• 's avatar
    BUG#49124 Security issue with /*!-versioned */ SQL statements on Slave · 2ad690fd
    authored
    /*![:version:] Query Code */, where [:version:] is a sequence of 5 
    digits representing the mysql server version(e.g /*!50200 ... */),
    is a special comment that the query in it can be executed on those 
    servers whose versions are larger than the version appearing in the 
    comment. It leads to a security issue when slave's version is larger 
    than master's. A malicious user can improve his privileges on slaves. 
    Because slave SQL thread is running with SUPER privileges, so it can
    execute queries that he/she does not have privileges on master.
    
    This bug is fixed with the logic below: 
    - To replace '!' with ' ' in the magic comments which are not applied on
      master. So they become common comments and will not be applied on slave.
    
    - Example:
      'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /*!99999 ,(3)*/
      will be binlogged as
      'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /* 99999 ,(3)*/
    2ad690fd
rpl_conditional_comments.test 2.44 KB