Fixed bug#31194: Privilege ordering does not order properly

                 for wildcard values.
The server ignored escape character before wildcards during
the calculation of priority values for sorting of a privilege
list. (Actually the server counted an escape character as an
ordinary wildcard like % or _). I.e. the table name template
with a wildcard character like 'tbl_1' had higher priority in
a privilege list than concrete table name without wildcards
like 'tbl\_1', and some privileges of 'tbl\_1' was hidden
by privileges for 'tbl_1'.

The get_sort function has been modified to ignore escaped
wildcards as usual.
parent 8f6ecbca
...@@ -138,3 +138,20 @@ SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by ...@@ -138,3 +138,20 @@ SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by
user host db select_priv user host db select_priv
DROP USER CUser2@localhost; DROP USER CUser2@localhost;
DROP USER CUser2@LOCALHOST; DROP USER CUser2@LOCALHOST;
CREATE DATABASE mysqltest_1;
CREATE TABLE mysqltest_1.t1 (a INT);
CREATE USER 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%';
REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%';
FLUSH PRIVILEGES;
SHOW GRANTS;
Grants for mysqltest1@%
GRANT USAGE ON *.* TO 'mysqltest1'@'%'
GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'
GRANT UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%'
SELECT * FROM mysqltest_1.t1;
a
DROP USER 'mysqltest1'@'%';
DROP DATABASE mysqltest_1;
End of 5.0 tests
...@@ -134,3 +134,29 @@ SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by ...@@ -134,3 +134,29 @@ SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by
DROP USER CUser2@localhost; DROP USER CUser2@localhost;
DROP USER CUser2@LOCALHOST; DROP USER CUser2@LOCALHOST;
#
# Bug#31194: Privilege ordering does not order properly for wildcard values
#
CREATE DATABASE mysqltest_1;
CREATE TABLE mysqltest_1.t1 (a INT);
CREATE USER 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%';
REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%';
FLUSH PRIVILEGES;
connect (conn1,localhost,mysqltest1,,);
connection conn1;
SHOW GRANTS;
SELECT * FROM mysqltest_1.t1;
disconnect conn1;
connection default;
DROP USER 'mysqltest1'@'%';
DROP DATABASE mysqltest_1;
--echo End of 5.0 tests
...@@ -668,7 +668,9 @@ static ulong get_sort(uint count,...) ...@@ -668,7 +668,9 @@ static ulong get_sort(uint count,...)
{ {
for (; *str ; str++) for (; *str ; str++)
{ {
if (*str == wild_many || *str == wild_one || *str == wild_prefix) if (*str == wild_prefix && str[1])
str++;
else if (*str == wild_many || *str == wild_one)
{ {
wild_pos= (uint) (str - start) + 1; wild_pos= (uint) (str - start) + 1;
break; break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment