From: Nuno Carvalho Date: February 3 2012 6:45pm Subject: bzr push into mysql-trunk branch (nuno.carvalho:3839 to 3840) Bug#11758581 List-Archive: http://lists.mysql.com/commits/142752 X-Bug: 11758581 Message-Id: <201202031845.q13Ij7Up010203@acsmt357.oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit 3840 Nuno Carvalho 2012-02-03 BUG#11758581 - 50801: CHANGE MASTER ACCEPTS BOGUS VARIABLES CHANGE MASTER command did not check invalid characters on its parameters. Also on server restart, invalid values were trimmed causing the loss of part of the variables value. SQL parser was improved to prohibit the use of new line characters on CHANGE MASTER variables, throwing a ER_WRONG_VALUE error when such character is used. modified: mysql-test/suite/rpl/r/rpl_change_master.result mysql-test/suite/rpl/t/rpl_change_master.test sql/sql_yacc.yy 3839 Tor Didriksen 2012-02-03 All the subquery_sj_xxx tests can get thread stack overrun on solaris modified: mysql-test/collections/default.experimental === modified file 'mysql-test/suite/rpl/r/rpl_change_master.result' --- a/mysql-test/suite/rpl/r/rpl_change_master.result 2011-11-19 08:08:03 +0000 +++ b/mysql-test/suite/rpl/r/rpl_change_master.result 2012-02-03 18:09:00 +0000 @@ -96,4 +96,26 @@ drop table t1; include/stop_slave.inc CHANGE MASTER TO master_host='SAVE_MASTER_HOST'; include/start_slave.inc +include/stop_slave.inc +CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='', MASTER_PORT=MASTER_PORT; +ERROR HY000: Incorrect arguments to MASTER_HOST +CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='127.0.0.1\n127.0.0.1', MASTER_PORT=MASTER_PORT; +ERROR HY000: Incorrect argument contains not-allowed LF value: '127.0.0.1 +127.0.0.1' +CHANGE MASTER TO MASTER_USER='root\n', MASTER_HOST='master2.mycompany.com', MASTER_PORT=MASTER_PORT, MASTER_USER='replication', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.001', MASTER_LOG_POS=4; +ERROR HY000: Incorrect argument contains not-allowed LF value: 'root +' +CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='master2.mycompany.com', MASTER_PORT=MASTER_PORT, MASTER_USER='repli\ncation', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.001', MASTER_LOG_POS=4; +ERROR HY000: Incorrect argument contains not-allowed LF value: 'repli +cation' +CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='master2.mycompany.com', MASTER_PORT=MASTER_PORT, MASTER_USER='replication', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.\n001', MASTER_LOG_POS=4; +ERROR HY000: Incorrect argument contains not-allowed LF value: 'master2-bin. +001' +CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='127.0.0.1', MASTER_PORT=MASTER_PORT; +Warnings: +Note 1756 Sending passwords in plain text without SSL/TLS is extremely insecure. +Note 1757 Storing MySQL user name or password information in the master.info repository is not secure and is therefore not recommended. Please see the MySQL Manual for more about this issue and possible alternatives. +include/start_slave.inc +Master_Host = '127.0.0.1' +include/rpl_reset.inc include/rpl_end.inc === modified file 'mysql-test/suite/rpl/t/rpl_change_master.test' --- a/mysql-test/suite/rpl/t/rpl_change_master.test 2010-12-19 17:25:42 +0000 +++ b/mysql-test/suite/rpl/t/rpl_change_master.test 2012-02-03 18:09:00 +0000 @@ -11,4 +11,50 @@ --source include/master-slave.inc --source extra/rpl_tests/rpl_change_master.test + + +# BUG#11758581 - 50801: CHANGE MASTER ACCEPTS BOGUS VARIABLES +# We want to check if CHANGE MASTER values have newline characters. +connection slave; + +### +### This should fail with error ER_WRONG_ARGUMENTS due to empty MASTER_HOST +### value. +### +--source include/stop_slave.inc +--replace_result $MASTER_MYPORT MASTER_PORT +--error ER_WRONG_ARGUMENTS +eval CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='', MASTER_PORT=$MASTER_MYPORT; + +### +### This should fail with error ER_SYNTAX_ERROR due to newline +### in string values. +### +--replace_result $MASTER_MYPORT MASTER_PORT +--error ER_WRONG_VALUE +eval CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='127.0.0.1\n127.0.0.1', MASTER_PORT=$MASTER_MYPORT; + +--replace_result $MASTER_MYPORT MASTER_PORT +--error ER_WRONG_VALUE +eval CHANGE MASTER TO MASTER_USER='root\n', MASTER_HOST='master2.mycompany.com', MASTER_PORT=$MASTER_MYPORT, MASTER_USER='replication', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.001', MASTER_LOG_POS=4; + +--replace_result $MASTER_MYPORT MASTER_PORT +--error ER_WRONG_VALUE +eval CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='master2.mycompany.com', MASTER_PORT=$MASTER_MYPORT, MASTER_USER='repli\ncation', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.001', MASTER_LOG_POS=4; + +--replace_result $MASTER_MYPORT MASTER_PORT +--error ER_WRONG_VALUE +eval CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='master2.mycompany.com', MASTER_PORT=$MASTER_MYPORT, MASTER_USER='replication', MASTER_PASSWORD='bigs3cret', MASTER_LOG_FILE='master2-bin.\n001', MASTER_LOG_POS=4; + +### +### This should be accepted. +### +--replace_result $MASTER_MYPORT MASTER_PORT +eval CHANGE MASTER TO MASTER_USER='root', MASTER_HOST='127.0.0.1', MASTER_PORT=$MASTER_MYPORT; + +--source include/start_slave.inc +--let $status_items= Master_Host +--source include/show_slave_status.inc +--source include/rpl_reset.inc + --source include/rpl_end.inc === modified file 'sql/sql_yacc.yy' --- a/sql/sql_yacc.yy 2011-12-19 12:53:11 +0000 +++ b/sql/sql_yacc.yy 2012-02-03 18:09:00 +0000 @@ -1504,7 +1504,7 @@ bool my_yyoverflow(short **a, YYSTYPE ** IDENT_sys TEXT_STRING_sys TEXT_STRING_literal NCHAR_STRING opt_component key_cache_name sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty - opt_constraint constraint opt_ident + opt_constraint constraint opt_ident TEXT_STRING_sys_nonewline %type opt_table_alias @@ -1983,19 +1983,19 @@ master_defs: ; master_def: - MASTER_HOST_SYM EQ TEXT_STRING_sys + MASTER_HOST_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.host = $3.str; } - | MASTER_BIND_SYM EQ TEXT_STRING_sys + | MASTER_BIND_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.bind_addr = $3.str; } - | MASTER_USER_SYM EQ TEXT_STRING_sys + | MASTER_USER_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.user = $3.str; } - | MASTER_PASSWORD_SYM EQ TEXT_STRING_sys + | MASTER_PASSWORD_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.password = $3.str; } @@ -2027,23 +2027,23 @@ master_def: Lex->mi.ssl= $3 ? LEX_MASTER_INFO::LEX_MI_ENABLE : LEX_MASTER_INFO::LEX_MI_DISABLE; } - | MASTER_SSL_CA_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CA_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_ca= $3.str; } - | MASTER_SSL_CAPATH_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CAPATH_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_capath= $3.str; } - | MASTER_SSL_CERT_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CERT_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_cert= $3.str; } - | MASTER_SSL_CIPHER_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CIPHER_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_cipher= $3.str; } - | MASTER_SSL_KEY_SYM EQ TEXT_STRING_sys + | MASTER_SSL_KEY_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_key= $3.str; } @@ -2052,11 +2052,11 @@ master_def: Lex->mi.ssl_verify_server_cert= $3 ? LEX_MASTER_INFO::LEX_MI_ENABLE : LEX_MASTER_INFO::LEX_MI_DISABLE; } - | MASTER_SSL_CRL_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CRL_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_crl= $3.str; } - | MASTER_SSL_CRLPATH_SYM EQ TEXT_STRING_sys + | MASTER_SSL_CRLPATH_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.ssl_crlpath= $3.str; } @@ -2121,7 +2121,7 @@ ignore_server_id: } master_file_def: - MASTER_LOG_FILE_SYM EQ TEXT_STRING_sys + MASTER_LOG_FILE_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.log_file_name = $3.str; } @@ -2141,7 +2141,7 @@ master_file_def: */ Lex->mi.pos = max(BIN_LOG_HEADER_SIZE, Lex->mi.pos); } - | RELAY_LOG_FILE_SYM EQ TEXT_STRING_sys + | RELAY_LOG_FILE_SYM EQ TEXT_STRING_sys_nonewline { Lex->mi.relay_log_name = $3.str; } @@ -12814,6 +12814,19 @@ IDENT_sys: } } ; + +TEXT_STRING_sys_nonewline: + TEXT_STRING_sys + { + if (!strcont($1.str, "\n")) + $$= $1; + else + { + my_error(ER_WRONG_VALUE, MYF(0), "argument contains not-allowed LF", $1.str); + MYSQL_YYABORT; + } + } + ; TEXT_STRING_sys: TEXT_STRING No bundle (reason: useless for push emails).