From 13bcfe6195092bf15e66842d435d6e284aaed51b Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Wed, 4 Dec 2019 14:51:15 +0100
Subject: [PATCH 1/3] Fix creation of "Super" permissions

The permission name variable was freed too early so the comparison for
when to cache the permissions was not working as intended.
---
 src/manage_sql.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/manage_sql.c b/src/manage_sql.c
index cbda82217..59ece0094 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -50850,7 +50850,6 @@ create_permission_internal (const char *name_arg, const char *comment,
   assert ((resource_id == resource_id_arg) || (resource_id == NULL));
 
   quoted_name = sql_quote (name);
-  g_free (name);
   quoted_comment = sql_quote (comment ? comment : "");
 
   sql ("INSERT INTO permissions"
@@ -50923,6 +50922,7 @@ create_permission_internal (const char *name_arg, const char *comment,
   g_free (quoted_name);
   g_free (resource_type);
   g_free (subject_where);
+  g_free (name);
 
   return 0;
 }

From 0e74dbeb07beb9589dad95e9acd963069cd37a18 Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Wed, 4 Dec 2019 14:56:01 +0100
Subject: [PATCH 2/3] Add CHANGELOG entry for "Super" permissions fix

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6025b28d2..f927489e2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,6 +35,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Fix resource type checks for permissions [#863](https://github.com/greenbone/gvmd/pull/863)
 - Fix result_nvt for new OSP and slave results [#865](https://github.com/greenbone/gvmd/pull/865)
 - Use right format specifier for merge_ovaldef version [#874](https://github.com/greenbone/gvmd/pull/874)
+- Fix creation of "Super" permissions [#892](https://github.com/greenbone/gvmd/pull/892)
 
 ### Removed
 - Remove 1.3.6.1.4.1.25623.1.0.90011 from Discovery config (9.0) [#847](https://github.com/greenbone/gvmd/pull/847)

From 10ceb896cc32c9b8196507d3df46e3abb4cf590c Mon Sep 17 00:00:00 2001
From: Timo Pollmeier <timo.pollmeier@greenbone.net>
Date: Wed, 4 Dec 2019 15:40:40 +0100
Subject: [PATCH 3/3] Use quoted_name in create_permission_internal

Revert the change from 13bcfe6195092bf15e66842d435d6e284aaed51b and
instead use the quoted_name, which is more consistent with a later
check if the permission is "Super".
---
 src/manage_sql.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/manage_sql.c b/src/manage_sql.c
index 59ece0094..861a16796 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -50850,6 +50850,7 @@ create_permission_internal (const char *name_arg, const char *comment,
   assert ((resource_id == resource_id_arg) || (resource_id == NULL));
 
   quoted_name = sql_quote (name);
+  g_free (name);
   quoted_comment = sql_quote (comment ? comment : "");
 
   sql ("INSERT INTO permissions"
@@ -50878,7 +50879,7 @@ create_permission_internal (const char *name_arg, const char *comment,
     *permission = sql_last_insert_id ();
 
   /* Update Permissions cache */
-  if (strcasecmp (name, "super") == 0)
+  if (strcasecmp (quoted_name, "super") == 0)
     cache_all_permissions_for_users (NULL);
   else if (resource_type && resource)
     cache_permissions_for_resource (resource_type, resource, NULL);
@@ -50922,7 +50923,6 @@ create_permission_internal (const char *name_arg, const char *comment,
   g_free (quoted_name);
   g_free (resource_type);
   g_free (subject_where);
-  g_free (name);
 
   return 0;
 }