mirror of
https://github.com/MariaDB/server.git
synced 2025-07-02 14:22:51 +03:00
bef12c6ed1
"load data infile .." allowed for access to unautohorized tables. Due to a faulty if-statement it was possible to circumvent the secure_file_priv restriction.
24 lines
697 B
Plaintext
24 lines
697 B
Plaintext
#
|
|
# Bug58747 breaks secure_file_priv+not secure yet+still accesses other folders
|
|
#
|
|
CREATE TABLE t1 (c1 INT);
|
|
#
|
|
# Before the patch this statement failed with
|
|
# Linux:
|
|
# -> errno 13: 'Can't get stat of '
|
|
# Windows:
|
|
# -> Warning 1366 Incorrect integer value: '■■☺' for
|
|
# -> column 'c1' at row 1
|
|
# Now it should consistently fail with ER_OPTION_PREVENTS_STATEMENT
|
|
# on all platforms.
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
LOAD DATA INFILE "t1.MYI" into table t1;
|
|
|
|
#
|
|
# The following test makes the assuption that /test isn't a valid path in any
|
|
# operating system running the test suite.
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
LOAD DATA INFILE "/test" into table t1;
|
|
|
|
DROP TABLE t1;
|