On 4/8/11 4:43 PM, Nirbhay Choubey wrote:
> #At file:///home/nirbhay/Project/mysql/repo/bugs/mysql-5.1.49967/ based on
> revid:magne.mahre@stripped
>
> 3645 Nirbhay Choubey 2011-04-09
> Bug#11757855 - 49967: built-in libedit doesn't read
> .editrc on linux.
>
> MySQL client when build with libedit support ignores
> .editrc at startup.
>
> The reason for this regression was the incluison of a
> safety check, issetugid(), which is not available on
> some linux platforms.
>
> Fixed by adding an equivalent check for platforms which
> have get[e][u|g]id() set of functions.
OK to push. Some comments below.
> modified:
> cmd-line-utils/libedit/el.c
> configure.in
> === modified file 'cmd-line-utils/libedit/el.c'
> --- a/cmd-line-utils/libedit/el.c 2009-06-11 16:21:32 +0000
> +++ b/cmd-line-utils/libedit/el.c 2011-04-08 19:42:58 +0000
> @@ -478,7 +478,10 @@ el_source(EditLine *el, const char *fnam
>
> fp = NULL;
> if (fname == NULL) {
> -#ifdef HAVE_ISSETUGID
> +#if (defined(HAVE_ISSETUGID) || (defined(HAVE_GETUID)&& \
> + defined(HAVE_GETEUID)&& \
> + defined(HAVE_GETGID)&& \
> + defined(HAVE_GETEGID)))
Use a different define for HAVE_GET* checks. Something like:
#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \
defined(HAVE_GETGID) && defined(HAVE_GETEGID)
#define HAVE_IDENTITY_FUNCS 1
#endif
#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS))
> static const char elpath[] = "/.editrc";
> /* XXXMYSQL: Portability fix (for which platforms?) */
> #ifdef MAXPATHLEN
> @@ -486,9 +489,13 @@ el_source(EditLine *el, const char *fnam
> #else
> char path[4096];
> #endif
> -
> +#ifdef HAVE_ISSETUGID
> if (issetugid())
> return (-1);
> +#else
Should #elif defined HAVE_IDENTITY_FUNCS
> + if (getuid() != geteuid() || getgid() != getegid())
> + return (-1);
> +#endif
> if ((ptr = getenv("HOME")) == NULL)
> return (-1);
> if (strlcpy(path, ptr, sizeof(path))>= sizeof(path))
> @@ -498,9 +505,10 @@ el_source(EditLine *el, const char *fnam
> fname = path;
> #else
> /*
> - * If issetugid() is missing, always return an error, in order
> - * to keep from inadvertently opening up the user to a security
> - * hole.
> + * If issetugid() or the above mentioned get[e][u|g]id()
> + * functions are missing, always return an error, in order
> + * to keep from inadvertently opening up the user to a
> + * security hole.
> */
> return (-1);
> #endif
>
> === modified file 'configure.in'
> --- a/configure.in 2011-03-03 20:11:47 +0000
> +++ b/configure.in 2011-04-08 19:42:58 +0000
> @@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h,
> [AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])])
>
> AC_CHECK_FUNCS(strlcat strlcpy)
> -AC_CHECK_FUNCS(issetugid)
> +AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid)
Do not forget to add the checks in cmake when porting to 5.5.
Regards,
Davi
