Oracle has fixed CVE-2012-5611 as of mysql 5.1.67, but they did not include a regression test for it, so let's continue to use mariadb's test. See http://bazaar.launchpad.net/~maria-captains/maria/5.1/revision/3168 diff -Naur mysql-5.1.66.orig/mysql-test/r/information_schema.result mysql-5.1.66/mysql-test/r/information_schema.result --- mysql-5.1.66.orig/mysql-test/r/information_schema.result 2012-09-07 10:24:44.000000000 -0400 +++ mysql-5.1.66/mysql-test/r/information_schema.result 2012-12-04 11:04:13.247998281 -0500 @@ -1774,4 +1774,8 @@ length(CAST(b AS CHAR)) 20 DROP TABLE ubig; +grant usage on *.* to mysqltest_1@localhost; +select 1 from information_schema.tables where table_schema=repeat('a', 2000); +1 +drop user mysqltest_1@localhost; End of 5.1 tests. diff -Naur mysql-5.1.66.orig/mysql-test/t/information_schema.test mysql-5.1.66/mysql-test/t/information_schema.test --- mysql-5.1.66.orig/mysql-test/t/information_schema.test 2012-09-07 10:24:41.000000000 -0400 +++ mysql-5.1.66/mysql-test/t/information_schema.test 2012-12-04 11:03:31.050605443 -0500 @@ -1470,6 +1470,13 @@ DROP TABLE ubig; +grant usage on *.* to mysqltest_1@localhost; +connect (con1, localhost, mysqltest_1,,); +connection con1; +select 1 from information_schema.tables where table_schema=repeat('a', 2000); +connection default; +disconnect con1; +drop user mysqltest_1@localhost; --echo End of 5.1 tests.