mirror of
https://github.com/MariaDB/server.git
synced 2026-01-06 05:22:24 +03:00
4812d81eab
When the client program had its stdout file descriptor closed by the calling shell, after some amount of work (enough to fill a socket buffer) the server would complain about a packet error and then disconnect the client. This is a serious security problem. If stdout is closed before the mysql is exec()d, then the first socket() call allocates file number 1 to communicate with the server. Subsequent write()s to that file number (as when printing results that come back from the database) go back to the server instead in the command channel. So, one should be able to craft data which, upon being selected back from the server to the client, and injected into the command stream become valid MySQL protocol to do something nasty when sent /back/ to the server. The solution is to close explicitly the file descriptor that we *printf() to, so that the libc layer and the OS layer both agree that the file is closed.
This is a release of MySQL, a dual-license SQL database server. MySQL is brought to you by the MySQL team at MySQL AB. License information can be found in these files: - For GPL (free) distributions, see the COPYING file. - For commercial distributions, see the MySQLEULA.txt file. For further information about MySQL or additional documentation, see: - The latest information about MySQL: http://www.mysql.com - The current MySQL documentation: http://dev.mysql.com/doc Some manual sections of special interest: - If you are migrating from an older version of MySQL, please read the "Upgrading from..." section first! - To see what MySQL can do, take a look at the features section. - For installation instructions, see the Installation chapter. - For future plans, see the TODO appendix. - For the new features/bugfix history, see the News appendix. - For the currently known bugs/misfeatures (known errors) see the problems appendix. - For a list of developers and other contributors, see the Credits appendix. A local copy of the MySQL Reference Manual can be found in the Docs directory in GNU Info format. You can also browse the manual online or download it in any of several formats at the URL given earlier in this file. ************************************************************ IMPORTANT: Bug or error reports should be sent to http://bugs.mysql.com.