Commit 39f71a29 authored by Nirbhay Choubey's avatar Nirbhay Choubey

Bug#11757855 - 49967: built-in libedit doesn't read

                      .editrc on linux.

MySQL client when build with libedit support ignores
.editrc at startup.

The reason for this regression was the incluison of a
safety check, issetugid(), which is not available on
some linux platforms.

Fixed by adding an equivalent check for platforms which
have get[e][u|g]id() set of functions.
parent c17ec079
...@@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname) ...@@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname)
fp = NULL; fp = NULL;
if (fname == NULL) { if (fname == NULL) {
#ifdef HAVE_ISSETUGID /* XXXMYSQL: Bug#49967 */
#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \
defined(HAVE_GETGID) && defined(HAVE_GETEGID)
#define HAVE_IDENTITY_FUNCS 1
#endif
#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS))
static const char elpath[] = "/.editrc"; static const char elpath[] = "/.editrc";
/* XXXMYSQL: Portability fix (for which platforms?) */ /* XXXMYSQL: Portability fix (for which platforms?) */
#ifdef MAXPATHLEN #ifdef MAXPATHLEN
...@@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname) ...@@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname)
#else #else
char path[4096]; char path[4096];
#endif #endif
#ifdef HAVE_ISSETUGID
if (issetugid()) if (issetugid())
return (-1); return (-1);
#elif defined(HAVE_IDENTITY_FUNCS)
if (getuid() != geteuid() || getgid() != getegid())
return (-1);
#endif
if ((ptr = getenv("HOME")) == NULL) if ((ptr = getenv("HOME")) == NULL)
return (-1); return (-1);
if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path)) if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
...@@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname) ...@@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname)
fname = path; fname = path;
#else #else
/* /*
* If issetugid() is missing, always return an error, in order * If issetugid() or the above mentioned get[e][u|g]id()
* to keep from inadvertently opening up the user to a security * functions are missing, always return an error, in order
* hole. * to keep from inadvertently opening up the user to a
* security hole.
*/ */
return (-1); return (-1);
#endif #endif
......
...@@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h, ...@@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h,
[AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])]) [AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])])
AC_CHECK_FUNCS(strlcat strlcpy) AC_CHECK_FUNCS(strlcat strlcpy)
AC_CHECK_FUNCS(issetugid) AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid)
AC_CHECK_FUNCS(fgetln) AC_CHECK_FUNCS(fgetln)
AC_CHECK_FUNCS(getline flockfile) AC_CHECK_FUNCS(getline flockfile)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment