Fix for bug#26106655 "DISCREPANCY BETWEEN IMPLICIT DB OF PARENT TABLE FOR FK AND REFERENCES PRIVILEGE".

Dmitry Lenev · Hery Ramilison · commit d193728ac797 · 2017-06-02T19:47:35.000+02:00
Check for REFERENCES privilege was using incorrect database in some cases.

There was discrepancy between database which was used by SEs for parent
tables and used for check of REFERENCES privilege in cases when no explicit
database was specified for parent table.

This patch removes the discrepancy by aligning check for REFERENCES
privilege with SE behavior.

(cherry picked from commit bd6aa24131505886b06381fcce97d97efa9f6002)
diff --git a/sql/auth/auth_common.h b/sql/auth/auth_common.h
@@ -1,7 +1,7 @@
 #ifndef AUTH_COMMON_INCLUDED
 #define AUTH_COMMON_INCLUDED
 
-/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -695,6 +695,7 @@ bool lock_tables_precheck(THD *thd, TABLE_LIST *tables);
 bool create_table_precheck(THD *thd, TABLE_LIST *tables,
                            TABLE_LIST *create_table);
 bool check_fk_parent_table_access(THD *thd,
+                                  const char *child_table_db,
                                   HA_CREATE_INFO *create_info,
                                   Alter_info *alter_info);
 bool check_readonly(THD *thd, bool err_if_readonly);
diff --git a/sql/auth/sql_authorization.cc b/sql/auth/sql_authorization.cc
@@ -1,4 +1,4 @@
-/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -464,7 +464,8 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
       goto err;
   }
 
-  if (check_fk_parent_table_access(thd, &lex->create_info, &lex->alter_info))
+  if (check_fk_parent_table_access(thd, create_table->db,
+                                   &lex->create_info, &lex->alter_info))
     goto err;
 
   error= FALSE;
@@ -4329,10 +4330,11 @@ bool check_global_access(THD *thd, ulong want_access)
 /**
   Checks foreign key's parent table access.
 
-  @param thd	       [in]	Thread handler
-  @param create_info   [in]     Create information (like MAX_ROWS, ENGINE or
+  @param thd              [in]  Thread handler
+  @param child_table_db   [in]  Database of child table
+  @param create_info      [in]  Create information (like MAX_ROWS, ENGINE or
                                 temporary table flag)
-  @param alter_info    [in]     Initial list of columns and indexes for the
+  @param alter_info       [in]  Initial list of columns and indexes for the
                                 table to be created
 
   @retval
@@ -4341,6 +4343,7 @@ bool check_global_access(THD *thd, ulong want_access)
    true	  error or access denied. Error is sent to client in this case.
 */
 bool check_fk_parent_table_access(THD *thd,
+                                  const char *child_table_db,
                                   HA_CREATE_INFO *create_info,
                                   Alter_info *alter_info)
 {
@@ -4383,10 +4386,17 @@ bool check_fk_parent_table_access(THD *thd,
         if (fk_key->ref_db.str && check_and_convert_db_name(&db_name, false))
           return true;
       }
-      else if (thd->lex->copy_db_to(&db_name.str, &db_name.length))
-        return true;
       else
+      {
+        /*
+          If database name for parent table is not specified explicitly
+          SEs assume that it is the same as database name of child table.
+          We do the same here.
+        */
         is_qualified_table_name= false;
+        db_name.str= const_cast<char*>(child_table_db);
+        db_name.length= strlen(child_table_db);
+      }
 
       // if lower_case_table_names is set then convert tablename to lower case.
       if (lower_case_table_names)
diff --git a/sql/sql_table.cc b/sql/sql_table.cc
@@ -9237,7 +9237,8 @@ bool mysql_alter_table(THD *thd, const char *new_db, const char *new_name,
    till this point for the alter operation.
   */
   if ((alter_info->flags & Alter_info::ADD_FOREIGN_KEY) &&
-      check_fk_parent_table_access(thd, create_info, alter_info))
+      check_fk_parent_table_access(thd, alter_ctx.new_db,
+                                   create_info, alter_info))
     DBUG_RETURN(true);
 
   /*
