database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-31 22:22:30 +03:00
Code Activity

Made LOAD DATA LOCAL INFILE more secure

Browse Source
This commit is contained in:
monty@tik.mysql.fi
2002-02-13 21:53:26 +02:00
parent 1efcc3e35e
commit 1f9b1e1915
13 changed files with 93 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
sql/sql_parse.cc
View File

@@ -1796,13 +1796,20 @@ mysql_execute_command(void)
{
uint privilege= (lex->duplicates == DUP_REPLACE ?
INSERT_ACL | UPDATE_ACL | DELETE_ACL : INSERT_ACL);
if (!(lex->local_file && (thd->client_capabilities & CLIENT_LOCAL_FILES)))
if (!lex->local_file)
{
if (check_access(thd,privilege | FILE_ACL,tables->db))
goto error;
}
else
{
if (!(thd->client_capabilities & CLIENT_LOCAL_FILES) ||
! opt_local_infile)
{
send_error(&thd->net,ER_NOT_ALLOWED_COMMAND);
goto error;
}
if (check_access(thd,privilege,tables->db,&tables->grant.privilege) ||
grant_option && check_grant(thd,privilege,tables))
goto error;