Mirrors
/
mariadb
mirror of https://github.com/MariaDB/server
3
0
Fork 0
Code Releases Activity
Browse Source

Bug#24988 FLUSH PRIVILEGES causes brief unavailability 

- A race condition caused brief unavailablility when trying to acccess
  a table. 
- The variable 'grant_option' was removed to resolve the race condition and
  to simplify the design pattern. This flag was originally intended to optimize
  grant checks.


sql/mysql_priv.h:
  - removed 'grant_option' flag.
sql/sql_acl.cc:
  - removed 'grant_option' flag.
sql/sql_db.cc:
  - removed 'grant_option' flag.
sql/sql_insert.cc:
  - removed 'grant_option' flag.
sql/sql_parse.cc:
  - removed 'grant_option' flag.
  - removed unnecessary variables found_access, found
sql/sql_show.cc:
  - removed 'grant_option' flag.
sql/sql_update.cc:
  - removed 'grant_option' flag.
sql/sql_view.cc:
  - removed 'grant_option' flag.
pull/374/head
unknown 19 years ago
parent
2c06c07a7a
commit
416122b29c
8 changed files with 71 additions and 121 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      sql/mysql_priv.h
  2. 38
      sql/sql_acl.cc
  3. 2
      sql/sql_db.cc
  4. 15
      sql/sql_insert.cc
  5. 121
      sql/sql_parse.cc
  6. 6
      sql/sql_show.cc
  7. 2
      sql/sql_update.cc
  8. 6
      sql/sql_view.cc

2
sql/mysql_priv.h
View File

@ -1678,7 +1678,7 @@ extern ulong log_output_options;
extern my_bool opt_log_queries_not_using_indexes;
extern bool opt_disable_networking, opt_skip_show_db;
extern my_bool opt_character_set_client_handshake;
extern bool volatile abort_loop, shutdown_in_progress, grant_option;
extern bool volatile abort_loop, shutdown_in_progress;
extern uint volatile thread_count, thread_running, global_read_lock;
extern my_bool opt_sql_bin_update, opt_safe_user_create, opt_no_mix_types;
extern my_bool opt_safe_show_db, opt_local_infile, opt_myisam_use_mmap;

38
sql/sql_acl.cc
View File

@ -3136,7 +3136,6 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
}
}
}
thd->mem_root= old_root;
pthread_mutex_unlock(&acl_cache->lock);
@ -3310,7 +3309,6 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc,
continue;
}
}
thd->mem_root= old_root;
pthread_mutex_unlock(&acl_cache->lock);
if (!result && !no_error)
@ -3458,7 +3456,6 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
void grant_free(void)
{
DBUG_ENTER("grant_free");
grant_option = FALSE;
hash_free(&column_priv_hash);
hash_free(&proc_priv_hash);
hash_free(&func_priv_hash);
@ -3493,8 +3490,6 @@ my_bool grant_init()
delete thd;
/* Remember that we don't have a THD */
my_pthread_setspecific_ptr(THR_THD, 0);
/* Set the grant option flag so we will check grants */
grant_option= TRUE;
DBUG_RETURN(return_val);
}
@ -3553,7 +3548,6 @@ static my_bool grant_load(TABLE_LIST *tables)
if (!(mem_check=new (memex_ptr) GRANT_TABLE(t_table,c_table)))
{
/* This could only happen if we are out memory */
grant_option= FALSE;
goto end_unlock;
}
@ -3576,7 +3570,6 @@ static my_bool grant_load(TABLE_LIST *tables)
else if (my_hash_insert(&column_priv_hash,(byte*) mem_check))
{
delete mem_check;
grant_option= FALSE;
goto end_unlock;
}
}
@ -3593,7 +3586,6 @@ static my_bool grant_load(TABLE_LIST *tables)
if (!(mem_check=new (&memex) GRANT_NAME(p_table)))
{
/* This could only happen if we are out memory */
grant_option= FALSE;
goto end_unlock;
}
@ -3632,7 +3624,6 @@ static my_bool grant_load(TABLE_LIST *tables)
else if (my_hash_insert(hash, (byte*) mem_check))
{
delete mem_check;
grant_option= FALSE;
goto end_unlock;
}
}
@ -4004,8 +3995,6 @@ bool check_grant_all_columns(THD *thd, ulong want_access, GRANT_INFO *grant,
want_access &= ~grant->privilege;
if (!want_access)
return 0; // Already checked
if (!grant_option)
goto err2;
rw_rdlock(&LOCK_grant);
@ -4195,18 +4184,15 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name,
bool is_proc)
{
bool no_routine_acl= 1;
if (grant_option)
{
GRANT_NAME *grant_proc;
Security_context *sctx= thd->security_ctx;
rw_rdlock(&LOCK_grant);
if ((grant_proc= routine_hash_search(sctx->priv_host,
sctx->ip, db,
sctx->priv_user,
name, is_proc, 0)))
no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
rw_unlock(&LOCK_grant);
}
GRANT_NAME *grant_proc;
Security_context *sctx= thd->security_ctx;
rw_rdlock(&LOCK_grant);
if ((grant_proc= routine_hash_search(sctx->priv_host,
sctx->ip, db,
sctx->priv_user,
name, is_proc, 0)))
no_routine_acl= !(grant_proc->privs & SHOW_PROC_ACLS);
rw_unlock(&LOCK_grant);
return no_routine_acl;
}
@ -6400,12 +6386,6 @@ void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
/* db privileges */
grant->privilege|= acl_get(sctx->host, sctx->ip, sctx->priv_user, db, 0);
if (!grant_option)
{
DBUG_PRINT("info", ("privilege 0x%lx", grant->privilege));
DBUG_VOID_RETURN;
}
/* table privileges */
rw_rdlock(&LOCK_grant);
if (grant->version != grant_version)

2
sql/sql_db.cc
View File

@ -1448,7 +1448,7 @@ bool mysql_change_db(THD *thd, const LEX_STRING *new_db_name, bool force_switch)
if (!force_switch &&
!(db_access & DB_ACLS) &&
(!grant_option || check_grant_db(thd, new_db_file_name.str)))
check_grant_db(thd, new_db_file_name.str))
{
my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
sctx->priv_user,

15
sql/sql_insert.cc
View File

@ -189,15 +189,12 @@ static int check_insert_fields(THD *thd, TABLE_LIST *table_list,
return -1;
}
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (grant_option)
{
Field_iterator_table field_it;
field_it.set_table(table);
if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
table->s->db.str, table->s->table_name.str,
&field_it))
return -1;
}
Field_iterator_table field_it;
field_it.set_table(table);
if (check_grant_all_columns(thd, INSERT_ACL, &table->grant,
table->s->db.str, table->s->table_name.str,
&field_it))
return -1;
#endif
clear_timestamp_auto_bits(table->timestamp_field_type,
TIMESTAMP_AUTO_SET_ON_INSERT);

121
sql/sql_parse.cc
View File

@ -987,8 +987,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
if (check_access(thd,SELECT_ACL,table_list.db,&table_list.grant.privilege,
0, 0, test(table_list.schema_table)))
break;
if (grant_option &&
check_grant(thd, SELECT_ACL, &table_list, 2, UINT_MAX, 0))
if (check_grant(thd, SELECT_ACL, &table_list, 2, UINT_MAX, 0))
break;
/* init structures for VIEW processing */
table_list.select_lex= &(thd->lex->select_lex);
@ -2049,12 +2048,10 @@ mysql_execute_command(THD *thd)
&first_table->grant.privilege, 0, 0,
test(first_table->schema_table)))
goto error; /* purecov: inspected */
if (grant_option)
{
/* Check that the first table has CREATE privilege */
if (check_grant(thd, CREATE_ACL, all_tables, 0, 1, 0))
goto error;
}
/* Check that the first table has CREATE privilege */
if (check_grant(thd, CREATE_ACL, all_tables, 0, 1, 0))
goto error;
pthread_mutex_lock(&LOCK_active_mi);
/*
fetch_master_table will send the error to the client on failure.
@ -2320,22 +2317,20 @@ end_with_restore_list:
(TABLE_LIST *)
lex->create_info.merge_list.first))
goto error; /* purecov: inspected */
if (grant_option)
{
if (check_grant(thd, priv_needed, all_tables, 0, UINT_MAX, 0))
goto error;
if (lex->name.str && !test_all_bits(priv,INSERT_ACL | CREATE_ACL))
{ // Rename of table
TABLE_LIST tmp_table;
bzero((char*) &tmp_table,sizeof(tmp_table));
tmp_table.table_name= lex->name.str;
tmp_table.db=select_lex->db;
tmp_table.grant.privilege=priv;
if (check_grant(thd, INSERT_ACL | CREATE_ACL, &tmp_table, 0,
UINT_MAX, 0))
goto error;
}
if (check_grant(thd, priv_needed, all_tables, 0, UINT_MAX, 0))
goto error;
if (lex->name.str && !test_all_bits(priv,INSERT_ACL | CREATE_ACL))
{ // Rename of table
TABLE_LIST tmp_table;
bzero((char*) &tmp_table,sizeof(tmp_table));
tmp_table.table_name= lex->name.str;
tmp_table.db=select_lex->db;
tmp_table.grant.privilege=priv;
if (check_grant(thd, INSERT_ACL | CREATE_ACL, &tmp_table, 0,
UINT_MAX, 0))
goto error;
}
/* Don't yet allow changing of symlinks with ALTER TABLE */
if (lex->create_info.data_file_name)
push_warning(thd, MYSQL_ERROR::WARN_LEVEL_WARN, 0,
@ -2377,21 +2372,18 @@ end_with_restore_list:
&table->next_local->grant.privilege, 0, 0,
test(table->next_local->schema_table)))
goto error;
if (grant_option)
{
TABLE_LIST old_list, new_list;
/*
we do not need initialize old_list and new_list because we will
come table[0] and table->next[0] there
*/
old_list= table[0];
new_list= table->next_local[0];
if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, 1, 0) ||
(!test_all_bits(table->next_local->grant.privilege,
INSERT_ACL | CREATE_ACL) &&
check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0, 1, 0)))
goto error;
}
TABLE_LIST old_list, new_list;
/*
we do not need initialize old_list and new_list because we will
come table[0] and table->next[0] there
*/
old_list= table[0];
new_list= table->next_local[0];
if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, 1, 0) ||
(!test_all_bits(table->next_local->grant.privilege,
INSERT_ACL | CREATE_ACL) &&
check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0, 1, 0)))
goto error;
}
query_cache_invalidate3(thd, first_table, 0);
if (end_active_trans(thd) || mysql_rename_tables(thd, first_table, 0))
@ -2898,7 +2890,7 @@ end_with_restore_list:
goto error;
#else
{
if (grant_option && check_access(thd, FILE_ACL, any_db,0,0,0,0))
if (check_access(thd, FILE_ACL, any_db,0,0,0,0))
goto error;
res= ha_show_status(thd, lex->create_info.db_type, HA_ENGINE_LOGS);
break;
@ -3345,8 +3337,7 @@ end_with_restore_list:
uint grants= lex->all_privileges
? (PROC_ACLS & ~GRANT_ACL) | (lex->grant & GRANT_ACL)
: lex->grant;
if (grant_option &&
check_grant_routine(thd, grants | GRANT_ACL, all_tables,
if (check_grant_routine(thd, grants | GRANT_ACL, all_tables,
lex->type == TYPE_ENUM_PROCEDURE, 0))
goto error;
/* Conditionally writes to binlog */
@ -3357,10 +3348,8 @@ end_with_restore_list:
}
else
{
if (grant_option && check_grant(thd,
(lex->grant | lex->grant_tot_col |
GRANT_ACL),
all_tables, 0, UINT_MAX, 0))
if (check_grant(thd,(lex->grant | lex->grant_tot_col | GRANT_ACL),
all_tables, 0, UINT_MAX, 0))
goto error;
/* Conditionally writes to binlog */
res= mysql_table_grant(thd, all_tables, lex->users_list,
@ -4475,8 +4464,7 @@ bool check_single_table_access(THD *thd, ulong privilege,
goto deny;
/* Show only 1 table for check_grant */
if (grant_option &&
!(all_tables->belong_to_view &&
if (!(all_tables->belong_to_view &&
(thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
check_grant(thd, privilege, all_tables, 0, 1, no_errors))
goto deny;
@ -4644,9 +4632,8 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
db_access, want_access));
db_access= ((*save_priv=(db_access | sctx->master_access)) & want_access);
/* grant_option is set if there exists a single table or column grant */
if (db_access == want_access ||
(grant_option && !dont_check_global_grants &&
(!dont_check_global_grants &&
!(want_access & ~(db_access | TABLE_ACLS | PROC_ACLS))))
DBUG_RETURN(FALSE); /* Ok */
@ -4745,8 +4732,7 @@ static bool check_show_access(THD *thd, TABLE_LIST *table)
test(dst_table->schema_table)))
return FALSE;
return (grant_option &&
check_grant(thd, SELECT_ACL, dst_table, 2, UINT_MAX, FALSE));
return (check_grant(thd, SELECT_ACL, dst_table, 2, UINT_MAX, FALSE));
}
default:
break;
@ -4783,8 +4769,6 @@ bool
check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
bool no_errors)
{
uint found=0;
ulong found_access=0;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
TABLE_LIST *org_tables= tables;
#endif
@ -4835,26 +4819,17 @@ check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
tables->grant.privilege= want_access;
else if (tables->db && thd->db && strcmp(tables->db, thd->db) == 0)
{
if (found && !grant_option) // db already checked
tables->grant.privilege=found_access;
else
{
if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
0, no_errors, test(tables->schema_table)))
goto deny; // Access denied
found_access=tables->grant.privilege;
found=1;
}
goto deny; // Access denied
}
else if (check_access(thd,want_access,tables->db,&tables->grant.privilege,
0, no_errors, test(tables->schema_table)))
goto deny;
}
thd->security_ctx= backup_ctx;
if (grant_option)
return check_grant(thd,want_access & ~EXTRA_ACL,org_tables,
return check_grant(thd,want_access & ~EXTRA_ACL,org_tables,
test(want_access & EXTRA_ACL), UINT_MAX, no_errors);
return FALSE;
deny:
thd->security_ctx= backup_ctx;
return TRUE;
@ -4884,11 +4859,10 @@ check_routine_access(THD *thd, ulong want_access,char *db, char *name,
return TRUE;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (grant_option)
return check_grant_routine(thd, want_access, tables, is_proc, no_errors);
#endif
#else
return FALSE;
#endif
}
@ -4950,7 +4924,7 @@ bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table)
if (!check_access(thd, access, table->db,
&table->grant.privilege, 0, 1,
test(table->schema_table)) &&
!grant_option || !check_grant(thd, access, table, 0, 1, 1))
!check_grant(thd, access, table, 0, 1, 1))
DBUG_RETURN(0);
}
}
@ -6611,12 +6585,11 @@ bool multi_update_precheck(THD *thd, TABLE_LIST *tables)
else if ((check_access(thd, UPDATE_ACL, table->db,
&table->grant.privilege, 0, 1,
test(table->schema_table)) ||
grant_option &&
check_grant(thd, UPDATE_ACL, table, 0, 1, 1)) &&
(check_access(thd, SELECT_ACL, table->db,
&table->grant.privilege, 0, 0,
test(table->schema_table)) ||
grant_option && check_grant(thd, SELECT_ACL, table, 0, 1, 0)))
check_grant(thd, SELECT_ACL, table, 0, 1, 0)))
DBUG_RETURN(TRUE);
table->table_in_first_from_clause= 1;
@ -6634,7 +6607,7 @@ bool multi_update_precheck(THD *thd, TABLE_LIST *tables)
if (check_access(thd, SELECT_ACL, table->db,
&table->grant.privilege, 0, 0,
test(table->schema_table)) ||
grant_option && check_grant(thd, SELECT_ACL, table, 0, 1, 0))
check_grant(thd, SELECT_ACL, table, 0, 1, 0))
DBUG_RETURN(TRUE);
}
}
@ -6856,7 +6829,7 @@ static bool check_show_create_table_access(THD *thd, TABLE_LIST *table)
return check_access(thd, SELECT_ACL | EXTRA_ACL, table->db,
&table->grant.privilege, 0, 0,
test(table->schema_table)) ||
grant_option && check_grant(thd, SELECT_ACL, table, 2, UINT_MAX, 0);
check_grant(thd, SELECT_ACL, table, 2, UINT_MAX, 0);
}
@ -6893,7 +6866,7 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
(TABLE_LIST *)
lex->create_info.merge_list.first))
goto err;
if (grant_option && want_priv != CREATE_TMP_ACL &&
if (want_priv != CREATE_TMP_ACL &&
check_grant(thd, want_priv, create_table, 0, 1, 0))
goto err;

6
sql/sql_show.cc
View File

@ -706,7 +706,7 @@ bool mysqld_show_create_db(THD *thd, char *dbname,
else
db_access= (acl_get(sctx->host, sctx->ip, sctx->priv_user, dbname, 0) |
sctx->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
if (!(db_access & DB_ACLS) && check_grant_db(thd,dbname))
{
my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
sctx->priv_user, sctx->host_or_ip, dbname);
@ -2649,7 +2649,7 @@ int get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond)
&thd->col_access, 0, 1, with_i_schema) ||
sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(sctx->host, sctx->ip, sctx->priv_user, base_name,0) ||
(grant_option && !check_grant_db(thd, base_name)))
!check_grant_db(thd, base_name))
#endif
{
List<char> files;
@ -2849,7 +2849,7 @@ int fill_schema_shemata(THD *thd, TABLE_LIST *tables, COND *cond)
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (sctx->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(sctx->host, sctx->ip, sctx->priv_user, file_name,0) ||
(grant_option && !check_grant_db(thd, file_name)))
!check_grant_db(thd, file_name))
#endif
{
load_db_opt_by_name(thd, file_name, &create);

2
sql/sql_update.cc
View File

@ -936,7 +936,7 @@ reopen_tables:
if (check_access(thd, want_privilege,
tl->db, &tl->grant.privilege, 0, 0,
test(tl->schema_table)) ||
(grant_option && check_grant(thd, want_privilege, tl, 0, 1, 0)))
check_grant(thd, want_privilege, tl, 0, 1, 0))
DBUG_RETURN(TRUE);
}
}

6
sql/sql_view.cc
View File

@ -322,11 +322,11 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
*/
if ((check_access(thd, CREATE_VIEW_ACL, view->db, &view->grant.privilege,
0, 0, is_schema_db(view->db)) ||
grant_option && check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
(mode != VIEW_CREATE_NEW &&
(check_access(thd, DROP_ACL, view->db, &view->grant.privilege,
0, 0, is_schema_db(view->db)) ||
grant_option && check_grant(thd, DROP_ACL, view, 0, 1, 0))))
check_grant(thd, DROP_ACL, view, 0, 1, 0))))
{
res= TRUE;
goto err;
@ -379,7 +379,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
{
if (check_access(thd, SELECT_ACL, tbl->db,
&tbl->grant.privilege, 0, 0, test(tbl->schema_table)) ||
grant_option && check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
check_grant(thd, SELECT_ACL, tbl, 0, 1, 0))
{
res= TRUE;
goto err;

Write Preview
Loading…
Cancel
Save