Fix for the following bugs:

- BUG#15166: Wrong update permissions required to execute triggers - BUG#15196: Wrong select permission required to execute triggers The idea of the fix is to check necessary privileges in Item_trigger_field::fix_fields(), instead of having "special variables" technique. To achieve this, we should pass to an Item_trigger_field instance a flag, which will indicate the usage/access type of this trigger variable.
2026-01-06 05:22:24 +03:00 · 2006-01-24 20:15:12 +03:00
parent cf6becdebe
commit 378147a23d
7 changed files with 559 additions and 372 deletions
--- a/sql/sql_trigger.h
+++ b/sql/sql_trigger.h
@@ -56,10 +56,9 @@ class Table_triggers_list: public Sql_alloc
  LEX_STRING        sroutines_key;

  /*
-    is_special_var_used specifies whether trigger body contains special
-    variables (NEW/OLD).
+    Grant information for each trigger (pair: subject table, trigger definer).
  */
-  bool m_spec_var_used[TRG_EVENT_MAX][TRG_ACTION_MAX];
+  GRANT_INFO        subject_table_grants[TRG_EVENT_MAX][TRG_ACTION_MAX];

 public:
  /*
@@ -78,6 +77,7 @@ public:
    record1_field(0), table(table_arg)
  {
    bzero((char *)bodies, sizeof(bodies));
+    bzero((char *)&subject_table_grants, sizeof(subject_table_grants));
  }
  ~Table_triggers_list();

@@ -109,11 +109,6 @@ public:
    return test(bodies[TRG_EVENT_UPDATE][TRG_ACTION_BEFORE]);
  }

-  inline bool is_special_var_used(int event, int action_time) const
-  {
-    return m_spec_var_used[event][action_time];
-  }
-
  void set_table(TABLE *new_table);

  friend class Item_trigger_field;