Fixed CORE-6489: User without ALTER ANY ROLE privilege can use COMMENT ON ROLE

src/jrd/ini.epp

@@ -471,7 +471,8 @@ void INI_format(const char* owner, const char* charset)
 			charset->name;
 			++charset)
 		{
-			add_security_to_sys_obj(tdbb, reqAddSC, reqModObjSC, reqInsUserPriv, ownerName, obj_charset, charset->name, length, buffer);
+			add_security_to_sys_obj(tdbb, reqAddSC, reqModObjSC, reqInsUserPriv, ownerName, obj_charset,
+				charset->name, length, buffer);
 		}
 
 		reqModObjSC.reset();
@@ -479,9 +480,14 @@ void INI_format(const char* owner, const char* charset)
 			collation->name;
 			++collation)
 		{
-			add_security_to_sys_obj(tdbb, reqAddSC, reqModObjSC, reqInsUserPriv, ownerName, obj_collation, collation->name, length, buffer);
+			add_security_to_sys_obj(tdbb, reqAddSC, reqModObjSC, reqInsUserPriv, ownerName, obj_collation,
+				collation->name, length, buffer);
 		}
 
+		reqModObjSC.reset();
+		add_security_to_sys_obj(tdbb, reqAddSC, reqModObjSC, reqInsUserPriv, ownerName, obj_sql_role,
+				ADMIN_ROLE, length, buffer);
+
 		// Must be last!
 		acl = aclPublicStart;
 		memcpy(acl, PKG_PUBLIC_EXECUTE_ACL, sizeof(PKG_PUBLIC_EXECUTE_ACL));
@@ -1205,6 +1211,18 @@ static void add_security_to_sys_obj(thread_db* tdbb,
 		}
 		END_FOR
 	}
+	else if (obj_type == obj_sql_role)
+	{
+		FOR(REQUEST_HANDLE reqModObjSC) R IN RDB$ROLES
+			WITH R.RDB$ROLE_NAME EQ obj_name.c_str()
+		{
+			MODIFY R USING
+				R.RDB$SECURITY_CLASS.NULL = FALSE;
+				PAD(security_class.c_str(), R.RDB$SECURITY_CLASS);
+			END_MODIFY
+		}
+		END_FOR
+	}
 	else if (obj_type == obj_package_header)
 	{
 		FOR(REQUEST_HANDLE reqModObjSC) PKG IN RDB$PACKAGES