Commit 0a63c91a authored by Daniel Black's avatar Daniel Black

MDEV-8743: fopen mode e (glibc only) to prevent galera SST scripts accessing server files

For RemoteDatafile::read_link_file and buffer poool dumps

Note: STR_O_CLOEXEC needs to be at the end of the fopen otherwise
fopen will return EINVAL.
parent 5cf0662d
......@@ -591,6 +591,11 @@ typedef SOCKET_SIZE_TYPE size_socket;
#ifndef O_CLOEXEC
#define O_CLOEXEC 0
#endif
#ifdef __GLIBC__
#define STR_O_CLOEXEC "e"
#else
#define STR_O_CLOEXEC ""
#endif
#ifndef SOCK_CLOEXEC
#define SOCK_CLOEXEC 0
#endif
......
......@@ -275,7 +275,7 @@ buf_dump(
buf_dump_status(STATUS_INFO, "Dumping buffer pool(s) to %s",
full_filename);
f = fopen(tmp_filename, "w");
f = fopen(tmp_filename, "w" STR_O_CLOEXEC);
if (f == NULL) {
buf_dump_status(STATUS_ERR,
"Cannot open '%s' for writing: %s",
......@@ -516,7 +516,7 @@ buf_load()
buf_load_status(STATUS_INFO,
"Loading buffer pool(s) from %s", full_filename);
f = fopen(full_filename, "r");
f = fopen(full_filename, "r" STR_O_CLOEXEC);
if (f == NULL) {
buf_load_status(STATUS_INFO,
"Cannot open '%s' for reading: %s",
......
......@@ -1043,7 +1043,7 @@ char*
RemoteDatafile::read_link_file(
const char* link_filepath)
{
FILE* file = fopen(link_filepath, "r+b");
FILE* file = fopen(link_filepath, "r+b" STR_O_CLOEXEC);
if (file == NULL) {
return(NULL);
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment