Bug #37191 Failed assertion in CREATE VIEW
Submitted: 4 Jun 2008 11:15 Modified: 23 Mar 2009 1:59
Reporter: Martin Hansson Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S2 (Serious)
Version:5.1, 6.0 OS:Any
Assigned to: Martin Hansson CPU Architecture:Any
Tags: privileges, VIEW

[4 Jun 2008 11:15] Martin Hansson
Description:
If you create a view that references tables where you have disjoint sets of privileges, you get a failed a assertion.

How to repeat:
As user 1:

- Create two tables,
- Create a view.
- Grant disjoint sets of privileges on the two tables to user 2, 
  picking from SELECT, INSERT, DELETE, and UPDATE.

As user 2:

- Create a view that selects fields from both tables.
[4 Jun 2008 11:24] Martin Hansson
Failed assertion

Attachment: showstopper.test (application/octet-stream, text), 661 bytes.

[4 Jun 2008 11:41] Martin Hansson
The above test script reveals the bug.
[4 Jun 2008 13:32] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/47430
[9 Jun 2008 15:16] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/47609
[16 Jun 2008 8:31] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/47893

2661 Martin Hansson	2008-06-16
      Bug#37191: Failed assertion in CREATE VIEW
      
      It was assumed that if the intersection of all column grants for all 
      underlying tables in a view was empty, it implied that the view had 
      more privileges on some column than the corresponding underlying table.
      Fixed by removing the assumption (which was an assert()) and raising an 
      error only when both hold.
[16 Jun 2008 11:27] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/47901

2669 Martin Hansson	2008-06-16
      Bug#37191: Failed assertion in CREATE VIEW
            
      It was assumed that if the intersection of all column grants for all 
      underlying tables in a view was empty, it implied that the view had 
      more privileges on some column than the corresponding underlying table.
      Fixed by removing the assumption (which was an assert()) and raising an 
      error only when both hold.
[16 Jun 2008 11:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/47902

2669 Martin Hansson	2008-06-16
      Bug#37191: Failed assertion in CREATE VIEW
            
      It was assumed that if the intersection of all column grants for all 
      underlying tables in a view was empty, it implied that the view had 
      more privileges on some column than the corresponding underlying table.
      Fixed by removing the assumption (which was an assert()) and raising an 
      error only when both hold.
[25 Feb 2009 10:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/67496

2813 Georgi Kodinov	2009-02-25
      backport the fix for bug #37191 to 5.1-bugteam
[25 Feb 2009 10:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/67499

2818 Georgi Kodinov	2009-02-25
      backport the fix for bug #37191 to 5.1-bugteam
[9 Mar 2009 12:36] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/68629

3109 Kristofer Pettersson	2009-03-09
      Fixed assertion error caused by merging patch Bug#37191 from 5.1 to 6.0.
      
      TL_READ_DEFAULT should be part of the assert.
[13 Mar 2009 19:02] Bugs System
Pushed into 5.1.33 (revid:joro@sun.com-20090313111355-7bsi1hgkvrg8pdds) (version source revid:kgeorge@mysql.com-20090225101929-fk730uyt6qhoharc) (merge vers: 5.1.33) (pib:6)
[18 Mar 2009 13:18] Bugs System
Pushed into 6.0.11-alpha (revid:joro@sun.com-20090318122208-1b5kvg6zeb4hxwp9) (version source revid:kgeorge@mysql.com-20090225103118-7vqo15t4plb2j6k6) (merge vers: 6.0.10-alpha) (pib:6)
[23 Mar 2009 1:59] Paul DuBois
Noted in 5.1.33, 6.0.11 changelogs.

If a user created a view that referenced tables for which the user
had disjoint privileges, an assertion failure occurred.
[9 May 2009 16:39] Bugs System
Pushed into 5.1.34-ndb-6.2.18 (revid:jonas@mysql.com-20090508185236-p9b3as7qyauybefl) (version source revid:jonas@mysql.com-20090508100057-30ote4xggi4nq14v) (merge vers: 5.1.33-ndb-6.2.18) (pib:6)
[9 May 2009 17:37] Bugs System
Pushed into 5.1.34-ndb-6.3.25 (revid:jonas@mysql.com-20090509063138-1u3q3v09wnn2txyt) (version source revid:jonas@mysql.com-20090508175813-s6yele2z3oh6o99z) (merge vers: 5.1.33-ndb-6.3.25) (pib:6)
[9 May 2009 18:34] Bugs System
Pushed into 5.1.34-ndb-7.0.6 (revid:jonas@mysql.com-20090509154927-im9a7g846c6u1hzc) (version source revid:jonas@mysql.com-20090509073226-09bljakh9eppogec) (merge vers: 5.1.33-ndb-7.0.6) (pib:6)