Hi, Oleksandr! All good, ok to push. Just add a comment right after memcpy, that /* if acl_user->nauth was >= nauth, then we've just updated the actual acl_user, not the copy. We rely on the fact that acl_update_user() cannot fail anywhere below. */ On Oct 15, Oleksandr Byelkin wrote:

revision-id: 6ec64caec5d (mariadb-10.4.21-64-g6ec64caec5d) parent(s): a736a3174a4 author: Oleksandr Byelkin committer: Oleksandr Byelkin timestamp: 2021-10-14 16:19:09 +0200 message:

MDEV-26650: Failed ALTER USER/GRANT statement removes the password from the cache

Starting from 10.4 AUTH is not part of ACL_USER so changes have to be done over a copy, and bring in the cache only in case of success.

Regards, Sergei VP of MariaDB Server Engineering and security@mariadb.org