Hi, Oleksandr! On Jan 19, Oleksandr Byelkin wrote:

revision-id: 9d2c63d45e4 (mariadb-10.3.20-6-g9d2c63d45e4) parent(s): d4edb0510ec author: Oleksandr Byelkin <sanja@mariadb.com> committer: Oleksandr Byelkin <sanja@mariadb.com> timestamp: 2019-11-14 09:32:54 +0100 message:

MDEV-20076: SHOW GRANTS does not quote role names properly

Quotes added to output.

diff --git a/mysql-test/main/grant5.test b/mysql-test/main/grant5.test index 649bba7d1ca..045cbf8fc86 100644 --- a/mysql-test/main/grant5.test +++ b/mysql-test/main/grant5.test @@ -33,3 +33,26 @@ REVOKE EXECUTE ON PROCEDURE sp FROM u; --error ER_TABLE_NOT_LOCKED REVOKE PROCESS ON *.* FROM u; DROP TABLE t1; + +--echo # +--echo # MDEV-20076: SHOW GRANTS does not quote role names properly +--echo # + +create role 'role-1'; +create role 'rock\'n\'roll'; +create user 'user-1'@'localhost'; +create user 'O\'Brien'@'localhost'; +grant select on mysql.user to 'role-1'; +grant select on mysql.user to 'rock\'n\'roll'; +GRANT 'role-1' TO 'user-1'@'localhost'; +GRANT 'rock\'n\'roll' TO 'O\'Brien'@'localhost'; +show grants for 'role-1'; +show grants for 'rock\'n\'roll'; +show grants for 'user-1'@'localhost'; +show grants for 'O\'Brien'@'localhost'; +drop role 'role-1'; +drop role 'rock\'n\'roll'; +drop user 'user-1'@'localhost'; +drop user 'O\'Brien'@'localhost'; + +--echo # End of 10.3 tests

please add few tests when sql_quote_show_create=0. Like 1. sql_quote_show_create=0, role name is not reserved (e.g. foo) 2. sql_quote_show_create=0, role name is reserved (e.g. fetch) 3. sql_quote_show_create=0, role name is not a valid identifier (e.g. role-1) Then ok to push. Regards, Sergei VP of MariaDB Server Engineering and security@mariadb.org