Attachment #56533 for bug #89203

View | Details | Raw Unified | Return to bug 89203
Collapse All | Expand All

Lines 855-860 Link Here

(-)mysql-dfsg-4.0.24/sql/sql_acl.cc (-2 / +6 lines)
855		855
856	/*	856	/*
857	Get privilege for a host, user and db combination	857	Get privilege for a host, user and db combination
		858
		859	as db_is_pattern changes the semantics of comparison,
		860	acl_cache is not used if db_is_pattern is set.
858	*/	861	*/
859		862
860	ulong acl_get(const char host, const char ip, const char *bin_ip,	863	ulong acl_get(const char host, const char ip, const char *bin_ip,
Lines 875-881 Link Here
875	db=tmp_db;	878	db=tmp_db;
876	}	879	}
877	key_length=(uint) (end-key);	880	key_length=(uint) (end-key);
878	if ((entry=(acl_entry*) acl_cache->search(key,key_length)))	881	if (!db_is_pattern && (entry=(acl_entry*) acl_cache->search(key,key_length)))
879	{	882	{
880	db_access=entry->access;	883	db_access=entry->access;
881	VOID(pthread_mutex_unlock(&acl_cache->lock));	884	VOID(pthread_mutex_unlock(&acl_cache->lock));
Lines 923-929 Link Here
923	}	926	}
924	exit:	927	exit:
925	/* Save entry in cache for quick retrieval */	928	/* Save entry in cache for quick retrieval */
926	if ((entry= (acl_entry*) malloc(sizeof(acl_entry)+key_length)))	929	if (!db_is_pattern &&
		930	(entry= (acl_entry*) malloc(sizeof(acl_entry)+key_length)))
927	{	931	{
928	entry->access=(db_access & host_access);	932	entry->access=(db_access & host_access);
929	entry->length=key_length;	933	entry->length=key_length;




  DBUG_PRINT("enter",("want_access: %lu  master_access: %lu", want_access,
		      thd->master_access));
  ulong db_access,dummy;
  bool  db_is_pattern= test(want_access & GRANT_ACL);
  if (save_priv)
    *save_priv=0;
  else

    */
    db_access= thd->db_access;
    if (!(thd->master_access & SELECT_ACL) &&
	(db && (!thd->db || db_is_pattern || strcmp(db,thd->db))))
      db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
			thd->priv_user, db, db_is_pattern);
    *save_priv=thd->master_access | db_access;
    DBUG_RETURN(FALSE);
  }

  if (db == any_db)
    DBUG_RETURN(FALSE);				// Allow select on anything

  if (db && (!thd->db || db_is_pattern || strcmp(db,thd->db)))
    db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
		      thd->priv_user, db, db_is_pattern);
  else
    db_access=thd->db_access;
  // Remove SHOW attribute and access rights we already have

Return to bug 89203

Lines 2704-2709 Link Here

(-)mysql-dfsg-4.0.24/sql/sql_parse.cc (-4 / +5 lines)
2704	DBUG_PRINT("enter",("want_access: %lu master_access: %lu", want_access,	2704	DBUG_PRINT("enter",("want_access: %lu master_access: %lu", want_access,
2705	thd->master_access));	2705	thd->master_access));
2706	ulong db_access,dummy;	2706	ulong db_access,dummy;
		2707	bool db_is_pattern= test(want_access & GRANT_ACL);
2707	if (save_priv)	2708	if (save_priv)
2708	*save_priv=0;	2709	*save_priv=0;
2709	else	2710	else
Lines 2725-2733 Link Here
2725	*/	2726	*/
2726	db_access= thd->db_access;	2727	db_access= thd->db_access;
2727	if (!(thd->master_access & SELECT_ACL) &&	2728	if (!(thd->master_access & SELECT_ACL) &&
2728	(db && (!thd->db \|\| strcmp(db,thd->db))))	2729	(db && (!thd->db \|\| db_is_pattern \|\| strcmp(db,thd->db))))
2729	db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,	2730	db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
2730	thd->priv_user, db, 0); /* purecov: inspected */	2731	thd->priv_user, db, db_is_pattern);
2731	*save_priv=thd->master_access \| db_access;	2732	*save_priv=thd->master_access \| db_access;
2732	DBUG_RETURN(FALSE);	2733	DBUG_RETURN(FALSE);
2733	}	2734	}
Lines 2745-2753 Link Here
2745	if (db == any_db)	2746	if (db == any_db)
2746	DBUG_RETURN(FALSE); // Allow select on anything	2747	DBUG_RETURN(FALSE); // Allow select on anything
2747		2748
2748	if (db && (!thd->db \|\| strcmp(db,thd->db)))	2749	if (db && (!thd->db \|\| db_is_pattern \|\| strcmp(db,thd->db)))
2749	db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,	2750	db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
2750	thd->priv_user, db, 0); /* purecov: inspected */	2751	thd->priv_user, db, db_is_pattern);
2751	else	2752	else
2752	db_access=thd->db_access;	2753	db_access=thd->db_access;
2753	// Remove SHOW attribute and access rights we already have	2754	// Remove SHOW attribute and access rights we already have