database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

Bug#36086: SELECT * from views don't check column grants

Browse Source 
This patch also fixes bugs 36963 and 35600.
                      
- In many places a view was confused with an anonymous derived
  table, i.e. access checking was skipped. Fixed by introducing a
  predicate to tell the difference between named and anonymous
  derived tables.
                      
- When inserting fields for "SELECT * ", there was no 
  distinction between base tables and views, where one should be
  made. View privileges are checked elsewhere.
This commit is contained in:
Martin Hansson
2008-09-03 16:45:40 +02:00
parent 4c318bf6e8
commit a43242ea6d
15 changed files with 356 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sql/sql_parse.cc
View File

@ -4872,6 +4872,8 @@ bool check_single_table_access(THD *thd, ulong privilege,
/* Show only 1 table for check_grant */
if (!(all_tables->belong_to_view &&
(thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
!(all_tables->view &&
all_tables->effective_algorithm == VIEW_ALGORITHM_TMPTABLE) &&
check_grant(thd, privilege, all_tables, 0, 1, no_errors))
goto deny;
@ -5184,7 +5186,7 @@ check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
continue;
}
if (tables->derived ||
if (tables->is_anonymous_derived_table() ||
(tables->table && (int)tables->table->s->tmp_table))
continue;
thd->security_ctx= sctx;