#At file:///home/nirbhay/Project/mysql/repo/bugs/mysql-5.1.49967/ based on revid:magne.mahre@stripped
3645 Nirbhay Choubey 2011-04-09
Bug#11757855 - 49967: built-in libedit doesn't read
.editrc on linux.
MySQL client when build with libedit support ignores
.editrc at startup.
The reason for this regression was the incluison of a
safety check, issetugid(), which is not available on
some linux platforms.
Fixed by adding an equivalent check for platforms which
have get[e][u|g]id() set of functions.
@ cmd-line-utils/libedit/el.c
Bug#11757855 - 49967: built-in libedit doesn't read
.editrc on linux.
Added function calls to check user/group IDs on linux
systems which does not have issetugid() function.
@ configure.in
Bug#11757855 - 49967: built-in libedit doesn't read
.editrc on linux.
Added check for getuid, geteuid, getgid, getegid
functions.
modified:
cmd-line-utils/libedit/el.c
configure.in
=== modified file 'cmd-line-utils/libedit/el.c'
--- a/cmd-line-utils/libedit/el.c 2009-06-11 16:21:32 +0000
+++ b/cmd-line-utils/libedit/el.c 2011-04-08 19:42:58 +0000
@@ -478,7 +478,10 @@ el_source(EditLine *el, const char *fnam
fp = NULL;
if (fname == NULL) {
-#ifdef HAVE_ISSETUGID
+#if (defined(HAVE_ISSETUGID) || (defined(HAVE_GETUID) && \
+ defined(HAVE_GETEUID) && \
+ defined(HAVE_GETGID) && \
+ defined(HAVE_GETEGID)))
static const char elpath[] = "/.editrc";
/* XXXMYSQL: Portability fix (for which platforms?) */
#ifdef MAXPATHLEN
@@ -486,9 +489,13 @@ el_source(EditLine *el, const char *fnam
#else
char path[4096];
#endif
-
+#ifdef HAVE_ISSETUGID
if (issetugid())
return (-1);
+#else
+ if (getuid() != geteuid() || getgid() != getegid())
+ return (-1);
+#endif
if ((ptr = getenv("HOME")) == NULL)
return (-1);
if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
@@ -498,9 +505,10 @@ el_source(EditLine *el, const char *fnam
fname = path;
#else
/*
- * If issetugid() is missing, always return an error, in order
- * to keep from inadvertently opening up the user to a security
- * hole.
+ * If issetugid() or the above mentioned get[e][u|g]id()
+ * functions are missing, always return an error, in order
+ * to keep from inadvertently opening up the user to a
+ * security hole.
*/
return (-1);
#endif
=== modified file 'configure.in'
--- a/configure.in 2011-03-03 20:11:47 +0000
+++ b/configure.in 2011-04-08 19:42:58 +0000
@@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h,
[AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])])
AC_CHECK_FUNCS(strlcat strlcpy)
-AC_CHECK_FUNCS(issetugid)
+AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid)
AC_CHECK_FUNCS(fgetln)
AC_CHECK_FUNCS(getline flockfile)
Attachment: [text/bzr-bundle] bzr/nirbhay.choubey@oracle.com-20110408194258-c5j7hcl1qannbnck.bundle
