database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-01-06 05:22:24 +03:00
Code Activity

merged

Browse Source
This commit is contained in:
serg@serg.mylan
2005-05-19 15:20:10 +02:00
parent f30f95183b 1bb2a929fb
commit 23a59c9857
5 changed files with 293 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
sql/sql_udf.cc
View File

@@ -194,7 +194,9 @@ void udf_init()
This is done to ensure that only approved dll from the system
directories are used (to make this even remotely secure).
*/
if (strchr(dl_name, '/') || name.length > NAME_LEN)
if (strchr(dl_name, '/') ||
IF_WIN(strchr(dl_name, '\\'),0) ||
strlen(name.str) > NAME_LEN)
{
sql_print_error("Invalid row in mysql.func table for function '%.64s'",
name.str);
@@ -223,7 +225,7 @@ void udf_init()
}
tmp->dlhandle = dl;
{
char buf[MAX_FIELD_NAME+16], *missing;
char buf[NAME_LEN+16], *missing;
if ((missing= init_syms(tmp, buf)))
{
sql_print_error(ER(ER_CANT_FIND_DL_ENTRY), missing);
@@ -410,7 +412,7 @@ int mysql_create_function(THD *thd,udf_func *udf)
This is done to ensure that only approved dll from the system
directories are used (to make this even remotely secure).
*/
if (strchr(udf->dl, '/'))
if (strchr(udf->dl, '/') || IF_WIN(strchr(dl_name, '\\'),0))
{
my_message(ER_UDF_NO_PATHS, ER(ER_UDF_NO_PATHS), MYF(0));
DBUG_RETURN(1);
@@ -441,7 +443,7 @@ int mysql_create_function(THD *thd,udf_func *udf)
}
udf->dlhandle=dl;
{
char buf[MAX_FIELD_NAME+16], *missing;
char buf[NAME_LEN+16], *missing;
if ((missing= init_syms(udf, buf)))
{
my_error(ER_CANT_FIND_DL_ENTRY, MYF(0), missing);