Bug#27167197 USING ? IN INSTALL PLUGIN QUERY ABORTS DEBUG, AND HANGS OPTIMIZED SERVER

check_valid_path() uses my_strcspn() that cannot handle invalid characters properly. This is fixed by a big refactoring in 10.2 (MDEV-6353). For 5.5, let's simply swap tests, because check_string_char_length() rejects invalid characters just fine.
2025-07-27 18:02:13 +03:00 · 2019-07-24 13:14:03 +02:00
parent 5e8ab9b7af
commit 8ddb7e3eb7
3 changed files with 19 additions and 2 deletions
--- a/sql/sql_plugin.cc
+++ b/sql/sql_plugin.cc
@ -736,9 +736,9 @@ static st_plugin_dl *plugin_dl_add(const LEX_STRING *dl, int report)
    This is done to ensure that only approved libraries from the
    plugin directory are used (to make this even remotely secure).
  */
-  if (check_valid_path(dl->str, dl->length) ||
-      check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN,
+  if (check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN,
                               system_charset_info, 1) ||
+      check_valid_path(dl->str, dl->length) ||
      plugin_dir_len + dl->length + 1 >= FN_REFLEN)
  {
    report_error(report, ER_UDF_NO_PATHS);