Bug #25578 | CREATE TABLE LIKE does not require any privileges on source table. | ||
---|---|---|---|
Submitted: | 12 Jan 2007 11:22 | Modified: | 7 Jun 2007 16:31 |
Reporter: | Dmitry Lenev | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server | Severity: | S3 (Non-critical) |
Version: | 4.1.23-bk, 5.0.34-bk, 5.1.15-bk | OS: | Linux (SUSE 10.0/Any) |
Assigned to: | Dmitry Lenev | CPU Architecture: | Any |
[12 Jan 2007 11:22]
Dmitry Lenev
[31 Jan 2007 21:06]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/19127 ChangeSet@1.2379, 2007-02-01 00:05:29+03:00, dlenev@mockturtle.local +14 -0 Tentative fix for bugs #18950 "create table like does not obtain LOCK_open", #23667 "CREATE TABLE LIKE is not isolated from alteration by other connections" and bug #25578 "CREATE TABLE LIKE does not require any privileges on source table". Concurrent execution of CREATE TABLE LIKE statement and DDL statements on source table or DML/DDL statements on its target table could result in various errors in these statements and wrong order of statements in binlog. This problems was caused by incomplete protection/table-locking against concurrent statements implemented in mysql_create_like_table() routine. This fix simply implements such protection in proper way: We keep source table open during whole operation and place copying of .frm file, call to ha_create_table() and writing to binlog into one critical section protected by LOCK_open mutex. While former gives us protection against concurrent DDL on source table; the latter protects from DDL and DML on target table. It also removes some duplicated code from mysql_create_like_table(). Questions for reviewers are marked by QQ.
[1 Jun 2007 19:20]
Bugs System
Pushed into 5.0.44
[1 Jun 2007 19:25]
Bugs System
Pushed into 5.1.20-beta
[7 Jun 2007 16:31]
Jon Stephens
Thank you for your bug report. This issue has been committed to our source repository of that product and will be incorporated into the next release. If necessary, you can access the source repository and build the latest available version, including the bug fix. More information about accessing the source trees is available at http://dev.mysql.com/doc/en/installing-source.html Documented security fix in 5.0.44 and 5.1.20 changelogs.
[20 Jul 2007 16:12]
Paul DuBois
CVE number has been assigned: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781