[MDEV-7025] ANALYZE SELECT/INSERT/UPDATE/DELETE from a view does not check access permissions on the underlying table Created: 2014-11-05  Updated: 2015-03-16  Resolved: 2015-03-10

Status: Closed
Project: MariaDB Server
Component/s: Views
Affects Version/s: 10.1.1
Fix Version/s: 10.1.4

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Vicențiu Ciorbaru
Resolution: Fixed Votes: 0
Labels: analyze-stmt

Issue Links:
Relates
relates to MDEV-406 ANALYZE $stmt Closed
relates to MDEV-6382 ANALYZE $stmt and security Closed
relates to MDEV-6422 More testing for ANALYZE stmt and JSON Closed

 Description   

Test case

 
--enable_connect_log
 
create database db;
 
use db;
 
create table t1 (i int, c varchar(8));
 
insert into t1 values (1,'foo'),(2,'bar'),(3,'baz'),(4,'qux');
 
create view v1 as select * from t1 where i > 1;
 
grant all on db.v1 to u1@localhost;
 
 
 
--connect (con1,localhost,u1,,)
 
 
 
--error ER_TABLEACCESS_DENIED_ERROR
 
select * from db.t1;
 
--error ER_TABLEACCESS_DENIED_ERROR
 
explain select * from db.t1;
 
--error ER_TABLEACCESS_DENIED_ERROR
 
analyze select * from db.t1;
 
 
 
select * from db.v1;
 
--error ER_VIEW_NO_EXPLAIN
 
explain select * from db.v1;
 
--error ER_VIEW_NO_EXPLAIN
 
analyze select * from db.v1;
 
 
 
--disconnect con1
 
--connection default
 
 
 
drop user u1@localhost;
 
drop database db;

The last statement should fail just like the previous one does, but it succeeds (and reveals the underlying t1 table in the output).

Same for INSERT, UPDATE, DELETE.

 Comments   
Comment by Sergei Petrunia [ 2015-03-04 ]

review feedback provided over email

Comment by Vicențiu Ciorbaru [ 2015-03-10 ]

Added access checks to be performed for the analyze statement, similarly to how it was done for EXPLAIN and SHOW VIEW.

Fixed with:
0ed57e34c76ffa5e457e1abb402ada6352fb52b2

Generated at Thu Feb 08 07:16:23 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.