diff options
| author | unknown <mats@kindahl-laptop.dnsalias.net> | 2007-11-08 08:54:19 +0100 |
|---|---|---|
| committer | unknown <mats@kindahl-laptop.dnsalias.net> | 2007-11-08 08:54:19 +0100 |
| commit | 10397af9c519b8238599a1ff9fed0d3e871c50e7 (patch) | |
| tree | 0829eb1d0574e5ef45d0fde980cee5ae7110bc07 | |
| parent | af48b26ed8b369e80968df581cf395c572d35be2 (diff) | |
| parent | cda4afc2bfbd508ab189eedb1c0dfbe4861533b4 (diff) | |
| download | mariadb-git-10397af9c519b8238599a1ff9fed0d3e871c50e7.tar.gz | |
Merge kindahl-laptop.dnsalias.net:/home/bkroot/mysql-5.1
into kindahl-laptop.dnsalias.net:/home/bk/b31611-mysql-5.1-target-5.1.22
sql/sql_binlog.cc:
Auto merged
| -rw-r--r-- | mysql-test/r/mysqlbinlog.result | 22 | ||||
| -rw-r--r-- | mysql-test/t/mysqlbinlog.test | 27 | ||||
| -rw-r--r-- | sql/sql_binlog.cc | 3 |
3 files changed, 52 insertions, 0 deletions
diff --git a/mysql-test/r/mysqlbinlog.result b/mysql-test/r/mysqlbinlog.result index f10ae4b4df5..287fbd7e7f3 100644 --- a/mysql-test/r/mysqlbinlog.result +++ b/mysql-test/r/mysqlbinlog.result @@ -328,4 +328,26 @@ drop table t1; drop table t1; End of 5.0 tests flush logs; +BUG#31611: Security risk with BINLOG statement +SET BINLOG_FORMAT=ROW; +CREATE DATABASE mysqltest1; +CREATE USER untrusted@localhost; +GRANT SELECT ON mysqltest1.* TO untrusted@localhost; +SHOW GRANTS FOR untrusted@localhost; +Grants for untrusted@localhost +GRANT USAGE ON *.* TO 'untrusted'@'localhost' +GRANT SELECT ON `mysqltest1`.* TO 'untrusted'@'localhost' +USE mysqltest1; +CREATE TABLE t1 (a INT, b CHAR(64)); +flush logs; +INSERT INTO t1 VALUES (1,USER()); +flush logs; +mysqlbinlog var/log/master-bin.000017 > var/tmp/bug31611.sql +mysql mysqltest1 -uuntrusted < var/tmp/bug31611.sql +INSERT INTO t1 VALUES (1,USER()); +ERROR 42000: INSERT command denied to user 'untrusted'@'localhost' for table 't1' +SELECT * FROM t1; +a b +1 root@localhost +DROP DATABASE mysqltest1; End of 5.1 tests diff --git a/mysql-test/t/mysqlbinlog.test b/mysql-test/t/mysqlbinlog.test index 25bd9a402ae..8635bbfab87 100644 --- a/mysql-test/t/mysqlbinlog.test +++ b/mysql-test/t/mysqlbinlog.test @@ -250,4 +250,31 @@ flush logs; --exec $MYSQL_BINLOG $MYSQLTEST_VARDIR/log/master-bin.000016 >/dev/null 2>/dev/null --exec $MYSQL_BINLOG --force-if-open $MYSQLTEST_VARDIR/log/master-bin.000016 >/dev/null 2>/dev/null +--echo BUG#31611: Security risk with BINLOG statement + +SET BINLOG_FORMAT=ROW; +CREATE DATABASE mysqltest1; +CREATE USER untrusted@localhost; +GRANT SELECT ON mysqltest1.* TO untrusted@localhost; + +SHOW GRANTS FOR untrusted@localhost; +USE mysqltest1; +CREATE TABLE t1 (a INT, b CHAR(64)); +flush logs; +INSERT INTO t1 VALUES (1,USER()); +flush logs; +echo mysqlbinlog var/log/master-bin.000017 > var/tmp/bug31611.sql; +exec $MYSQL_BINLOG $MYSQLTEST_VARDIR/log/master-bin.000017 > $MYSQLTEST_VARDIR/tmp/bug31611.sql; +connect (unsecure,localhost,untrusted,,mysqltest1); +echo mysql mysqltest1 -uuntrusted < var/tmp/bug31611.sql; +error 1; +exec $MYSQL mysqltest1 -uuntrusted < $MYSQLTEST_VARDIR/tmp/bug31611.sql; +connection unsecure; +error ER_TABLEACCESS_DENIED_ERROR; +INSERT INTO t1 VALUES (1,USER()); + +SELECT * FROM t1; +connection default; +DROP DATABASE mysqltest1; + --echo End of 5.1 tests diff --git a/sql/sql_binlog.cc b/sql/sql_binlog.cc index a3a804db8f0..fa6aa8f5881 100644 --- a/sql/sql_binlog.cc +++ b/sql/sql_binlog.cc @@ -37,6 +37,9 @@ void mysql_client_binlog_statement(THD* thd) thd->lex->comment.length : 2048), thd->lex->comment.str)); + if (check_global_access(thd, SUPER_ACL)) + DBUG_VOID_RETURN; + /* Temporarily turn off send_ok, since different events handle this differently |