From: Nirbhay Choubey Date: April 29 2011 1:22pm Subject: bzr commit into mysql-5.1 branch (nirbhay.choubey:3678) Bug#11757855 List-Archive: http://lists.mysql.com/commits/136417 X-Bug: 11757855 Message-Id: <201104291323.p3TDNEW0000316@acsmt356.oracle.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1100748953==" --===============1100748953== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline #At file:///home/nirbhay/Project/mysql/repo/bugs/mysql-5.1.49967/ based on revid:bjorn.munch@stripped 3678 Nirbhay Choubey 2011-04-29 Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. MySQL client when build with libedit support ignores .editrc at startup. The reason for this regression was the incluison of a safety check, issetugid(), which is not available on some linux platforms. Fixed by adding an equivalent check for platforms which have get[e][u|g]id() set of functions. @ cmd-line-utils/libedit/el.c Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added function calls to check user/group IDs on linux systems which does not have issetugid() function. @ configure.in Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added check for getuid, geteuid, getgid, getegid functions. modified: cmd-line-utils/libedit/el.c configure.in === modified file 'cmd-line-utils/libedit/el.c' --- a/cmd-line-utils/libedit/el.c 2009-06-11 16:21:32 +0000 +++ b/cmd-line-utils/libedit/el.c 2011-04-29 13:22:46 +0000 @@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fnam fp = NULL; if (fname == NULL) { -#ifdef HAVE_ISSETUGID +/* XXXMYSQL: Bug#49967 */ +#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \ + defined(HAVE_GETGID) && defined(HAVE_GETEGID) +#define HAVE_IDENTITY_FUNCS 1 +#endif + +#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS)) static const char elpath[] = "/.editrc"; /* XXXMYSQL: Portability fix (for which platforms?) */ #ifdef MAXPATHLEN @@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fnam #else char path[4096]; #endif - +#ifdef HAVE_ISSETUGID if (issetugid()) return (-1); +#elif defined(HAVE_IDENTITY_FUNCS) + if (getuid() != geteuid() || getgid() != getegid()) + return (-1); +#endif if ((ptr = getenv("HOME")) == NULL) return (-1); if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path)) @@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fnam fname = path; #else /* - * If issetugid() is missing, always return an error, in order - * to keep from inadvertently opening up the user to a security - * hole. + * If issetugid() or the above mentioned get[e][u|g]id() + * functions are missing, always return an error, in order + * to keep from inadvertently opening up the user to a + * security hole. */ return (-1); #endif === modified file 'configure.in' --- a/configure.in 2011-04-11 09:58:44 +0000 +++ b/configure.in 2011-04-29 13:22:46 +0000 @@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h, [AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])]) AC_CHECK_FUNCS(strlcat strlcpy) -AC_CHECK_FUNCS(issetugid) +AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid) AC_CHECK_FUNCS(fgetln) AC_CHECK_FUNCS(getline flockfile) --===============1100748953== MIME-Version: 1.0 Content-Type: text/bzr-bundle; charset="us-ascii"; name="bzr/nirbhay.choubey@stripped" Content-Transfer-Encoding: 7bit Content-Disposition: inline # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: nirbhay.choubey@stripped\ # h4ocwark7szp8rcn # target_branch: file:///home/nirbhay/Project/mysql/repo/bugs/mysql-\ # 5.1.49967/ # testament_sha1: ea0dd8c6551c86cda653b2abe479df7edf4d3ea9 # timestamp: 2011-04-29 18:52:53 +0530 # base_revision_id: bjorn.munch@stripped\ # 8wxiv666wfvuduho # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWcOygfcAAvX/gEA1EAB59/// f+8vbr////RgB2+XvWXPVrU0Bq3LlV1bMu73bzDJETT01NT0m0Gp5EyZhTIBoNADQAAGgSUTFMT1 PUxpBqnk1PU009J6QB6gANAAAANKn6k/Sm1T9RD1PTQGkaZHqYACaMmTCGEZGmAYhQGplPTTTSJp 6DTSeiGQAaAAAAGhxkaZMTQZMmE0yBkNAaA0yaGAE0BhJIJoGpkGgRpNqZNMmUb1EHkynqfqjRo0 yHqep6RE91OgOgR1+f2z3CJGzh5EyVKnpo9R+UYet8d5TTmyWp1/OOusIksKmeII+rot+Nd5KLqd PS6MeDDy8ySIiuRDWZOIMVa9B8S4YZhmCnf8keMawZZKnPiOHMZdye/ijOR1iaMqUxfeUbtLjtTf 97c0dxcBwqRbWZ4BAP6Z4sEI+gpGX5ODNJ6c3Q4TNYzduySeP5TtKuL7jMpkUNQxD1w+JyOK6WxC gWS1hC7G0DQERHTBqlNvMWodbsUQB9+xZjsNKDjXy6S6JF4HKTvmwzHaIDIlHk6Hyuu5zTBiilCC h7cQCsw3ZGumrWMlszEH8xlyisgOoLoAY6Bf2i9KaKHdykTJQ41x/DKvSsENICVSDgzFRD5lpdkF lxtR+qGFnCKQTanF+2UYU2WYwYAPOWiCwCdgDiMw0afElRJcxEkxBWlDqC3bluApZqozqfu9vVGK 3MpiXCZPY+AK2mypYFHapK7JZbtjVganX2uA077WdIHjyS6UWn+0KOo3vcr2qelq5dTSS1LHqcWl m7B9CUM2Ur13WoCwveBIuNAGKo1yVpYkY9NeQULWdD6Zy6hY13KtYVMTzbocI5FAz3uxObay6/Sp kIq+eYjXZnqaOCkiRAwF1V0ACQ6s1MgjJg6G/usZrNwtPNx5zBVbgBRlz340xy1SHsoutWUVBG5Y V8IUUKFeBiKSjBtUqDiTQWhA2sxXFNdoRrfPZt2xM+1TT0QnSFpWRnt1VrQMdgopp5LHDipRJODT mK84xU56R+XhNwVxyzzm1UagK5UTdPQ7EorDTPFki5ykDmgMTfG+o5ANiqjXZphUts502Ki5wGjl stOAc0KqwnYq0MuEYUTkZbEg9I8Lm2eAzp3RoiqaYM4zyVDpFjlieAiOpZyjClFFLevlV/eem5TG 6DUjP7Dd0x6F1IJ/sgYrGTJv151f5P+YfCH8CKav67V8l3DP8EFoYmDwxRd3hNhm+dRBmaSixQnR 8D/K6QrWWZIGM3jlKFgmTlVMe3gGdBMu8YrjPIhqOEx3f6xNBE2VDkvecTwrOfpGIC6Tp/E7yLHf 7apHZ+CFiRBruovCKO7uOTf2V1GDin4YZoXJWgSa71xbIUDn0gqO37zeZi/Qe47SETgwF/wiRgI0 LDI2/RDKj1CJBvCew4N8b4koZBxXietNmOZxTUgZdWEEHOuIkwgxqE/E6dNwFQk/ugnXqSNSs94F qseDA3mcgckwd/Hy6+SEILGFRU7EFL4I5x5h2yraUe3Qexi82Ead6aciriIwqA7Roux4DLblXk4d A4GVquiApkCXIQlaMd7S8UeLXKL2Ke4NMWNjVKtAsAQkRHELSkAXi174syoTZVHHEDQBXtzqZjlT XgrCVQAjNnaZXxnOuCJI/lWRsihNdphOB6crAqzHkw30lxU9SOyZ67ZT2amNphVCCQgEXGtGRxYl yxwRtEWqu0Mk3De7alzatdZtIQKiJznQUvWW1lCh6zrMjyPTzDGskBUuGRBEc5UnvYKfYuQkdQFs 0/cbpvAGM8gDzq+6SQZJtOd9jEZhouNCQkcoB4ecTZp7BFtJ2NokGgH41T1xQYQVgFFbcyz6uIHk LZsesJBeNMgzMAh6tCBVWTIOv+1Cc4aiNWEnQVDkxGtNuDG43IlayUXZ5W5dnnoR6NlOKgZgYPRS glhxoui5dSQtrAbf8uCp9MllJ9VT3LkVbBaFEDUsfmRGpXqnlQzBNE3Lr5ZDXMXNusQnC4zEEuZ+ O7RBGLYzRmVsUMrH55JKCcNcVWKkiqM0AhBblW0uk8Jg4T9NorptVbyCgohJTHbLFxOVAQdLEdcs qgyGQ6occ8nANS5yGRHKsstB1pi/0WYjNxTVQibAwD7U14GPkWjgCwfDKJYa06NkHAzgOVyGqD2c IlDKMEKSHbnokto9OLsoirXBP13sNlwFwEsGDBYnqqJkVuNWKoyGZSI17PHHfaRuudHjZOZjWx1t rUBBbrEYBn7gI15EYIck/i+kMhtTLMInja0AOFpCwh0pHpLkOZlVAj6G6u9aV5KvPYYzQGF2G8a8 +AxZ4AfYhnDi0hhUdCoNds+wbFWzNlEQkIQhGahkHCaPqLo7gAx51hHKi8iUioZm8RvkiBBWDOM9 OqzPV4V0j1W4gDWyuLzaTYTTVKmh6Y1gNSgGkS6LccgRo5z6QMoDmgskktYF/NxbhSK7KbDjROgc SXRyTR6CYefBtjSUFPmVinxRRNXrrDWtjVeBOrcmohUp4LetiHV32qhE0y/oYa2WNcgaKD9HcMMD TTCRyNRNWsoRjIDT3GMzn/i7kinChIYdlA+4 --===============1100748953==--