#At file:///home/bzr/bugs/b58246-5.1-bugteam/ based on revid:davi.arnaut@stripped
3508 Mats Kindahl 2010-11-22
BUG#58246: INSTALL PLUGIN not secure & crashable
When installing plugins, there is a missing check
for slash (/) in the path on Windows. Note that on
Windows, both / and \ can be used to separate
directories.
This patch fixes the issue by adding a check for /
on Windows, similar to how it is done in sql_udf.cc.
modified:
sql/sql_plugin.cc
=== modified file 'sql/sql_plugin.cc'
--- a/sql/sql_plugin.cc 2010-08-05 12:10:24 +0000
+++ b/sql/sql_plugin.cc 2010-11-22 15:09:51 +0000
@@ -361,6 +361,7 @@ static st_plugin_dl *plugin_dl_add(const
plugin directory are used (to make this even remotely secure).
*/
if (my_strchr(files_charset_info, dl->str, dl->str + dl->length, FN_LIBCHAR) ||
+ IF_WIN(my_strchr(files_charset_info, dl->str, dl->str + dl->length, '/'), 0) ||
check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN,
system_charset_info, 1) ||
plugin_dir_len + dl->length + 1 >= FN_REFLEN)
Attachment: [text/bzr-bundle] bzr/mats.kindahl@oracle.com-20101122150951-otplrt6twtpvpsl0.bundle
