cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Fixed bug in privilege checking where, under some conditions, one

Browse Source 
was able to grant privileges on the database, he has no privileges
  on. (Bug #3933)
This commit is contained in:
brad 2004-10-20 07:36:04 +00:00
parent 748c1d4b56
commit f224072f1b
9 changed files with 261 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
databases/mysql/patches/patch-include_my_sys_h Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-include_my_sys_h,v 1.1 2004/10/20 07:36:04 brad Exp $
--- include/my_sys.h.orig Thu May 13 20:53:30 2004
+++ include/my_sys.h Wed Oct 20 00:50:18 2004
@@ -620,7 +620,7 @@ extern my_string my_path(my_string to,co
const char *own_pathname_part);
extern my_string my_load_path(my_string to, const char *path,
const char *own_path_prefix);
-extern int wild_compare(const char *str,const char *wildstr);
+extern int wild_compare(const char *str,const char *wildstr,pbool str_is_pattern);
extern my_string my_strcasestr(const char *src,const char *suffix);
extern int my_strcasecmp(const char *s,const char *t);
extern int my_strsortcmp(const char *s,const char *t);

94
databases/mysql/patches/patch-mysys_mf_wcomp_c Normal file
View File

@ -0,0 +1,94 @@
$OpenBSD: patch-mysys_mf_wcomp_c,v 1.1 2004/10/20 07:36:04 brad Exp $
--- mysys/mf_wcomp.c.orig Thu May 13 20:53:18 2004
+++ mysys/mf_wcomp.c Wed Oct 20 00:50:18 2004
@@ -23,11 +23,12 @@
char wild_many='*';
char wild_one='?';
-char wild_prefix=0;
+char wild_prefix=0; /* QQ this can potentially cause a SIGSEGV */
-int wild_compare(register const char *str, register const char *wildstr)
+int wild_compare(register const char *str, register const char *wildstr,
+ pbool str_is_pattern)
{
- reg3 int flag;
+ char cmp;
DBUG_ENTER("wild_compare");
while (*wildstr)
@@ -35,33 +36,55 @@ int wild_compare(register const char *st
while (*wildstr && *wildstr != wild_many && *wildstr != wild_one)
{
if (*wildstr == wild_prefix && wildstr[1])
+ {
wildstr++;
- if (*wildstr++ != *str++) DBUG_RETURN(1);
+ if (str_is_pattern && *str++ != wild_prefix)
+ DBUG_RETURN(1);
+ }
+ if (*wildstr++ != *str++)
+ DBUG_RETURN(1);
}
- if (! *wildstr ) DBUG_RETURN (*str != 0);
+ if (! *wildstr )
+ DBUG_RETURN(*str != 0);
if (*wildstr++ == wild_one)
{
- if (! *str++) DBUG_RETURN (1); /* One char; skipp */
+ if (! *str || (str_is_pattern && *str == wild_many))
+ DBUG_RETURN(1); /* One char; skip */
+ if (*str++ == wild_prefix && str_is_pattern && *str)
+ str++;
}
else
{ /* Found '*' */
- if (!*wildstr) DBUG_RETURN(0); /* '*' as last char: OK */
- flag=(*wildstr != wild_many && *wildstr != wild_one);
- do
+ while (str_is_pattern && *str == wild_many)
+ str++;
+ for (; *wildstr == wild_many || *wildstr == wild_one; wildstr++)
+ if (*wildstr == wild_many)
+ {
+ while (str_is_pattern && *str == wild_many)
+ str++;
+ }
+ else
+ {
+ if (str_is_pattern && *str == wild_prefix && str[1])
+ str+=2;
+ else if (! *str++)
+ DBUG_RETURN (1);
+ }
+ if (!*wildstr)
+ DBUG_RETURN(0); /* '*' as last char: OK */
+ if ((cmp= *wildstr) == wild_prefix && wildstr[1] && !str_is_pattern)
+ cmp=wildstr[1];
+ for (;;str++)
{
- if (flag)
- {
- char cmp;
- if ((cmp= *wildstr) == wild_prefix && wildstr[1])
- cmp=wildstr[1];
- while (*str && *str != cmp)
- str++;
- if (!*str) DBUG_RETURN (1);
- }
- if (wild_compare(str,wildstr) == 0) DBUG_RETURN (0);
- } while (*str++ && wildstr[0] != wild_many);
- DBUG_RETURN(1);
+ while (*str && *str != cmp)
+ str++;
+ if (!*str)
+ DBUG_RETURN (1);
+ if (wild_compare(str,wildstr,str_is_pattern) == 0)
+ DBUG_RETURN (0);
+ }
+ /* We will never come here */
}
}
- DBUG_RETURN (*str != '\0');
+ DBUG_RETURN (*str != 0);
} /* wild_compare */

21
databases/mysql/patches/patch-mysys_mf_wfile_c Normal file
View File

@ -0,0 +1,21 @@
$OpenBSD: patch-mysys_mf_wfile_c,v 1.1 2004/10/20 07:36:04 brad Exp $
--- mysys/mf_wfile.c.orig Thu May 13 20:53:35 2004
+++ mysys/mf_wfile.c Wed Oct 20 00:50:18 2004
@@ -106,7 +106,7 @@ int wf_test(register WF_PACK *wf_pack, r
not_pos=wf_pack->not_pos;
for (i=0 ; i < not_pos; i++)
- if (wild_compare(name,wf_pack->wild[i]) == 0)
+ if (wild_compare(name,wf_pack->wild[i],0) == 0)
goto found;
if (i)
DBUG_RETURN(1); /* No-match */
@@ -115,7 +115,7 @@ found:
/* Test that it isn't in not-list */
for (i=not_pos ; i < wf_pack->wilds; i++)
- if (wild_compare(name,wf_pack->wild[i]) == 0)
+ if (wild_compare(name,wf_pack->wild[i],0) == 0)
DBUG_RETURN(1);
DBUG_RETURN(0);
} /* wf_test */

48
databases/mysql/patches/patch-sql_sql_acl_cc Normal file
View File

@ -0,0 +1,48 @@
$OpenBSD: patch-sql_sql_acl_cc,v 1.3 2004/10/20 07:36:04 brad Exp $
--- sql/sql_acl.cc.orig Thu May 13 20:53:35 2004
+++ sql/sql_acl.cc Wed Oct 20 00:50:19 2004
@@ -834,7 +834,7 @@ static void acl_insert_db(const char *us
*/
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
- const char *user, const char *db)
+ const char *user, const char *db, my_bool db_is_pattern)
{
ulong host_access,db_access;
uint i,key_length;
@@ -868,7 +868,7 @@ ulong acl_get(const char *host, const ch
{
if (compare_hostname(&acl_db->host,host,ip))
{
- if (!acl_db->db || !wild_compare(db,acl_db->db))
+ if (!acl_db->db || !wild_compare(db,acl_db->db,db_is_pattern))
{
db_access=acl_db->access;
if (acl_db->host.hostname)
@@ -890,7 +890,7 @@ ulong acl_get(const char *host, const ch
ACL_HOST *acl_host=dynamic_element(&acl_hosts,i,ACL_HOST*);
if (compare_hostname(&acl_host->host,host,ip))
{
- if (!acl_host->db || !wild_compare(db,acl_host->db))
+ if (!acl_host->db || !wild_compare(db,acl_host->db,0))
{
host_access=acl_host->access; // Fully specified. Take it
break;
@@ -1222,7 +1222,7 @@ static bool compare_hostname(const acl_h
}
return (!host->hostname ||
(hostname && !wild_case_compare(hostname,host->hostname)) ||
- (ip && !wild_compare(ip,host->hostname)));
+ (ip && !wild_compare(ip,host->hostname,0)));
}
@@ -1300,7 +1300,7 @@ static bool test_if_create_new_users(THD
tl.db= (char*) "mysql";
tl.real_name= (char*) "user";
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
- thd->priv_user, tl.db);
+ thd->priv_user, tl.db, 0);
if (!(db_access & INSERT_ACL))
{
if (check_grant(thd,INSERT_ACL,&tl,0,1))

12
databases/mysql/patches/patch-sql_sql_acl_h Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-sql_sql_acl_h,v 1.1 2004/10/20 07:36:04 brad Exp $
--- sql/sql_acl.h.orig Thu May 13 20:53:22 2004
+++ sql/sql_acl.h Wed Oct 20 00:50:19 2004
@@ -85,7 +85,7 @@ my_bool acl_init(THD *thd, bool dont_re
void acl_reload(THD *thd);
void acl_free(bool end=0);
ulong acl_get(const char *host, const char *ip, const char *bin_ip,
- const char *user, const char *db);
+ const char *user, const char *db, my_bool db_is_pattern);
ulong acl_getroot(THD *thd, const char *host, const char *ip, const char *user,
const char *password,const char *scramble,
char **priv_user, char *priv_host,

12
databases/mysql/patches/patch-sql_sql_base_cc Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-sql_sql_base_cc,v 1.1 2004/10/20 07:36:04 brad Exp $
--- sql/sql_base.cc.orig Thu May 13 20:53:18 2004
+++ sql/sql_base.cc Wed Oct 20 00:50:19 2004
@@ -149,7 +149,7 @@ OPEN_TABLE_LIST *list_open_tables(THD *t
if (wild)
{
strxmov(name,entry->table_cache_key,".",entry->real_name,NullS);
- if (wild_compare(name,wild))
+ if (wild_compare(name,wild,0))
continue;
}

12
databases/mysql/patches/patch-sql_sql_db_cc Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-sql_sql_db_cc,v 1.1 2004/10/20 07:36:04 brad Exp $
--- sql/sql_db.cc.orig Thu May 13 20:53:31 2004
+++ sql/sql_db.cc Wed Oct 20 00:50:19 2004
@@ -408,7 +408,7 @@ bool mysql_change_db(THD *thd,const char
db_access=DB_ACLS;
else
db_access= (acl_get(thd->host,thd->ip,(char*) &thd->remote.sin_addr,
- thd->priv_user,dbname) |
+ thd->priv_user,dbname,0) |
thd->master_access);
if (!(db_access & DB_ACLS) && (!grant_option || check_grant_db(thd,dbname)))
{

22
databases/mysql/patches/patch-sql_sql_parse_cc
View File

@ -1,6 +1,24 @@
$OpenBSD: patch-sql_sql_parse_cc,v 1.1 2004/10/20 04:47:29 brad Exp $
$OpenBSD: patch-sql_sql_parse_cc,v 1.2 2004/10/20 07:36:04 brad Exp $
--- sql/sql_parse.cc.orig Thu May 13 20:53:18 2004
+++ sql/sql_parse.cc Tue Oct 19 22:22:11 2004
+++ sql/sql_parse.cc Wed Oct 20 00:50:19 2004
@@ -2670,7 +2670,7 @@ check_access(THD *thd, ulong want_access
if (!(thd->master_access & SELECT_ACL) &&
(db && (!thd->db || strcmp(db,thd->db))))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
- thd->priv_user, db); /* purecov: inspected */
+ thd->priv_user, db, 0); /* purecov: inspected */
*save_priv=thd->master_access | db_access;
DBUG_RETURN(FALSE);
}
@@ -2690,7 +2690,7 @@ check_access(THD *thd, ulong want_access
if (db && (!thd->db || strcmp(db,thd->db)))
db_access=acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
- thd->priv_user, db); /* purecov: inspected */
+ thd->priv_user, db, 0); /* purecov: inspected */
else
db_access=thd->db_access;
// Remove SHOW attribute and access rights we already have
@@ -3155,7 +3155,10 @@ bool add_field_to_list(char *field_name,
break;
case FIELD_TYPE_DECIMAL:

30
databases/mysql/patches/patch-sql_sql_show_cc Normal file
View File

@ -0,0 +1,30 @@
$OpenBSD: patch-sql_sql_show_cc,v 1.1 2004/10/20 07:36:04 brad Exp $
--- sql/sql_show.cc.orig Thu May 13 20:53:23 2004
+++ sql/sql_show.cc Wed Oct 20 00:50:19 2004
@@ -78,7 +78,7 @@ mysqld_show_dbs(THD *thd,const char *wil
{
if (thd->master_access & (DB_ACLS | SHOW_DB_ACL) ||
acl_get(thd->host, thd->ip, (char*) &thd->remote.sin_addr,
- thd->priv_user, file_name) ||
+ thd->priv_user, file_name, 0) ||
(grant_option && !check_grant_db(thd, file_name)))
{
thd->packet.length(0);
@@ -214,7 +214,7 @@ mysql_find_files(THD *thd,List<char> *fi
#endif
{
if (file->name[0] == '.' || !MY_S_ISDIR(file->mystat->st_mode) ||
- (wild && wild_compare(file->name,wild)))
+ (wild && wild_compare(file->name,wild, 0)))
continue;
}
}
@@ -232,7 +232,7 @@ mysql_find_files(THD *thd,List<char> *fi
if (wild_case_compare(file->name,wild))
continue;
}
- else if (wild_compare(file->name,wild))
+ else if (wild_compare(file->name,wild, 0))
continue;
}
}