Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

error read permission for BLOB field, when it is input/output procedure`s parametr [CORE5982] #6234

Closed
firebird-automations opened this issue Jan 12, 2019 · 8 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Segey Khalyutin (notesoft)

Assigned to: @dmitry-starodubov

connect 'd:\database\my_database.fdb' user 'SYSDBA' password 'masterkey';
-- drop user MY_USER;
drop database;
create database 'd:\database\my_database.fdb' user 'SYSDBA' password 'masterkey' page_size 8192 default character set UTF8;
-- create user MY_USER password 'MY_PASS' ;
set term ^;

create table my_table
( my_num integer
, my_data blob
) ^
commit work ^

insert into my_table(my_num , my_data) values (1, 'qwerty') ^

create or alter procedure my_proc_2(my_data blob)
as
declare variable my_value blob;
begin
my_value = my_data ;
end ^
-- grant select on table my_table to procedure my_proc_2 ^

create or alter procedure my_proc
-- returns ( my_data blob)
as
declare variable my_data blob;
begin
select my_data
from my_table
where my_num = 1
into: my_data;

 execute procedure my\_proc\_2\(my\_data\);

end ^
grant select on table my_table to procedure my_proc ^
grant execute on procedure my_proc_2 to procedure my_proc ^
grant execute on procedure my_proc to public ^

-- execute procedure my_proc ^

commit work ^
set term ;^

connect 'd:\database\my_database.fdb' user MY_USER password 'MY_PASS';
set term ^;

execute procedure my_proc ^ -- result of this execute id : 'no permission for SELECT access to TABLE MY_TABLE'

/*

C:\WINDOWS\system32>"C:\Program Files (x86)\Firebird\Firebird_3_0\isql" -i D:\source\NOTEMATRIX\FBSQL\test\script.sql
Use CONNECT or CREATE DATABASE to specify a database
Statement failed, SQLSTATE = 28000
no permission for SELECT access to TABLE MY_TABLE
-At procedure 'MY_PROC_2' line: 5, col: 5
At procedure 'MY_PROC' line: 11, col: 6
After line 53 in file D:\source\NOTEMATRIX\FBSQL\test\script.sql

*/

Commits: 2fd3e56 9cf9d64 ed932c8

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Roman, suppose it's related with security fix regarding blobs access

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Roman Simakov [ roman-simakov ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

Version: 4.0 Alpha 1 [ 10731 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @romansimakov

We'll take a look

@firebird-automations
Copy link
Collaborator Author

Modified by: @dmitry-starodubov

assignee: Roman Simakov [ roman-simakov ] => Dmitriy Starodubov [ dmitriy starodubov ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 4.0 Beta 1 [ 10750 ]

Fix Version: 3.0.5 [ 10885 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: No test => Done successfully

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant