[#MDEV-29465] Inherited columns privs for roles wrongly set mysql.tables

create user foo;

create database some_db;

create table some_db.t1 (a int, b int, secret int);

create role r_select_column;

create role r_active_column;

grant r_select_column to r_active_column;

grant r_active_column to foo;

grant select(a) on some_db.t1 to r_select_column;

select * from mysql.tables_priv order by user;

Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv

	some_db	r_select_column	t1	root@localhost	0000-00-00 00:00:00		Select

grant insert(a) on some_db.t1 to r_active_column;

select * from mysql.tables_priv order by user;

Host	Db	User	Table_name	Grantor	Timestamp	Table_priv	Column_priv

	some_db	r_active_column	t1	root@localhost	0000-00-00 00:00:00		Select, Insert

	some_db	r_select_column	t1	root@localhost	0000-00-00 00:00:00		Select

-- There shouldn't be `Select` priv stored in Column_priv for r_active_column!

The cause of this bug is the mixing of GRANT_TABLE::cols and GRANT_TABLE::init_cols within the mysql_table_grant function.

There is a similar bug for GRANT_COLUMN::rights and GRANT_COLUMN::init_rights.

[MDEV-29465] Inherited columns privs for roles wrongly set mysql.tables_priv column Created: 2022-09-05 Updated: 2022-11-30 Resolved: 2022-09-14
Status:	Closed
Project:	MariaDB Server
Component/s:	Authentication and Privilege System
Affects Version/s:	10.3
Fix Version/s:	10.3.37, 10.4.27, 10.5.18, 10.6.11, 10.7.7, 10.8.6, 10.9.4