Commit 8843aea7 authored by Nirbhay Choubey's avatar Nirbhay Choubey

Bug#11757855 - 49967: built-in libedit doesn't read

                      .editrc on linux.

MySQL client when build with libedit support ignores
.editrc at startup.

The reason for this regression was the incluison of a
safety check, issetugid(), which is not available on
some linux platforms.

Fixed by adding an equivalent check for platforms which
have get[e][u|g]id() set of functions.


cmd-line-utils/libedit/el.c:
  Bug#11757855 - 49967: built-in libedit doesn't read
                        .editrc on linux.
  
  Added function calls to check user/group IDs on linux
  systems which does not have issetugid() function.
configure.in:
  Bug#11757855 - 49967: built-in libedit doesn't read
                        .editrc on linux.
  
  Added check for getuid, geteuid, getgid, getegid
  functions.
parent 1e7b79a5
......@@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname)
fp = NULL;
if (fname == NULL) {
#ifdef HAVE_ISSETUGID
/* XXXMYSQL: Bug#49967 */
#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \
defined(HAVE_GETGID) && defined(HAVE_GETEGID)
#define HAVE_IDENTITY_FUNCS 1
#endif
#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS))
static const char elpath[] = "/.editrc";
/* XXXMYSQL: Portability fix (for which platforms?) */
#ifdef MAXPATHLEN
......@@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname)
#else
char path[4096];
#endif
#ifdef HAVE_ISSETUGID
if (issetugid())
return (-1);
#elif defined(HAVE_IDENTITY_FUNCS)
if (getuid() != geteuid() || getgid() != getegid())
return (-1);
#endif
if ((ptr = getenv("HOME")) == NULL)
return (-1);
if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
......@@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname)
fname = path;
#else
/*
* If issetugid() is missing, always return an error, in order
* to keep from inadvertently opening up the user to a security
* hole.
* If issetugid() or the above mentioned get[e][u|g]id()
* functions are missing, always return an error, in order
* to keep from inadvertently opening up the user to a
* security hole.
*/
return (-1);
#endif
......
......@@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h,
[AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])])
AC_CHECK_FUNCS(strlcat strlcpy)
AC_CHECK_FUNCS(issetugid)
AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid)
AC_CHECK_FUNCS(fgetln)
AC_CHECK_FUNCS(getline flockfile)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment