Fixed two bugs in MySQL ACL.

First one is related to Bug#7905. One should not be allowed to create new user with password without UPDATE privilege to MySQL database. Furthermore, executing the same GRANT statement twice would actually crash the server and corrupt privilege database. Other bug was that one could update a column, using the existing value as basis to calculate the new value (e.g. UPDATE t1 SET a=a+1) without SELECT privilege to the field (a in the above example) Fixed tests grant.pl and grant2, which were wrong.
2025-09-02 09:41:40 +03:00 · 2005-03-17 08:16:56 +02:00
parent b766082bfb
commit 2bbde22d84
6 changed files with 23 additions and 14 deletions
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -3626,6 +3626,24 @@ unsent_create_error:
 		     first_table ? 0 : 1, 0))
      goto error;

+    if (thd->user)				// If not replication
+    {
+      LEX_USER *user;
+      List_iterator <LEX_USER> user_list(lex->users_list);
+      while ((user=user_list++))
+      {
+	if (user->password.str &&
+	    strcmp(thd->user, user->user.str) ||
+	    user->host.str &&
+	    my_strcasecmp(system_charset_info,
+			  user->host.str, thd->host_or_ip))
+	{
+	  if (check_access(thd, UPDATE_ACL, "mysql", 0, 1, 0))
+	    goto error;
+	  break;			// We are allowed to do changes
+	}
+      }
+    }
    if (specialflag & SPECIAL_NO_RESOLVE)
    {
      LEX_USER *user;