mirror of
https://github.com/MariaDB/server.git
synced 2025-07-29 05:21:33 +03:00
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
test_if_data_home_dir fixed to look into real path.
Checks added to mi_open for symlinks into data home directory.
per-file messages:
include/my_sys.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink interface added
include/myisam.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlink interface added
myisam/mi_check.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile calls modified
myisam/mi_open.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
code added to mi_open to check for symlinks into data home directory.
mi_open_datafile now accepts 'original' file path to check if it's
an allowed symlink.
myisam/mi_static.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invlaid_symlink defined
myisam/myisamchk.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile call modified
myisam/myisamdef.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile interface modified - 'real_path' parameter added
mysql-test/r/symlink.test
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error codes corrected as some patch now rejected pointing inside datahome
mysql-test/r/symlink.result
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected in the result
mysys/my_symlink.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink() implementsd
my_realpath() now returns the 'realpath' even if a file isn't a symlink
sql/mysql_priv.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
test_if_data_home_dir interface
sql/mysqld.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
sql/sql_parse.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected
test_if_data_home_dir code fixed
This commit is contained in:
Alexey Botchkov
@ -477,6 +477,7 @@ char mysql_real_data_home[FN_REFLEN],
|
||||
*opt_init_file, *opt_tc_log_file,
|
||||
mysql_unpacked_real_data_home[FN_REFLEN],
|
||||
def_ft_boolean_syntax[sizeof(ft_boolean_syntax)];
|
||||
int mysql_unpacked_real_data_home_len;
|
||||
char *mysql_data_home= mysql_real_data_home;
|
||||
const key_map key_map_empty(0);
|
||||
key_map key_map_full(0); // Will be initialized later
|
||||
@ -6696,6 +6697,7 @@ static void mysql_init_variables(void)
|
||||
/* Things reset to zero */
|
||||
opt_skip_slave_start= opt_reckless_slave = 0;
|
||||
mysql_home[0]= pidfile_name[0]= log_error_file[0]= 0;
|
||||
myisam_test_invalid_symlink= test_if_data_home_dir;
|
||||
opt_log= opt_slow_log= 0;
|
||||
opt_update_log= 0;
|
||||
opt_bin_log= 0;
|
||||
@ -7746,9 +7748,12 @@ static void fix_paths(void)
|
||||
pos[1]= 0;
|
||||
}
|
||||
convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
|
||||
(void) fn_format(buff, mysql_real_data_home, "", "",
|
||||
(MY_RETURN_REAL_PATH|MY_RESOLVE_SYMLINKS));
|
||||
(void) unpack_dirname(mysql_unpacked_real_data_home, buff);
|
||||
my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
|
||||
mysql_unpacked_real_data_home_len= strlen(mysql_unpacked_real_data_home);
|
||||
if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
|
||||
--mysql_unpacked_real_data_home_len;
|
||||
|
||||
|
||||
convert_dirname(language,language,NullS);
|
||||
(void) my_load_path(mysql_home,mysql_home,""); // Resolve current dir
|
||||
(void) my_load_path(mysql_real_data_home,mysql_real_data_home,mysql_home);
|
||||
|
||||
Reference in New Issue
Block a user