Percona Server moved to https://jira.percona.com/projects/PS

Merge lp:~vlad-lesin/percona-server/5.5-bug1083377 into lp:percona-server/5.5

  1. 5.5-bug1083377
  2. Merge into 5.5
Proposed by Vlad Lesin
Status: Merged
Approved by: Stewart Smith
Approved revision: no longer in the source branch.
Merged at revision: 377
Proposed branch: lp:~vlad-lesin/percona-server/5.5-bug1083377
Merge into: lp:percona-server/5.5
Diff against target: 79 lines (+28/-4)
3 files modified
Percona-Server/mysql-test/r/information_schema.result (+4/-0)
Percona-Server/mysql-test/t/information_schema.test (+8/-0)
Percona-Server/sql/sql_acl.cc (+16/-4)
To merge this branch: bzr merge lp:~vlad-lesin/percona-server/5.5-bug1083377
Reviewer Review Type Date Requested Status
Stewart Smith (community) Approve
Sergei Glushchenko (community) g2 Approve
Review via email: mp+137239@code.launchpad.net

Description of the change

Fix for bug #1083377. The original patch can be found here: http://bazaar.launchpad.net/~maria-captains/maria/5.3/revision/2643.153.26 .

Jenkins:
http://jenkins.percona.com/view/PS 5.5/job/percona-server-5.5-param/591/

To post a comment you must log in.
Revision history for this message
Sergei Glushchenko (sergei.glushchenko) wrote :

Approve

review: Approve (g2)
Revision history for this message
Stewart Smith (stewart) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'Percona-Server/mysql-test/r/information_schema.result'
2--- Percona-Server/mysql-test/r/information_schema.result 2012-10-17 03:47:45 +0000
3+++ Percona-Server/mysql-test/r/information_schema.result 2012-11-30 15:41:27 +0000
4@@ -1757,6 +1757,10 @@
5 length(CAST(b AS CHAR))
6 20
7 DROP TABLE ubig;
8+grant usage on *.* to mysqltest_1@localhost;
9+select 1 from information_schema.tables where table_schema=repeat('a', 2000);
10+1
11+drop user mysqltest_1@localhost;
12 End of 5.1 tests.
13 #
14 # Additional test for WL#3726 "DDL locking for all metadata objects"
15
16=== modified file 'Percona-Server/mysql-test/t/information_schema.test'
17--- Percona-Server/mysql-test/t/information_schema.test 2012-07-31 05:33:11 +0000
18+++ Percona-Server/mysql-test/t/information_schema.test 2012-11-30 15:41:27 +0000
19@@ -1444,6 +1444,14 @@
20
21 DROP TABLE ubig;
22
23+#Bug 1083377
24+grant usage on *.* to mysqltest_1@localhost;
25+connect (con1, localhost, mysqltest_1,,);
26+connection con1;
27+select 1 from information_schema.tables where table_schema=repeat('a', 2000);
28+connection default;
29+disconnect con1;
30+drop user mysqltest_1@localhost;
31
32 --echo End of 5.1 tests.
33
34
35=== modified file 'Percona-Server/sql/sql_acl.cc'
36--- Percona-Server/sql/sql_acl.cc 2012-08-07 06:10:00 +0000
37+++ Percona-Server/sql/sql_acl.cc 2012-11-30 15:41:27 +0000
38@@ -1754,14 +1754,20 @@
39 acl_entry *entry;
40 DBUG_ENTER("acl_get");
41
42- mysql_mutex_lock(&acl_cache->lock);
43- end=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);
44+ tmp_db= strmov(strmov(key, ip ? ip : "") + 1, user) + 1;
45+ end= strnmov(tmp_db, db, key + sizeof(key) - tmp_db);
46+
47+ if (end >= key + sizeof(key)) // db name was truncated
48+ DBUG_RETURN(0); // no privileges for an invalid db name
49+
50 if (lower_case_table_names)
51 {
52 my_casedn_str(files_charset_info, tmp_db);
53 db=tmp_db;
54 }
55 key_length= (size_t) (end-key);
56+
57+ mysql_mutex_lock(&acl_cache->lock);
58 if (!db_is_pattern && (entry=(acl_entry*) acl_cache->search((uchar*) key,
59 key_length)))
60 {
61@@ -5114,11 +5120,17 @@
62 bool check_grant_db(THD *thd,const char *db)
63 {
64 Security_context *sctx= thd->security_ctx;
65- char helping [NAME_LEN+USERNAME_LENGTH+2];
66+ char helping [NAME_LEN+USERNAME_LENGTH+2], *end;
67 uint len;
68 bool error= TRUE;
69
70- len= (uint) (strmov(strmov(helping, sctx->priv_user) + 1, db) - helping) + 1;
71+ end= strmov(helping, sctx->priv_user) + 1;
72+ end= strnmov(end, db, helping + sizeof(helping) - end);
73+
74+ if (end >= helping + sizeof(helping)) // db name was truncated
75+ return 1; // no privileges for an invalid db name
76+
77+ len= (uint) (end - helping) + 1;
78
79 mysql_rwlock_rdlock(&LOCK_grant);
80

Subscribers

People subscribed via source and target branches