database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

proactive s/strmov/strnmov/ in sql_acl.cc and related test cases

Browse Source
This commit is contained in:
Sergei Golubchik
2012-12-04 17:08:02 +01:00
parent 7885b38cbb
commit eff07bf08e
4 changed files with 81 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
mysql-test/r/grant_lowercase.result Normal file
View File

@ -0,0 +1,20 @@
grant file on *.* to user1@localhost with grant option;
grant select on `a%`.* to user1@localhost with grant option;
grant file on aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.* to 'user'@'%' identified by 'secret';
ERROR 42000: Incorrect database name 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
drop user user1@localhost;
call mtr.add_suppression("Incorrect database name");
alter table mysql.host modify Db varchar(200);
alter table mysql.db modify Db varchar(200);
insert mysql.host set db=concat('=>', repeat(_utf8 'й', 200));
Warnings:
Warning 1265 Data truncated for column 'Db' at row 1
insert mysql.db set db=concat('=>', repeat(_utf8 'й', 200));
Warnings:
Warning 1265 Data truncated for column 'Db' at row 1
flush privileges;
delete from mysql.host where db like '=>%';
delete from mysql.db where db like '=>%';
alter table mysql.host modify Db char(64);
alter table mysql.db modify Db char(64);
flush privileges;

1
mysql-test/t/grant_lowercase.opt Normal file
View File

@ -0,0 +1 @@
--lower-case-table-names=1

30
mysql-test/t/grant_lowercase.test Normal file
View File

@ -0,0 +1,30 @@
# test cases for strmov(tmp_db, db) -> strnmov replacement in sql_acl.cc
#
# http://seclists.org/fulldisclosure/2012/Dec/4
#
# in acl_get(), check_grant_db(), mysql_grant()
grant file on *.* to user1@localhost with grant option;
grant select on `a%`.* to user1@localhost with grant option;
connect (conn1,localhost,user1,,);
connection conn1;
--error ER_WRONG_DB_NAME
grant file on aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.* to 'user'@'%' identified by 'secret';
connection default;
disconnect conn1;
drop user user1@localhost;
# in acl_load()
call mtr.add_suppression("Incorrect database name");
alter table mysql.host modify Db varchar(200);
alter table mysql.db modify Db varchar(200);
insert mysql.host set db=concat('=>', repeat(_utf8 'й', 200));
insert mysql.db set db=concat('=>', repeat(_utf8 'й', 200));
flush privileges; # shouldn't crash here
delete from mysql.host where db like '=>%';
delete from mysql.db where db like '=>%';
alter table mysql.host modify Db char(64);
alter table mysql.db modify Db char(64);
flush privileges;