What steps will reproduce the problem? 1. database name with underscores e.g. fm_test_scripts

What is the expected output? What do you see instead? reconciliation sync fails to complete grant/revoke should put database name into back ticks (`)

What version of the product are you using? On what operating system? latest (0.6.2) on linux

Please provide any additional information below

revoke DELETE on fm_test_scripts.* from 'fm_scripts_rw'@''; ERROR: Unknown command '_'. ERROR: Unknown command '_'. ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '_test_scripts.* from 'fm_scripts_rw'@''' at line 1

This is happening around lines 406-421 where the @g grant or revoke string is compiled. See diff below.

I think the answer is to encapsulate the database name with back ticks (`).

diff -r securich.0.6.2.orig/procedures/reconciliation.sql securich.0.6.2/procedures/reconciliation.sql 370,372d369 < PREPARE createcom FROM @c; < EXECUTE createcom; < 374a372,375 > INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,concat('Attempting: ',@g),NOW()); > > PREPARE createcom FROM @c; > EXECUTE createcom; 376c377

< INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,@g,NOW());

> INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,concat('Success: ',@g),NOW()); 406c407

< SET @g = CONCAT('revoke ', PRIVILEGEPARAM , ' on ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' from ' , GRANTEEPARAM);

> SET @g = CONCAT('revoke ', PRIVILEGEPARAM , ' on ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' from ' , GRANTEEPARAM); 408c409

< SET @g = CONCAT('grant ', PRIVILEGEPARAM , ' on ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' to ' , GRANTEEPARAM);

> SET @g = CONCAT('grant ', PRIVILEGEPARAM , ' on ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' to ' , GRANTEEPARAM); 418c419

< SET @g = CONCAT('revoke ', PRIVILEGEPARAM , ' on procedure ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' from ' , GRANTEEPARAM);

> SET @g = CONCAT('revoke ', PRIVILEGEPARAM , ' on procedure ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' from ' , GRANTEEPARAM); 420c421

< SET @g = CONCAT('grant ', PRIVILEGEPARAM , ' on procedure ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' to ' , GRANTEEPARAM);

> SET @g = CONCAT('grant ', PRIVILEGEPARAM , ' on procedure ' , DATABASENAMEPARAM , '.' , TABLENAMEPARAM , ' to ' , GRANTEEPARAM); 425,427d425 < PREPARE grantcom FROM @g; < EXECUTE grantcom; < 429a428 > INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,concat('Attempting: ',@g),NOW()); 431c430,433

< INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,@g,NOW());

> PREPARE grantcom FROM @g; > EXECUTE grantcom; > > INSERT INTO aud_grant_revoke (USERNAME,HOSTNAME,COMMAND,TIMESTAMP) VALUES (@un,@hn,concat('Success: ',@g),NOW());

to be clear the database name in question appears twice. the one that appears with the _ in it came from here:

mysql> select distinct(db) from mysql.db; +-------------------+ | db | +-------------------+ | test | | test_% | | fm_test_scripts | <------ issue introduced here | sandbox | +-------------------+ 4 rows in set (0.00 sec)

mysql> select distinct(db) from mysql.tables_priv; Empty set (0.00 sec)

mysql> select distinct(db) from mysql.procs_priv; +----------+ | db | +----------+ | securich | +----------+ 1 row in set (0.00 sec)

mysql> select distinct(SCHEMA_NAME) from information_schema.SCHEMATA where SCHEMA_NAME != 'information_schema'; +--------------------+ | SCHEMA_NAME | +--------------------+ | fm_test_scripts | | mysql | | performance_schema | | sandbox | | securich | | test | +--------------------+ 6 rows in set (0.00 sec)