Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
16aeb5ad
Commit
16aeb5ad
authored
May 19, 2009
by
Jim Winstead
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Table identifiers and file names were not quoted and escaped correctly by
mysqlimport. (Bug #28071)
parent
eb126150
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
44 additions
and
5 deletions
+44
-5
client/mysqlimport.c
client/mysqlimport.c
+13
-3
mysql-test/r/mysqldump.result
mysql-test/r/mysqldump.result
+10
-0
mysql-test/t/mysqldump.test
mysql-test/t/mysqldump.test
+21
-2
No files found.
client/mysqlimport.c
View file @
16aeb5ad
...
@@ -303,7 +303,8 @@ static int get_options(int *argc, char ***argv)
...
@@ -303,7 +303,8 @@ static int get_options(int *argc, char ***argv)
static
int
write_to_table
(
char
*
filename
,
MYSQL
*
mysql
)
static
int
write_to_table
(
char
*
filename
,
MYSQL
*
mysql
)
{
{
char
tablename
[
FN_REFLEN
],
hard_path
[
FN_REFLEN
],
char
tablename
[
FN_REFLEN
],
hard_path
[
FN_REFLEN
],
sql_statement
[
FN_REFLEN
*
16
+
256
],
*
end
;
escaped_name
[
FN_REFLEN
*
2
+
1
],
sql_statement
[
FN_REFLEN
*
16
+
256
],
*
end
,
*
pos
;
DBUG_ENTER
(
"write_to_table"
);
DBUG_ENTER
(
"write_to_table"
);
DBUG_PRINT
(
"enter"
,(
"filename: %s"
,
filename
));
DBUG_PRINT
(
"enter"
,(
"filename: %s"
,
filename
));
...
@@ -338,15 +339,24 @@ static int write_to_table(char *filename, MYSQL *mysql)
...
@@ -338,15 +339,24 @@ static int write_to_table(char *filename, MYSQL *mysql)
fprintf
(
stdout
,
"Loading data from SERVER file: %s into %s
\n
"
,
fprintf
(
stdout
,
"Loading data from SERVER file: %s into %s
\n
"
,
hard_path
,
tablename
);
hard_path
,
tablename
);
}
}
mysql_real_escape_string
(
mysql
,
escaped_name
,
hard_path
,
strlen
(
hard_path
));
sprintf
(
sql_statement
,
"LOAD DATA %s %s INFILE '%s'"
,
sprintf
(
sql_statement
,
"LOAD DATA %s %s INFILE '%s'"
,
opt_low_priority
?
"LOW_PRIORITY"
:
""
,
opt_low_priority
?
"LOW_PRIORITY"
:
""
,
opt_local_file
?
"LOCAL"
:
""
,
hard_path
);
opt_local_file
?
"LOCAL"
:
""
,
escaped_name
);
end
=
strend
(
sql_statement
);
end
=
strend
(
sql_statement
);
if
(
replace
)
if
(
replace
)
end
=
strmov
(
end
,
" REPLACE"
);
end
=
strmov
(
end
,
" REPLACE"
);
if
(
ignore
)
if
(
ignore
)
end
=
strmov
(
end
,
" IGNORE"
);
end
=
strmov
(
end
,
" IGNORE"
);
end
=
strmov
(
strmov
(
end
,
" INTO TABLE "
),
tablename
);
end
=
strmov
(
end
,
" INTO TABLE `"
);
/* Turn any ` into `` in table name. */
for
(
pos
=
tablename
;
*
pos
;
pos
++
)
{
if
(
*
pos
==
'`'
)
*
end
++=
'`'
;
*
end
++=
*
pos
;
}
end
=
strmov
(
end
,
"`"
);
if
(
fields_terminated
||
enclosed
||
opt_enclosed
||
escaped
)
if
(
fields_terminated
||
enclosed
||
opt_enclosed
||
escaped
)
end
=
strmov
(
end
,
" FIELDS"
);
end
=
strmov
(
end
,
" FIELDS"
);
...
...
mysql-test/r/mysqldump.result
View file @
16aeb5ad
...
@@ -4439,6 +4439,16 @@ drop view v1;
...
@@ -4439,6 +4439,16 @@ drop view v1;
drop table t1;
drop table t1;
drop view v1;
drop view v1;
drop table t1;
drop table t1;
#
# Bug#28071 mysqlimport does not quote or escape table name
#
drop table if exists `load`;
create table `load` (a varchar(255));
test.load: Records: 70 Deleted: 0 Skipped: 0 Warnings: 0
select count(*) from `load`;
count(*)
70
drop table `load`;
SET @@GLOBAL.CONCURRENT_INSERT = @OLD_CONCURRENT_INSERT;
SET @@GLOBAL.CONCURRENT_INSERT = @OLD_CONCURRENT_INSERT;
#
#
# End of 5.1 tests
# End of 5.1 tests
...
...
mysql-test/t/mysqldump.test
View file @
16aeb5ad
...
@@ -1971,8 +1971,27 @@ drop table t1;
...
@@ -1971,8 +1971,27 @@ drop table t1;
--
remove_file
$MYSQLTEST_VARDIR
/
tmp
/
v1
.
sql
--
remove_file
$MYSQLTEST_VARDIR
/
tmp
/
v1
.
sql
# We reset concurrent_inserts value to whatever it was at the start of the test
--
echo
#
# This line must be executed _after_ all test cases.
--
echo
# Bug#28071 mysqlimport does not quote or escape table name
--
echo
#
--
disable_warnings
drop
table
if
exists
`load`
;
--
enable_warnings
create
table
`load`
(
a
varchar
(
255
));
--
copy_file
std_data
/
words
.
dat
$MYSQLTEST_VARDIR
/
tmp
/
load
.
txt
--
exec
$MYSQL_IMPORT
--
ignore
test
$MYSQLTEST_VARDIR
/
tmp
/
load
.
txt
select
count
(
*
)
from
`load`
;
--
remove_file
$MYSQLTEST_VARDIR
/
tmp
/
load
.
txt
drop
table
`load`
;
# We reset concurrent_inserts value to whatever it was at the start of the
# test This line must be executed _after_ all test cases.
SET
@@
GLOBAL
.
CONCURRENT_INSERT
=
@
OLD_CONCURRENT_INSERT
;
SET
@@
GLOBAL
.
CONCURRENT_INSERT
=
@
OLD_CONCURRENT_INSERT
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment