You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
set list on;
show version;
select mon$user,mon$remote\_protocol,mon$auth\_method from mon$attachments where mon$attachment\_id=current\_connection;
commit;
set echo on;
drop user boss;
drop user ozzy;
commit;
create user boss password '123' grant admin role;
commit;
select u\.sec$user\_name, u\.sec$plugin, u\.sec$admin from sec$users u where u\.sec$user\_name='BOSS';
set term ^;
execute block as
begin
execute statement 'create user ozzy password ''456'''
as user 'BOSS' password '123' role 'RDB$ADMIN';
end
^
set term ;^
commit;
\-\- EXIT; \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- \[ 1 \]
select u\.sec$user\_name, sec$plugin, u\.sec$admin
from sec$users u
where u\.sec$user\_name = upper\('ozzy'\);
set term ^;
execute block as
begin
execute statement 'drop user ozzy'
as user 'BOSS' password '123' role 'RDB$ADMIN';
end
^
set term ;^
commit;
drop user boss;
commit;
CASE-1.
#######
When this script is running untill to commented '-- EXIT; --------- [ 1 ]' statement (i.e. when it is uncommented) FB will crash and firebird.log will contain:
CSPROG Tue Apr 21 16:38:17 2015
Shutting down the server with 2 active connection(s) to 1 database(s), 0 active service(s)
CSPROG Tue Apr 21 16:38:17 2015
REMOTE INTERFACE/gds__detach: Unsuccesful detach from database.
Uncommitted work may have been lost.
Error writing data to the connection.
CASE-2.
#######
When the statement '-- EXIT;' will be COMMENTED firebird.log will contain:
CSPROG Tue Apr 21 16:40:36 2015
Access violation.
The code attempted to access a virtual
address without privilege to do so.
This exception will cause the Firebird server
to terminate abnormally.
CSPROG Tue Apr 21 16:41:01 2015
Shutting down the server with 2 active connection(s) to 1 database(s), 0 active service(s)
CSPROG Tue Apr 21 16:41:02 2015
REMOTE INTERFACE/gds__detach: Unsuccesful detach from database.
Uncommitted work may have been lost.
Error writing data to the connection.
(and I can`t understand why AV message appear FIRST in this case).
Attached files (logs, firebird.conf, windows error related files):
1) in the folder "1-logs-when-only-add-user" -- what occurs for mentioned above case-1
2) in the folder "2-logs-when-add-and-drop-user " -- what occurs for mentioned above case-2
WI-T3.0.0.31801, got on SuperServer and SuperClassic.
Note-1. Name of table in STDERR depends on value of UserManager = { Srp | Legacy_UserManager }.
For 'Srp' it will be 'PLG$SRP_VIEW', for Legacy_UserManager -- PLG$VIEW_USERS.
Because of this, section 'substitution' has been added in order to ignore rest part of line
after words 'TABLE PLG'.
Note-2. User 'boss' is NOT granted with 'RDB$ADMIN' role, only clause "grant admin" present for him
in the creating statement, so all his attempts to create/drop another user will be FAILED.
Before snapshot 31807 3rd such fail lead FB to crash (AV).
The text was updated successfully, but these errors were encountered:
Test Details: Note-1. Name of table in STDERR depends on value of UserManager = { Srp | Legacy_UserManager }.
For 'Srp' it will be 'PLG$SRP_VIEW', for Legacy_UserManager -- PLG$VIEW_USERS.
Because of this, section 'substitution' has been added in order to ignore rest part of line
after words 'TABLE PLG'.
Note-2. User 'boss' is NOT granted with 'RDB$ADMIN' role, only clause "grant admin" present for him
in the creating statement, so all his attempts to create/drop another user will be FAILED.
Before snapshot 31807 3rd such fail lead FB to crash (AV).
Submitted by: @pavel-zotov
Attachments:
av-when-trying-to-manage-users-list-using-es-on-behalf-of-non-sysdba-user-with-rdbadmin-role.zip
Consider the following script:
CASE-1.
#######
When this script is running untill to commented '-- EXIT; --------- [ 1 ]' statement (i.e. when it is uncommented) FB will crash and firebird.log will contain:
CSPROG Tue Apr 21 16:38:17 2015
Shutting down the server with 2 active connection(s) to 1 database(s), 0 active service(s)
CSPROG Tue Apr 21 16:38:17 2015
INET/inet_error: read errno = 10054
CSPROG Tue Apr 21 16:38:17 2015
REMOTE INTERFACE/gds__detach: Unsuccesful detach from database.
Uncommitted work may have been lost.
Error writing data to the connection.
CASE-2.
#######
When the statement '-- EXIT;' will be COMMENTED firebird.log will contain:
CSPROG Tue Apr 21 16:40:36 2015
Access violation.
The code attempted to access a virtual
address without privilege to do so.
This exception will cause the Firebird server
to terminate abnormally.
CSPROG Tue Apr 21 16:41:01 2015
Shutting down the server with 2 active connection(s) to 1 database(s), 0 active service(s)
CSPROG Tue Apr 21 16:41:02 2015
INET/inet_error: read errno = 10054
CSPROG Tue Apr 21 16:41:02 2015
REMOTE INTERFACE/gds__detach: Unsuccesful detach from database.
Uncommitted work may have been lost.
Error writing data to the connection.
(and I can`t understand why AV message appear FIRST in this case).
Attached files (logs, firebird.conf, windows error related files):
1) in the folder "1-logs-when-only-add-user" -- what occurs for mentioned above case-1
2) in the folder "2-logs-when-add-and-drop-user " -- what occurs for mentioned above case-2
WI-T3.0.0.31801, got on SuperServer and SuperClassic.
firebird.conf:
RemoteServicePort = 3333
DefaultDbCachePages = 8192
LockHashSlots = 22111
TempCacheLimit = 2147483647
MaxUnflushedWrites = -1
MaxUnflushedWriteTime = -1
TempDirectories = c:\temp
MaxUserTraceLogSize = 99999
FileSystemCacheThreshold = 65536K
AuthServer = Srp,Legacy_Auth
AuthClient = Srp,Legacy_Auth,Win_Sspi
WireCrypt = Disabled
UserManager = Srp
BugcheckAbort = 1
Commits: 1301cf9 FirebirdSQL/fbt-repository@49a7447
====== Test Details ======
Note-1. Name of table in STDERR depends on value of UserManager = { Srp | Legacy_UserManager }.
For 'Srp' it will be 'PLG$SRP_VIEW', for Legacy_UserManager -- PLG$VIEW_USERS.
Because of this, section 'substitution' has been added in order to ignore rest part of line
after words 'TABLE PLG'.
Note-2. User 'boss' is NOT granted with 'RDB$ADMIN' role, only clause "grant admin" present for him
in the creating statement, so all his attempts to create/drop another user will be FAILED.
Before snapshot 31807 3rd such fail lead FB to crash (AV).
The text was updated successfully, but these errors were encountered: