diff options
| author | unknown <pem@mysql.com> | 2005-10-28 14:55:01 +0200 |
|---|---|---|
| committer | unknown <pem@mysql.com> | 2005-10-28 14:55:01 +0200 |
| commit | d662bff97107e89cdc53474b8aa278856652c96b (patch) | |
| tree | e5ad8df351867b2b801d7b8f9b94a00bcb65b4ac | |
| parent | 1b7bb773832823f46f2c418b28664b362f8d879f (diff) | |
| parent | 14418653611eb2def87fe2f5620835d2348a6960 (diff) | |
| download | mariadb-git-d662bff97107e89cdc53474b8aa278856652c96b.tar.gz | |
Merge mysql.com:/usr/local/bk/mysql-5.0
into mysql.com:/usr/home/pem/bug14256/mysql-5.0
mysql-test/r/view.result:
Auto merged
mysql-test/r/view_grant.result:
Merge fix.
mysql-test/t/view_grant.test:
Merge fix.
| -rw-r--r-- | mysql-test/r/view.result | 2 | ||||
| -rw-r--r-- | mysql-test/r/view_grant.result | 27 | ||||
| -rw-r--r-- | mysql-test/t/view.test | 2 | ||||
| -rw-r--r-- | mysql-test/t/view_grant.test | 45 | ||||
| -rw-r--r-- | sql/sql_yacc.yy | 3 |
5 files changed, 75 insertions, 4 deletions
diff --git a/mysql-test/r/view.result b/mysql-test/r/view.result index 1e30285946a..6f15e7af399 100644 --- a/mysql-test/r/view.result +++ b/mysql-test/r/view.result @@ -2198,7 +2198,7 @@ r_object_id users_names 120001a080000542 guser02 drop view v1, v2; drop table t1, t2; -create definer=some_user@__% sql security invoker view v1 as select 1; +create definer=some_user@`` sql security invoker view v1 as select 1; ERROR HY000: View definer is not fully qualified create definer=some_user@localhost sql security invoker view v1 as select 1; Warnings: diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result index f20e78e0297..43df5c29f92 100644 --- a/mysql-test/r/view_grant.result +++ b/mysql-test/r/view_grant.result @@ -474,3 +474,30 @@ drop table t1; use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop database mysqltest; +drop view if exists v1; +create table t1 as select * from mysql.user where user=''; +delete from mysql.user where user=''; +flush privileges; +grant all on test.* to 'test14256'@'%'; +use test; +create view v1 as select 42; +show create view v1; +View Create View +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42` +select definer into @v1def1 from information_schema.views +where table_schema = 'test' and table_name='v1'; +drop view v1; +create definer=`test14256`@`%` view v1 as select 42; +show create view v1; +View Create View +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42` +select definer into @v1def2 from information_schema.views +where table_schema = 'test' and table_name='v1'; +drop view v1; +select @v1def1, @v1def2, @v1def1=@v1def2; +@v1def1 @v1def2 @v1def1=@v1def2 +test14256@% test14256@% 1 +drop user test14256; +insert into mysql.user select * from t1; +flush privileges; +drop table t1; diff --git a/mysql-test/t/view.test b/mysql-test/t/view.test index dd773c4c650..aa3189bad69 100644 --- a/mysql-test/t/view.test +++ b/mysql-test/t/view.test @@ -2082,7 +2082,7 @@ drop table t1, t2; # DEFINER information check # -- error ER_NO_VIEW_USER -create definer=some_user@__% sql security invoker view v1 as select 1; +create definer=some_user@`` sql security invoker view v1 as select 1; create definer=some_user@localhost sql security invoker view v1 as select 1; show create view v1; drop view v1; diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test index 760f0e1550f..7f0cb6d9406 100644 --- a/mysql-test/t/view_grant.test +++ b/mysql-test/t/view_grant.test @@ -619,3 +619,48 @@ drop table t1; use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop database mysqltest; + +# +# BUG#14256: definer in view definition is not fully qualified +# +--disable_warnings +drop view if exists v1; +--enable_warnings + +# Backup anonymous users and remove them. (They get in the way of +# the one we test with here otherwise.) +create table t1 as select * from mysql.user where user=''; +delete from mysql.user where user=''; +flush privileges; + +# Create the test user +grant all on test.* to 'test14256'@'%'; + +connect (test14256,localhost,test14256,,test); +connection test14256; +use test; + +create view v1 as select 42; +show create view v1; + +select definer into @v1def1 from information_schema.views + where table_schema = 'test' and table_name='v1'; +drop view v1; + +create definer=`test14256`@`%` view v1 as select 42; +show create view v1; + +select definer into @v1def2 from information_schema.views + where table_schema = 'test' and table_name='v1'; +drop view v1; + +select @v1def1, @v1def2, @v1def1=@v1def2; + +connection root; +drop user test14256; + +# Restore the anonymous users. +insert into mysql.user select * from t1; +flush privileges; + +drop table t1; diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index fb77f01d38c..109dcd7e86a 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -9026,8 +9026,7 @@ view_user: (LEX_USER*) thd->alloc(sizeof(st_lex_user)))) YYABORT; view_user->user = $3; view_user->host=$5; - if (strchr(view_user->host.str, wild_many) || - strchr(view_user->host.str, wild_one)) + if (view_user->host.length == 0) { my_error(ER_NO_VIEW_USER, MYF(0)); YYABORT; |