summaryrefslogtreecommitdiff
path: root/sql/sql_acl.cc
diff options
context:
space:
mode:
Diffstat (limited to 'sql/sql_acl.cc')
-rw-r--r--sql/sql_acl.cc51
1 files changed, 34 insertions, 17 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index c52463fbc91..d94016b7815 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -8458,7 +8458,8 @@ bool check_grant_all_columns(THD *thd, privilege_t want_access_arg,
grant_table= grant->grant_table_user;
grant_table_role= grant->grant_table_role;
- DBUG_ASSERT (grant_table || grant_table_role);
+ if (!grant_table && !grant_table_role)
+ goto err;
}
}
@@ -12212,7 +12213,7 @@ int wild_case_compare(CHARSET_INFO *cs, const char *str,const char *wildstr)
#ifndef NO_EMBEDDED_ACCESS_CHECKS
-static bool update_schema_privilege(THD *thd, TABLE *table, char *buff,
+static bool update_schema_privilege(THD *thd, TABLE *table, const char *buff,
const char* db, const char* t_name,
const char* column, uint col_length,
const char *priv, uint priv_length,
@@ -12236,13 +12237,27 @@ static bool update_schema_privilege(THD *thd, TABLE *table, char *buff,
#endif
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+class Grantee_str
+{
+ char m_buff[USER_HOST_BUFF_SIZE + 6 /* 4 quotes, @, '\0' */];
+public:
+ Grantee_str(const char *user, const char *host)
+ {
+ DBUG_ASSERT(strlen(user) + strlen(host) + 6 < sizeof(m_buff));
+ strxmov(m_buff, "'", user, "'@'", host, "'", NullS);
+ }
+ operator const char *() const { return m_buff; }
+};
+#endif
+
+
int fill_schema_user_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
#ifndef NO_EMBEDDED_ACCESS_CHECKS
int error= 0;
uint counter;
ACL_USER *acl_user;
- char buff[100];
TABLE *table= tables->table;
bool no_global_access= check_access(thd, SELECT_ACL, "mysql",
NULL, NULL, 1, 1);
@@ -12267,10 +12282,10 @@ int fill_schema_user_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
if (!(want_access & GRANT_ACL))
is_grantable= "NO";
- strxmov(buff,"'",user,"'@'",host,"'",NullS);
+ Grantee_str grantee(user, host);
if (!(want_access & ~GRANT_ACL))
{
- if (update_schema_privilege(thd, table, buff, 0, 0, 0, 0,
+ if (update_schema_privilege(thd, table, grantee, 0, 0, 0, 0,
STRING_WITH_LEN("USAGE"), is_grantable))
{
error= 1;
@@ -12286,7 +12301,7 @@ int fill_schema_user_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
if (test_access & j)
{
- if (update_schema_privilege(thd, table, buff, 0, 0, 0, 0,
+ if (update_schema_privilege(thd, table, grantee, 0, 0, 0, 0,
command_array[priv_id],
command_lengths[priv_id], is_grantable))
{
@@ -12313,7 +12328,6 @@ int fill_schema_schema_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
int error= 0;
uint counter;
ACL_DB *acl_db;
- char buff[100];
TABLE *table= tables->table;
bool no_global_access= check_access(thd, SELECT_ACL, "mysql",
NULL, NULL, 1, 1);
@@ -12342,10 +12356,10 @@ int fill_schema_schema_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
is_grantable= "NO";
}
- strxmov(buff,"'",user,"'@'",host,"'",NullS);
+ Grantee_str grantee(user, host);
if (!(want_access & ~GRANT_ACL))
{
- if (update_schema_privilege(thd, table, buff, acl_db->db, 0, 0,
+ if (update_schema_privilege(thd, table, grantee, acl_db->db, 0, 0,
0, STRING_WITH_LEN("USAGE"), is_grantable))
{
error= 1;
@@ -12360,7 +12374,8 @@ int fill_schema_schema_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
for (cnt=0, j = SELECT_ACL; j <= DB_ACLS; cnt++,j <<= 1)
if (test_access & j)
{
- if (update_schema_privilege(thd, table, buff, acl_db->db, 0, 0, 0,
+ if (update_schema_privilege(thd, table,
+ grantee, acl_db->db, 0, 0, 0,
command_array[cnt], command_lengths[cnt],
is_grantable))
{
@@ -12386,7 +12401,6 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
#ifndef NO_EMBEDDED_ACCESS_CHECKS
int error= 0;
uint index;
- char buff[100];
TABLE *table= tables->table;
bool no_global_access= check_access(thd, SELECT_ACL, "mysql",
NULL, NULL, 1, 1);
@@ -12419,10 +12433,11 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
if (!(table_access & GRANT_ACL))
is_grantable= "NO";
- strxmov(buff, "'", user, "'@'", host, "'", NullS);
+ Grantee_str grantee(user, host);
if (!test_access)
{
- if (update_schema_privilege(thd, table, buff, grant_table->db,
+ if (update_schema_privilege(thd, table,
+ grantee, grant_table->db,
grant_table->tname, 0, 0,
STRING_WITH_LEN("USAGE"), is_grantable))
{
@@ -12438,7 +12453,8 @@ int fill_schema_table_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
{
if (test_access & j)
{
- if (update_schema_privilege(thd, table, buff, grant_table->db,
+ if (update_schema_privilege(thd, table,
+ grantee, grant_table->db,
grant_table->tname, 0, 0,
command_array[cnt],
command_lengths[cnt], is_grantable))
@@ -12466,7 +12482,6 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
#ifndef NO_EMBEDDED_ACCESS_CHECKS
int error= 0;
uint index;
- char buff[100];
TABLE *table= tables->table;
bool no_global_access= check_access(thd, SELECT_ACL, "mysql",
NULL, NULL, 1, 1);
@@ -12493,7 +12508,7 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
is_grantable= "NO";
privilege_t test_access(table_access & ~GRANT_ACL);
- strxmov(buff, "'", user, "'@'", host, "'", NullS);
+ Grantee_str grantee(user, host);
if (!test_access)
continue;
else
@@ -12512,7 +12527,9 @@ int fill_schema_column_privileges(THD *thd, TABLE_LIST *tables, COND *cond)
my_hash_element(&grant_table->hash_columns,col_index);
if ((grant_column->rights & j) && (table_access & j))
{
- if (update_schema_privilege(thd, table, buff, grant_table->db,
+ if (update_schema_privilege(thd, table,
+ grantee,
+ grant_table->db,
grant_table->tname,
grant_column->column,
grant_column->key_length,
View Lorry Controller Status