diff options
| author | unknown <Sinisa@sinisa.nasamreza.org> | 2003-03-10 16:58:07 +0200 |
|---|---|---|
| committer | unknown <Sinisa@sinisa.nasamreza.org> | 2003-03-10 16:58:07 +0200 |
| commit | 530659e8a004812679ad9792f6e7b31ffabb7dc9 (patch) | |
| tree | e97c6cd10fa4d8c710acfa181d040f5db72b140f /sql/sql_parse.cc | |
| parent | 20bb527b80ddf1db92ef409b8857c9038af2d7ac (diff) | |
| download | mariadb-git-530659e8a004812679ad9792f6e7b31ffabb7dc9.tar.gz | |
A fix for privilege checking bug.
sql/sql_parse.cc:
Fix for a privilege bug in multi-table updates.
Seems like better fix then chec_table_access.
Diffstat (limited to 'sql/sql_parse.cc')
| -rw-r--r-- | sql/sql_parse.cc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 6dac0a82d26..b01800ee61a 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -1840,8 +1840,14 @@ mysql_execute_command(void) break; } case SQLCOM_UPDATE: - if (check_access(thd,UPDATE_ACL,tables->db,&tables->grant.privilege)) + TABLE_LIST *table; + if (check_db_used(thd,tables)) goto error; + for (table=tables ; table ; table=table->next) + { + if (check_access(thd,UPDATE_ACL,table->db,&table->grant.privilege)) + goto error; + } if (grant_option && check_grant(thd,UPDATE_ACL,tables)) goto error; if (select_lex->item_list.elements != lex->value_list.elements) |