database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

MDEV-33727 mariadb-dump trusts the server and does not validate the data

Browse Source 
safety first - tell mariadb client not to execute dangerous
cli commands, they cannot be present in the dump anyway.

wrapping the command in /*!999999 ..... */ guarantees that
if a non-mariadb-cli client loads the dump and sends it to the
server - the server will ignore the command it doesn't understand
This commit is contained in:
Sergei Golubchik
2024-05-05 17:37:37 +02:00
parent 2025597c0b
commit 13663cb5c4
25 changed files with 246 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
mysql-test/main/mysqldump-system.result
View File

@ -38,6 +38,7 @@ CREATE FUNCTION metaphon RETURNS STRING SONAME "UDF_EXAMPLE_LIB";
#
# mysqldump of system tables with --system=all
#
/*!999999\- enable the sandbox mode */
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
@ -162,6 +163,7 @@ UNLOCK TABLES;
#
# mysqldump of system tables with --system=all --replace
#
/*!999999\- enable the sandbox mode */
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
@ -307,6 +309,7 @@ UNLOCK TABLES;
#
# mysqldump of system tables with --system=all --insert-ignore
#
/*!999999\- enable the sandbox mode */
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;