• Alexey Botchkov's avatar
    Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY. · ec524d50
    Alexey Botchkov authored
                
                test_if_data_home_dir fixed to look into real path.
                Checks added to mi_open for symlinks into data home directory.
    
    per-file messages:
            include/my_sys.h
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              my_is_symlink interface added
            include/myisam.h
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              myisam_test_invalid_symlink interface added
            myisam/mi_check.c
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              mi_open_datafile calls modified
            myisam/mi_open.c
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              code added to mi_open to check for symlinks into data home directory.
              mi_open_datafile now accepts 'original' file path to check if it's
              an allowed symlink.
            myisam/mi_static.c
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              myisam_test_invlaid_symlink defined
            myisam/myisamchk.c
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              mi_open_datafile call modified
            myisam/myisamdef.h
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              mi_open_datafile interface modified - 'real_path' parameter added
            mysql-test/r/symlink.test
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              error codes corrected as some patch now rejected pointing inside datahome
            mysql-test/r/symlink.result
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              error messages corrected in the result
            mysys/my_symlink.c
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              my_is_symlink() implementsd
              my_realpath() now returns the 'realpath' even if a file isn't a symlink
            sql/mysql_priv.h
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              test_if_data_home_dir interface
            sql/mysqld.cc
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
            sql/sql_parse.cc
              Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
              
              error messages corrected
              test_if_data_home_dir code fixed
    ec524d50
myisam.h 19.8 KB