From 442c072fdf6c7dd2b7fcad5a44c6438b980629f4 Mon Sep 17 00:00:00 2001
From: unknown <reggie@mdk10.(none)>
Date: Sat, 21 May 2005 12:31:58 -0500
Subject: [PATCH 1/3] BUG# 9148: Denial of service

This is a second patch needing another review.  The first patch didn't solve
the entire problem.  open and fopen on Windows will still open
files like "com1.sym" when they shouldn't.  This patch
checks that the file exists before trying to open it.



mysys/my_fopen.c:
  on Windows, if we are not creating a file the we call my_access to make sure the
  file exists before trying to open it.
mysys/my_open.c:
  on Windows, if we are not creating a file the we call my_access to make sure the
  file exists before trying to open it.
---
 mysys/my_fopen.c | 18 +++++++++++++++---
 mysys/my_open.c  |  6 ++++++
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c
index e918b7b0de2..208e7e80fd8 100644
--- a/mysys/my_fopen.c
+++ b/mysys/my_fopen.c
@@ -33,9 +33,21 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags)
   DBUG_ENTER("my_fopen");
   DBUG_PRINT("my",("Name: '%s'  Flags: %d  MyFlags: %d",
 		   FileName, Flags, MyFlags));
-
-  make_ftype(type,Flags);
-  if ((fd = fopen(FileName, type)) != 0)
+  /* 
+   * if we are not creating, then we need to use my_access to make sure  
+   * the file exists since Windows doesn't handle files like "com1.sym" very  well 
+  */
+#ifdef __WIN__
+  if (! (Flags & O_CREAT) && my_access(FileName, F_OK))
+	  fd=0;
+  else
+#endif
+  {
+  	make_ftype(type,Flags);
+  	fd = fopen(FileName, type);
+  }
+  
+  if (fd != 0)
   {
     /*
       The test works if MY_NFILE < 128. The problem is that fileno() is char
diff --git a/mysys/my_open.c b/mysys/my_open.c
index ca5c0d8683f..1f3bb95b5a2 100644
--- a/mysys/my_open.c
+++ b/mysys/my_open.c
@@ -46,6 +46,12 @@ File my_open(const char *FileName, int Flags, myf MyFlags)
   DBUG_PRINT("my",("Name: '%s'  Flags: %d  MyFlags: %d",
 		   FileName, Flags, MyFlags));
 #if defined(MSDOS) || defined(__WIN__) || defined(__EMX__) || defined(OS2)
+  /* if we are not creating, then we need to use my_access to make 
+   * sure  the file exists since Windows doesn't handle files like 
+   * "com1.sym" very  well 
+  */  
+  if (! (Flags & O_CREAT) && my_access(FileName, F_OK))    
+	  return -1;
   if (Flags & O_SHARE)
     fd = sopen((my_string) FileName, (Flags & ~O_SHARE) | O_BINARY, SH_DENYNO,
 	       MY_S_IREAD | MY_S_IWRITE);

From 97bde75e4ed215354f86f1fd220e5eaf25920fc7 Mon Sep 17 00:00:00 2001
From: unknown <reggie@mdk10.(none)>
Date: Mon, 23 May 2005 14:48:25 -0500
Subject: [PATCH 2/3] BUG# 9148 Denial of service

fixups of test case and comment formatting


BitKeeper/deleted/.del-reserved_win_names-master.opt~e56da049a7ce9a5b:
  ***MISSING TEXT***
mysql-test/r/lowercase_table.result:
  added my test for bug #9148 to this test case
mysql-test/t/lowercase_table.test:
  added my test for bug #9148 to this test case
mysys/my_fopen.c:
  reformatted comments
mysys/my_open.c:
  reformatted comments
---
 mysql-test/r/lowercase_table.result        |  6 ++++++
 mysql-test/t/lowercase_table.test          | 11 +++++++++++
 mysql-test/t/reserved_win_names-master.opt |  1 -
 mysys/my_fopen.c                           |  5 +++--
 mysys/my_open.c                            |  7 ++++---
 5 files changed, 24 insertions(+), 6 deletions(-)
 delete mode 100644 mysql-test/t/reserved_win_names-master.opt

diff --git a/mysql-test/r/lowercase_table.result b/mysql-test/r/lowercase_table.result
index ef379cebaa9..499f46a237e 100644
--- a/mysql-test/r/lowercase_table.result
+++ b/mysql-test/r/lowercase_table.result
@@ -83,3 +83,9 @@ create table t2 like T1;
 drop table t1, t2;
 show tables;
 Tables_in_test
+use lpt1;
+ERROR 42000: Unknown database 'lpt1'
+use com1;
+ERROR 42000: Unknown database 'com1'
+use prn;
+ERROR 42000: Unknown database 'prn'
diff --git a/mysql-test/t/lowercase_table.test b/mysql-test/t/lowercase_table.test
index ee8dc403981..ca81c7c66bc 100644
--- a/mysql-test/t/lowercase_table.test
+++ b/mysql-test/t/lowercase_table.test
@@ -82,3 +82,14 @@ create table t2 like T1;
 drop table t1, t2;
 
 show tables;
+
+#
+#Bug 9148: Denial of service
+#
+--error 1049
+use lpt1;
+--error 1049
+use com1;
+--error 1049
+use prn;
+
diff --git a/mysql-test/t/reserved_win_names-master.opt b/mysql-test/t/reserved_win_names-master.opt
deleted file mode 100644
index 62ab6dad1e0..00000000000
--- a/mysql-test/t/reserved_win_names-master.opt
+++ /dev/null
@@ -1 +0,0 @@
---lower_case_table_names=1
diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c
index 208e7e80fd8..4310250bd0d 100644
--- a/mysys/my_fopen.c
+++ b/mysys/my_fopen.c
@@ -34,8 +34,9 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags)
   DBUG_PRINT("my",("Name: '%s'  Flags: %d  MyFlags: %d",
 		   FileName, Flags, MyFlags));
   /* 
-   * if we are not creating, then we need to use my_access to make sure  
-   * the file exists since Windows doesn't handle files like "com1.sym" very  well 
+    if we are not creating, then we need to use my_access to make sure  
+    the file exists since Windows doesn't handle files like "com1.sym" 
+    very  well 
   */
 #ifdef __WIN__
   if (! (Flags & O_CREAT) && my_access(FileName, F_OK))
diff --git a/mysys/my_open.c b/mysys/my_open.c
index 1f3bb95b5a2..ea4d99c3e8c 100644
--- a/mysys/my_open.c
+++ b/mysys/my_open.c
@@ -46,9 +46,10 @@ File my_open(const char *FileName, int Flags, myf MyFlags)
   DBUG_PRINT("my",("Name: '%s'  Flags: %d  MyFlags: %d",
 		   FileName, Flags, MyFlags));
 #if defined(MSDOS) || defined(__WIN__) || defined(__EMX__) || defined(OS2)
-  /* if we are not creating, then we need to use my_access to make 
-   * sure  the file exists since Windows doesn't handle files like 
-   * "com1.sym" very  well 
+  /* 
+    if we are not creating, then we need to use my_access to make 
+    sure  the file exists since Windows doesn't handle files like 
+    "com1.sym" very  well 
   */  
   if (! (Flags & O_CREAT) && my_access(FileName, F_OK))    
 	  return -1;

From b6c1f2302ab77e6cfd37bd05f8444ff0c82bc459 Mon Sep 17 00:00:00 2001
From: unknown <gbichot@bk-internal.mysql.com>
Date: Mon, 23 May 2005 23:54:39 +0200
Subject: [PATCH 3/3] marking the file gone again to hopefully get the tree on
 its feet

BitKeeper/etc/logging_ok:
  Logging to logging@openlogging.org accepted
---
 BitKeeper/etc/gone       | 1 +
 BitKeeper/etc/logging_ok | 1 +
 2 files changed, 2 insertions(+)

diff --git a/BitKeeper/etc/gone b/BitKeeper/etc/gone
index 63a759cf131..2d5522899d2 100644
--- a/BitKeeper/etc/gone
+++ b/BitKeeper/etc/gone
@@ -750,6 +750,7 @@ mwagner@work.mysql.com|mysql-test/r/3.23/sel000001.result|20001010091454|28284|3
 mwagner@work.mysql.com|mysql-test/r/3.23/sel000002.result|20001010091454|29230|d1787e6fd5dbc1cc
 nick@nick.leippe.com|mysql-test/r/rpl_empty_master_crash.result|20020531235552|47718|615f521be2132141
 nick@nick.leippe.com|mysql-test/t/rpl_empty_master_crash.test|20020531235552|52328|99464e737639ccc6
+reggie@mdk10.(none)|mysql-test/t/reserved_win_names-master.opt|20050520210356|14878|e56da049a7ce9a5b
 sasha@mysql.sashanet.com|BitKeeper/etc/logging_ok|20000801000905|12967|5b7d847a2158554
 sasha@mysql.sashanet.com|build-tags|20011125054855|05181|7afb7e785b80f97
 sasha@mysql.sashanet.com|build-tags|20011201050944|25384|b6f6fff142121618
diff --git a/BitKeeper/etc/logging_ok b/BitKeeper/etc/logging_ok
index 2ed4bf2a5d3..aad4399302e 100644
--- a/BitKeeper/etc/logging_ok
+++ b/BitKeeper/etc/logging_ok
@@ -49,6 +49,7 @@ dlenev@mysql.com
 ejonore@mc03.ndb.mysql.com
 evgen@moonbone.(none)
 evgen@moonbone.local
+gbichot@bk-internal.mysql.com
 gbichot@production.mysql.com
 gbichot@quadita2.mysql.com
 gbichot@quadxeon.mysql.com