database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-01 03:47:19 +03:00
Code Activity

MDEV-221 - Properly escape command line when starting mysql_install_db

Browse Source 
since password characters can contain quotes or spaces.

The proper quoting method for command line arguments used here was  extracted from
http://blogs.msdn.com/b/twistylittlepassagesallalike/archive/2011/04/23/everyone-quotes-arguments-the-wrong-way.aspx

Additionally, mysql_install_db.exe now passes root password to "mysqld.exe --bootstrap"
 in hexadecimal form, to handle potential special chars inside password string literal.
This commit is contained in:
Vladislav Vaintroub
2012-04-16 15:28:33 +02:00
parent e638e60589
commit 4da30b3e3d
3 changed files with 101 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
sql/mysql_install_db.cc
View File

@ -316,9 +316,9 @@ static int create_myini()
static const char update_root_passwd_part1[]=
"UPDATE mysql.user SET Password = PASSWORD('";
"UPDATE mysql.user SET Password = PASSWORD(";
static const char update_root_passwd_part2[]=
"') where User='root';\n";
") where User='root';\n";
static const char remove_default_user_cmd[]=
"DELETE FROM mysql.user where User='';\n";
static const char allow_remote_root_access_cmd[]=
@ -589,11 +589,19 @@ static int create_db_instance()
}
/* Change root password if requested. */
if (opt_password)
if (opt_password && opt_password[0])
{
verbose("Changing root password",remove_default_user_cmd);
verbose("Setting root password",remove_default_user_cmd);
fputs(update_root_passwd_part1, in);
fputs(opt_password, in);
/* Use hex encoding for password, to avoid escaping problems.*/
fputc('0', in);
fputc('x', in);
for(int i= 0; opt_password[i]; i++)
{
fprintf(in,"%02x",opt_password[i]);
}
fputs(update_root_passwd_part2, in);
fflush(in);
}