From 3c6c0ebc6a31835260d07463d581b9715776812f Mon Sep 17 00:00:00 2001 From: Nisha Gopalakrishnan Date: Mon, 9 Jan 2017 20:09:57 +0530 Subject: [PATCH] BUG#25250768: WRITING ON A READ_ONLY=ON SERVER WITHOUT SUPER PRIVILEGE. Backport from mysql-5.7 to mysql-5.5 and mysql-5.6. BUG#13969578: TEMPORARY TABLE IN A DATABASE ON A READ-ONLY INSTANCE CAN BE OVERWRITTEN Analysis: ======== Creation or modification of a persistent table by a non-super user is NOT ALLOWED in read_only mode. Only TEMPORARY tables are allowed to be created or modified in read_only mode. But the creation of a persistent table was being allowed when a temporary table of the same name existed. The routine which denies updating a non-temporary table in a read_only mode does not handle the case of creation of a regular table when a temporary table of the same exists. Fix: === Handled the condition where an attempt is made to create a persistent table having the same name as that of the temporary table. Hence the creation of a persistent table by a non-super user when a temporary table of the same exists is denied under read_only mode. --- sql/sql_parse.cc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 86763b6e3de..82ab76b2e1c 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -822,14 +822,18 @@ static my_bool deny_updates_if_read_only_option(THD *thd, (lex->sql_command == SQLCOM_CREATE_TABLE) && (lex->create_info.options & HA_LEX_CREATE_TMP_TABLE); + const my_bool create_real_tables= + (lex->sql_command == SQLCOM_CREATE_TABLE) && + !(lex->create_info.options & HA_LEX_CREATE_TMP_TABLE); + const my_bool drop_temp_tables= (lex->sql_command == SQLCOM_DROP_TABLE) && lex->drop_temporary; const my_bool update_real_tables= - some_non_temp_table_to_be_updated(thd, all_tables) && - !(create_temp_tables || drop_temp_tables); - + ((create_real_tables || + some_non_temp_table_to_be_updated(thd, all_tables)) && + !(create_temp_tables || drop_temp_tables)); const my_bool create_or_drop_databases= (lex->sql_command == SQLCOM_CREATE_DB) ||