Hi, Oleksandr, On Sep 09, Oleksandr Byelkin wrote:

revision-id: 3f9e6c9c111 (mariadb-10.3.35-36-g3f9e6c9c111) parent(s): 5feb60ce186 author: Oleksandr Byelkin committer: Oleksandr Byelkin timestamp: 2022-06-24 15:37:25 +0200 message:

MDEV-22133 handle_fatal_signal (sig=11) on optimized builds in handle_grant_table instead of ERROR | Buffer overflow (on optimized builds)

Return an error if we can not read a table required for ACL.

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 4c68b4505a4..38d2e9c35a1 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7420,6 +7420,11 @@ static bool grant_load(THD *thd, while (!p_table->file->ha_index_next(p_table->record[0])); } } + else + { + sql_print_error("Missing system table mysql.procs_priv; " + "please run mysql_upgrade to create it"); + }

I don't think so. The comment earlier says p_table= procs_priv.table(); // this can be NULL and if "this can be NULL" then it's not an error if it is.

end_unlock_p: if (p_table) @@ -10041,6 +10046,8 @@ static int handle_grant_data(THD *thd, Grant_tables& tables, bool drop, }

/* Handle stored routines table. */ + if (tables.procs_priv_table().table_exists()) + {

This is ok, but also, please, check that all accesses to other optional tables are properly protected. See FIRST_OPTIONAL_TABLE define, all tables below it may not exist. Regards, Sergei VP of MariaDB Server Engineering and security@mariadb.org