Commit 65e2dc34 authored by unknown's avatar unknown

two fixes for potential security bugs

parent 5889a531
...@@ -1797,6 +1797,7 @@ bool flush_error_log() ...@@ -1797,6 +1797,7 @@ bool flush_error_log()
char err_renamed[FN_REFLEN], *end; char err_renamed[FN_REFLEN], *end;
end= strmake(err_renamed,log_error_file,FN_REFLEN-4); end= strmake(err_renamed,log_error_file,FN_REFLEN-4);
strmov(end, "-old"); strmov(end, "-old");
VOID(pthread_mutex_lock(&LOCK_error_log));
#ifdef __WIN__ #ifdef __WIN__
char err_temp[FN_REFLEN+4]; char err_temp[FN_REFLEN+4];
/* /*
...@@ -1804,7 +1805,7 @@ bool flush_error_log() ...@@ -1804,7 +1805,7 @@ bool flush_error_log()
the current error file. the current error file.
*/ */
strmov(strmov(err_temp, err_renamed),"-tmp"); strmov(strmov(err_temp, err_renamed),"-tmp");
(void) my_delete(err_temp, MYF(0)); (void) my_delete(err_temp, MYF(0));
if (freopen(err_temp,"a+",stdout)) if (freopen(err_temp,"a+",stdout))
{ {
freopen(err_temp,"a+",stderr); freopen(err_temp,"a+",stderr);
...@@ -1817,20 +1818,21 @@ bool flush_error_log() ...@@ -1817,20 +1818,21 @@ bool flush_error_log()
if ((fd = my_open(err_temp, O_RDONLY, MYF(0))) >= 0) if ((fd = my_open(err_temp, O_RDONLY, MYF(0))) >= 0)
{ {
while ((bytes = (int) my_read(fd, (byte*) buf, IO_SIZE, MYF(0))) > 0) while ((bytes = (int) my_read(fd, (byte*) buf, IO_SIZE, MYF(0))) > 0)
my_fwrite(stderr, (byte*) buf, (uint) strlen(buf),MYF(0)); my_fwrite(stderr, (byte*) buf, bytes, MYF(0));
my_close(fd, MYF(0)); my_close(fd, MYF(0));
} }
(void) my_delete(err_temp, MYF(0)); (void) my_delete(err_temp, MYF(0));
} }
else else
result= 1; result= 1;
#else #else
my_rename(log_error_file,err_renamed,MYF(0)); my_rename(log_error_file,err_renamed,MYF(0));
if (freopen(log_error_file,"a+",stdout)) if (freopen(log_error_file,"a+",stdout))
freopen(log_error_file,"a+",stderr); freopen(log_error_file,"a+",stderr);
else else
result= 1; result= 1;
#endif #endif
VOID(pthread_mutex_unlock(&LOCK_error_log));
} }
return result; return result;
} }
......
...@@ -564,7 +564,7 @@ select_export::prepare(List<Item> &list) ...@@ -564,7 +564,7 @@ select_export::prepare(List<Item> &list)
return 1; return 1;
} }
/* Create the file world readable */ /* Create the file world readable */
if ((file=my_create(path, 0666, O_WRONLY, MYF(MY_WME))) < 0) if ((file=my_create(path, 0666, O_WRONLY|O_EXCL, MYF(MY_WME))) < 0)
return 1; return 1;
#ifdef HAVE_FCHMOD #ifdef HAVE_FCHMOD
(void) fchmod(file,0666); // Because of umask() (void) fchmod(file,0666); // Because of umask()
...@@ -803,7 +803,7 @@ select_dump::prepare(List<Item> &list __attribute__((unused))) ...@@ -803,7 +803,7 @@ select_dump::prepare(List<Item> &list __attribute__((unused)))
return 1; return 1;
} }
/* Create the file world readable */ /* Create the file world readable */
if ((file=my_create(path, 0666, O_WRONLY, MYF(MY_WME))) < 0) if ((file=my_create(path, 0666, O_WRONLY|O_EXCL, MYF(MY_WME))) < 0)
return 1; return 1;
#ifdef HAVE_FCHMOD #ifdef HAVE_FCHMOD
(void) fchmod(file,0666); // Because of umask() (void) fchmod(file,0666); // Because of umask()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment