[MDEV-17674] GRANT ON PROCEDURE can be erroneously interpreted as GRANT ON TABLE Created: 2018-11-12 Updated: 2023-04-27 |
|
| Status: | Open |
| Project: | MariaDB Server |
| Component/s: | Parser |
| Affects Version/s: | 5.5, 10.0, 10.1, 10.2, 10.3, 10.4 |
| Fix Version/s: | 10.4 |
| Type: | Bug | Priority: | Major |
| Reporter: | Alexander Barkov | Assignee: | Alexander Barkov |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Issue Links: |
|
||||||||
| Description |
|
I run this script:
It prints the following output in SHOW GRANTS:
Looks fine so far. The procedure name ".p1" was translated to test.p1 (i.e. took the current database name). Now I add run a similar script, but remove the space character in the GRANT command, between procedure and .p1:
Looks wrong. It was translated to:
It should not happen. The keyword PROCEDURE is reserved in MariaDB. It should never be associated with the identifier `procedure`. So
should be interpreted as
. |
| Comments |
| Comment by Alexander Barkov [ 2018-11-12 ] | |||||||||||||||||||||||||||||
|
The same phenomena is repeatable with FUNCTION:
It prints the following output in SHOW GRANTS:
Note, the keyword FUNCTION (unlike PROCEDURE) is not reserved in MariaDB. So this grammar is ambiguous. But it should probably also parse
as
rather than
. | |||||||||||||||||||||||||||||
| Comment by Elena Stepanova [ 2018-11-12 ] | |||||||||||||||||||||||||||||
|
Same apples to TABLE as such:
But should procedure.p (or even procedure .p, for that matter) really work if you interpret procedure as a special word? I'd expect it to throw a syntax error, just as it does when you do
or
| |||||||||||||||||||||||||||||
| Comment by Alexander Barkov [ 2018-11-12 ] | |||||||||||||||||||||||||||||
|
The problem is repeatable with any keyword:
Notice, select.f1 was erroneously interpreted as TABLE `select`.`f1`. It should return a syntax error instead. |