diff options
| author | svoj@may.pils.ru <> | 2006-08-03 14:03:08 +0500 |
|---|---|---|
| committer | svoj@may.pils.ru <> | 2006-08-03 14:03:08 +0500 |
| commit | 67db270c718a9ea660c85f0c1dececd2ab75a728 (patch) | |
| tree | 1ac7cc2f3f23bc334fdcc56b2fc712635e9ae295 /sql/sql_update.cc | |
| parent | 4e845cccc484f690556925daa6dd81cd83e5b3a8 (diff) | |
| download | mariadb-git-67db270c718a9ea660c85f0c1dececd2ab75a728.tar.gz | |
BUG#7391 - Cross-database multi-table UPDATE uses active database
privileges
This problem is 4.1 specific. It doesn't affect 4.0 and was fixed
in 5.x before.
Having any mysql user who is allowed to issue multi table update
statement and any column/table grants, allows this user to update
any table on a server (mysql grant tables are not exception).
check_grant() accepts number of tables (in table list) to be checked
in 5-th param. While checking grants for multi table update, number
of tables must be 1. It must never be 0 (actually we have
DBUG_ASSERT(number > 0) in 5.x in grant_check() function).
Diffstat (limited to 'sql/sql_update.cc')
| -rw-r--r-- | sql/sql_update.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sql/sql_update.cc b/sql/sql_update.cc index 089d0bf0660..af4ba8025f9 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -628,7 +628,7 @@ int mysql_multi_update_lock(THD *thd, if (!using_lock_tables) tl->table->reginfo.lock_type= tl->lock_type; if (check_access(thd, wants, tl->db, &tl->grant.privilege, 0, 0) || - (grant_option && check_grant(thd, wants, tl, 0, 0, 0))) + (grant_option && check_grant(thd, wants, tl, 0, 1, 0))) { tl->next= save; DBUG_RETURN(1); |