-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mysql_user: reinitialize the privs list in privileges_unpack() #137
mysql_user: reinitialize the privs list in privileges_unpack() #137
Conversation
In some scenarios, `privileges_unpack()` called `privs.append()` inside a loop without first emptying or reinitializing the `privs` list from the prior iteration. This could result in an invalid `GRANT` statement, which incorrectly included privileges from a previously-built `GRANT` statement. Reinitialize `privs` on each pass of the loop to prevent this from occurring.
Codecov Report
@@ Coverage Diff @@
## main #137 +/- ##
=======================================
Coverage 76.61% 76.61%
=======================================
Files 20 20
Lines 1770 1770
Branches 436 436
=======================================
Hits 1356 1356
Misses 268 268
Partials 146 146
Continue to review full report at Codecov.
|
Ready for review |
@parseword thanks for the PR! |
That's wading into uncharted territory for me, but I'll give it a shot tomorrow. I think I can put something together by cribbing from the |
ok, if any questions, feel free to ask |
@parseword if you feel more confident covering this bug fix with a unit test instead, we have those stored in |
@parseword do we have any time estimates? I'm asking because We're gonna release 2.0.0 next week. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@parseword Can you add tests for this?
@parseword The code patched in this PR has been moved to |
SUMMARY
In some scenarios,
privileges_unpack()
calledprivs.append()
inside a loop without first emptying or reinitializing theprivs
list from the prior iteration. This could result in an invalidGRANT
statement, which incorrectly included privileges from a previously-builtGRANT
statement.Reinitialize
privs
on each pass of the loop to prevent this from occurring.Fixes #136
ISSUE TYPE
COMPONENT NAME
mysql_user