Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

error read permission for BLOB field, when it is input/output procedure`s parametr [CORE5982] #6234

Closed
firebird-issue-importer opened this issue Jan 12, 2019 · 8 comments

Comments

@firebird-issue-importer

Submitted by: Segey Khalyutin (notesoft)

Assigned to: @dmitry-starodubov

connect 'd:\database\my_database.fdb' user 'SYSDBA' password 'masterkey';
-- drop user MY_USER;
drop database;
create database 'd:\database\my_database.fdb' user 'SYSDBA' password 'masterkey' page_size 8192 default character set UTF8;
-- create user MY_USER password 'MY_PASS' ;
set term ^;

create table my_table
( my_num integer
, my_data blob
) ^
commit work ^

insert into my_table(my_num , my_data) values (1, 'qwerty') ^

create or alter procedure my_proc_2(my_data blob)
as
declare variable my_value blob;
begin
my_value = my_data ;
end ^
-- grant select on table my_table to procedure my_proc_2 ^

create or alter procedure my_proc
-- returns ( my_data blob)
as
declare variable my_data blob;
begin
select my_data
from my_table
where my_num = 1
into: my_data;

 execute procedure my\_proc\_2\(my\_data\);

end ^
grant select on table my_table to procedure my_proc ^
grant execute on procedure my_proc_2 to procedure my_proc ^
grant execute on procedure my_proc to public ^

-- execute procedure my_proc ^

commit work ^
set term ;^

connect 'd:\database\my_database.fdb' user MY_USER password 'MY_PASS';
set term ^;

execute procedure my_proc ^ -- result of this execute id : 'no permission for SELECT access to TABLE MY_TABLE'

/*

C:\WINDOWS\system32>"C:\Program Files (x86)\Firebird\Firebird_3_0\isql" -i D:\source\NOTEMATRIX\FBSQL\test\script.sql
Use CONNECT or CREATE DATABASE to specify a database
Statement failed, SQLSTATE = 28000
no permission for SELECT access to TABLE MY_TABLE
-At procedure 'MY_PROC_2' line: 5, col: 5
At procedure 'MY_PROC' line: 11, col: 6
After line 53 in file D:\source\NOTEMATRIX\FBSQL\test\script.sql

*/

Commits: 2fd3e56 9cf9d64 ed932c8

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 12, 2019

Commented by: @AlexPeshkoff

Roman, suppose it's related with security fix regarding blobs access

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 12, 2019

Modified by: @AlexPeshkoff

assignee: Roman Simakov [ roman-simakov ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 12, 2019

Modified by: @AlexPeshkoff

Version: 4.0 Alpha 1 [ 10731 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 13, 2019

Commented by: @romansimakov

We'll take a look

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 14, 2019

Modified by: @dmitry-starodubov

assignee: Roman Simakov [ roman-simakov ] => Dmitriy Starodubov [ dmitriy starodubov ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 21, 2019

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 4.0 Beta 1 [ 10750 ]

Fix Version: 3.0.5 [ 10885 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Feb 16, 2019

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: No test => Done successfully

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Feb 16, 2019

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant