_tables= tables->next;
+      tables->next= 0;
+      if (grant_option && check_grant(thd, DELETE_ACL, tables))
+	goto error;
+      tables->next= subselects_tables;
+
+      // check rights on tables of subselect (if exists)
+      if (subselects_tables &&
+	  (res= check_table_access(thd, SELECT_ACL, subselects_tables)))
+	goto error;
+    }
+
    // Set privilege for the WHERE clause
    tables->grant.want_privilege=(SELECT_ACL & ~tables->grant.privilege);
    res = mysql_delete(thd,tables, select_lex->where,