MDEV-30190 Password check plugin prevents changing grants for CURRENT_USER

vuvova · vuvova · commit b1daecfc4514 · 2025-07-17T09:18:18.000+02:00
CURRENT_USER should not initialize $$-&gt;auth, just like explicitly
specified user name doesn't.
diff --git a/mysql-test/suite/plugins/r/simple_password_check.result b/mysql-test/suite/plugins/r/simple_password_check.result
@@ -261,6 +261,22 @@ install soname "simple_password_check";
 MARIADB-ADMIN: unable to change password; error: 'The MariaDB server is running with the --strict-password-validation option so it cannot execute this statement'
 # All done
 uninstall plugin simple_password_check;
-#
 # End of 10.4 tests
 #
+# MDEV-30190 Password check plugin prevents changing grants for CURRENT_USER
+#
+select priv into @old_priv from mysql.global_priv where user='root' and host='localhost';
+install soname "simple_password_check";
+grant all on db1.* to current_user;
+select current_user;
+current_user
+root@localhost
+show grants;
+Grants for root@localhost
+GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON `db1`.* TO `root`@`localhost`
+GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
+revoke all on db1.* from current_user;
+uninstall plugin simple_password_check;
+update mysql.global_priv set priv=@old_priv where user='root' and host='localhost';
+# End of 10.11 tests
diff --git a/mysql-test/suite/plugins/t/simple_password_check.test b/mysql-test/suite/plugins/t/simple_password_check.test
@@ -165,6 +165,19 @@ install soname "simple_password_check";
 --echo # All done
 uninstall plugin simple_password_check;
 
---echo #
 --echo # End of 10.4 tests
+
+--echo #
+--echo # MDEV-30190 Password check plugin prevents changing grants for CURRENT_USER
 --echo #
+select priv into @old_priv from mysql.global_priv where user='root' and host='localhost';
+install soname "simple_password_check";
+grant all on db1.* to current_user;
+select current_user;
+show grants;
+revoke all on db1.* from current_user;
+uninstall plugin simple_password_check;
+#cleanup
+update mysql.global_priv set priv=@old_priv where user='root' and host='localhost';
+
+--echo # End of 10.11 tests
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
@@ -15505,7 +15505,6 @@ user_maybe_role:
             if (unlikely(!($$=(LEX_USER*)thd->calloc(sizeof(LEX_USER)))))
               MYSQL_YYABORT;
             $$->user= current_user;
-            $$->auth= new (thd->mem_root) USER_AUTH();
           }
         ;
 

Original file line number	Diff line number	Diff line change
`@@ -15505,7 +15505,6 @@ user_maybe_role:`
`15505`	`15505`	`if (unlikely(!($$=(LEX_USER*)thd->calloc(sizeof(LEX_USER)))))`
`15506`	`15506`	`MYSQL_YYABORT;`
`15507`	`15507`	`$$->user= current_user;`
`15508`		`- $$->auth= new (thd->mem_root) USER_AUTH();`
`15509`	`15508`	`}`
`15510`	`15509`	`;`
`15511`	`15510`