Commit 0098d789 authored by Sergei Golubchik's avatar Sergei Golubchik

MDEV-10465 general_log_file can be abused

Windows!
parent a3f64241
...@@ -20,6 +20,8 @@ SET @@global.general_log_file = '.my.cnf'; ...@@ -20,6 +20,8 @@ SET @@global.general_log_file = '.my.cnf';
ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf' ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
SET @@global.general_log_file = 'my.cnf\0foo'; SET @@global.general_log_file = 'my.cnf\0foo';
ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf' ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf'
SET @@global.general_log_file = 'my.ini';
ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.ini'
'#----------------------FN_DYNVARS_004_03------------------------#' '#----------------------FN_DYNVARS_004_03------------------------#'
SELECT @@global.general_log_file = VARIABLE_VALUE SELECT @@global.general_log_file = VARIABLE_VALUE
FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES
......
...@@ -17,6 +17,8 @@ SET @@global.general_log_file = '.my.cnf'; ...@@ -17,6 +17,8 @@ SET @@global.general_log_file = '.my.cnf';
ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf' ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
SET @@global.general_log_file = 'my.cnf\0foo'; SET @@global.general_log_file = 'my.cnf\0foo';
ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf' ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf'
SET @@global.general_log_file = 'my.ini';
ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.ini'
'#----------------------FN_DYNVARS_004_03------------------------#' '#----------------------FN_DYNVARS_004_03------------------------#'
SELECT @@global.slow_query_log_file = VARIABLE_VALUE SELECT @@global.slow_query_log_file = VARIABLE_VALUE
FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES
......
...@@ -69,6 +69,8 @@ SET @@global.general_log_file = '/tmp/my.cnf'; ...@@ -69,6 +69,8 @@ SET @@global.general_log_file = '/tmp/my.cnf';
SET @@global.general_log_file = '.my.cnf'; SET @@global.general_log_file = '.my.cnf';
--error ER_WRONG_VALUE_FOR_VAR --error ER_WRONG_VALUE_FOR_VAR
SET @@global.general_log_file = 'my.cnf\0foo'; SET @@global.general_log_file = 'my.cnf\0foo';
--error ER_WRONG_VALUE_FOR_VAR
SET @@global.general_log_file = 'my.ini';
--echo '#----------------------FN_DYNVARS_004_03------------------------#' --echo '#----------------------FN_DYNVARS_004_03------------------------#'
......
...@@ -67,6 +67,8 @@ SET @@global.slow_query_log_file = '/tmp/my.cnf'; ...@@ -67,6 +67,8 @@ SET @@global.slow_query_log_file = '/tmp/my.cnf';
SET @@global.general_log_file = '.my.cnf'; SET @@global.general_log_file = '.my.cnf';
--error ER_WRONG_VALUE_FOR_VAR --error ER_WRONG_VALUE_FOR_VAR
SET @@global.general_log_file = 'my.cnf\0foo'; SET @@global.general_log_file = 'my.cnf\0foo';
--error ER_WRONG_VALUE_FOR_VAR
SET @@global.general_log_file = 'my.ini';
--echo '#----------------------FN_DYNVARS_004_03------------------------#' --echo '#----------------------FN_DYNVARS_004_03------------------------#'
############################################################################## ##############################################################################
......
...@@ -3040,10 +3040,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var) ...@@ -3040,10 +3040,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var)
return true; return true;
static const LEX_CSTRING my_cnf= { STRING_WITH_LEN("my.cnf") }; static const LEX_CSTRING my_cnf= { STRING_WITH_LEN("my.cnf") };
static const LEX_CSTRING my_ini= { STRING_WITH_LEN("my.ini") };
if (path_length >= my_cnf.length) if (path_length >= my_cnf.length)
{ {
if (strcasecmp(path + path_length - my_cnf.length, my_cnf.str) == 0) if (strcasecmp(path + path_length - my_cnf.length, my_cnf.str) == 0)
return true; // log file name ends with "my.cnf" return true; // log file name ends with "my.cnf"
DBUG_ASSERT(my_cnf.length == my_ini.length);
if (strcasecmp(path + path_length - my_ini.length, my_ini.str) == 0)
return true; // log file name ends with "my.ini"
} }
MY_STAT f_stat; MY_STAT f_stat;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment