List:Commits« Previous MessageNext Message »
From:Nirbhay Choubey Date:August 30 2012 6:37pm
Subject:bzr push into mysql-5.6 branch (nirbhay.choubey:4200 to 4201) Bug#14513708
View as plain text  
 4201 Nirbhay Choubey	2012-08-30
      Bug #14513708 .MYLOGIN.CNF SHOULD BE IGNORED IF ITS
      NOT EXCLUSIVELY READ/WRITABLE BY CURR. USER
      
      In the option handling system, the file permissions
      for login file were being checked like other option
      files.
      
      Added a check separately for login file to make sure
      that it gets ignored if its not exclusively readable/
      writable by current user. Also moved the permissions-
      checking code to a new function.
      
      Manually tested.

    modified:
      client/mysql_config_editor.cc
      mysys_ssl/my_default.cc
 4200 Vasil Dimov	2012-08-30
      Backport WL#6347 InnoDB: Index level compression stats
      from mysql-trunk into mysql-5.6

    added:
      mysql-test/suite/innodb/include/innodb_create_tab_indx.inc
      mysql-test/suite/innodb/include/innodb_fectch_records.inc
      mysql-test/suite/innodb/include/innodb_load_data.inc
      mysql-test/suite/innodb/include/innodb_stats_comp_index.inc
      mysql-test/suite/innodb/include/innodb_stats_restart.inc
      mysql-test/suite/innodb/r/innodb_cmp_per_index.result
      mysql-test/suite/innodb/r/innodb_wl6347_comp_indx_stat.result
      mysql-test/suite/innodb/t/innodb_cmp_per_index.test
      mysql-test/suite/innodb/t/innodb_wl6347_comp_indx_stat.test
      mysql-test/suite/sys_vars/r/innodb_cmp_per_index_enabled_basic.result
      mysql-test/suite/sys_vars/t/innodb_cmp_per_index_enabled_basic.test
    modified:
      mysql-test/r/information_schema.result
      mysql-test/r/mysqlshow.result
      storage/innobase/handler/ha_innodb.cc
      storage/innobase/handler/i_s.cc
      storage/innobase/handler/i_s.h
      storage/innobase/include/page0types.h
      storage/innobase/include/page0zip.h
      storage/innobase/include/page0zip.ic
      storage/innobase/include/srv0srv.h
      storage/innobase/page/page0zip.cc
      storage/innobase/srv/srv0srv.cc
=== modified file 'client/mysql_config_editor.cc'
--- a/client/mysql_config_editor.cc	2012-07-13 14:28:34 +0000
+++ b/client/mysql_config_editor.cc	2012-08-30 18:29:28 +0000
@@ -366,7 +366,6 @@ static my_bool check_and_create_login_fi
 
   const int access_flag= (O_RDWR | O_BINARY);
   const ushort create_mode= (S_IRUSR | S_IWUSR );
-  const ushort create_mode_all= (S_IRWXU | S_IRWXG | S_IRWXO);
 
   /* Get the login file name. */
   if (! my_default_get_login_file(my_login_file, sizeof(my_login_file)))
@@ -418,7 +417,7 @@ static my_bool check_and_create_login_fi
 #ifdef _WIN32
     if (1)
 #else
-    if (!(create_mode ^ (stat_info.st_mode & create_mode_all)))
+    if (!(stat_info.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO)))
 #endif
     {
       verbose_msg("File has the required permission.\nOpening the file.\n");

=== modified file 'mysys_ssl/my_default.cc'
--- a/mysys_ssl/my_default.cc	2012-08-03 17:38:02 +0000
+++ b/mysys_ssl/my_default.cc	2012-08-30 18:29:28 +0000
@@ -155,6 +155,7 @@ static int search_default_file_with_ext(
 					const char *dir, const char *ext,
 					const char *config_file, int recursion_level);
 static my_bool mysql_file_getline(char *str, int size, MYSQL_FILE *file);
+static int check_file_permissions(const char *file_name);
 
 
 /**
@@ -861,7 +862,7 @@ static int search_default_file_with_ext(
   MYSQL_FILE *fp;
   uint line=0;
   my_bool found_group=0;
-  uint i;
+  uint i, rc;
   MY_DIR *search_dir;
   FILEINFO *search_file;
 
@@ -879,25 +880,10 @@ static int search_default_file_with_ext(
     strmov(name,config_file);
   }
   fn_format(name,name,"","",4);
-#if !defined(__WIN__)
-  {
-    MY_STAT stat_info;
-    if (!my_stat(name,&stat_info,MYF(0)))
-      return 1;
-    /*
-      Ignore world-writable regular files.
-      This is mainly done to protect us to not read a file created by
-      the mysqld server, but the check is still valid in most context. 
-    */
-    if ((stat_info.st_mode & S_IWOTH) &&
-	(stat_info.st_mode & S_IFMT) == S_IFREG)
-    {
-      fprintf(stderr, "Warning: World-writable config file '%s' is ignored\n",
-              name);
-      return 0;
-    }
-  }
-#endif
+
+  if ((rc= check_file_permissions(name)) < 2)
+    return (int) rc;
+
   if (is_login_file)
   {
     if ( !(fp = mysql_file_fopen(key_file_cnf, name, (O_RDONLY | O_BINARY),
@@ -1464,3 +1450,48 @@ int my_default_get_login_file(char *file
 
   return 1;
 }
+
+/**
+  Check file permissions of the option file.
+
+  @param file_name [in]       Name of the option file.
+
+  @return  0 - Non-allowable file permissions.
+           1 - Failed to stat.
+           2 - Success.
+*/
+static int check_file_permissions(const char *file_name)
+{
+#if !defined(__WIN__)
+  MY_STAT stat_info;
+
+  if (!my_stat(file_name,&stat_info,MYF(0)))
+    return 1;
+  /*
+    Ignore .mylogin.cnf file if not exclusively readable/writable
+    by current user.
+  */
+  if (is_login_file && (stat_info.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO))
+      && (stat_info.st_mode & S_IFMT) == S_IFREG)
+  {
+    fprintf(stderr, "Warning: %s should be readable/writable only by "
+            "current user.\n", file_name);
+    return 0;
+  }
+  /*
+    Ignore world-writable regular files.
+    This is mainly done to protect us to not read a file created by
+    the mysqld server, but the check is still valid in most context.
+  */
+  else if ((stat_info.st_mode & S_IWOTH) &&
+           (stat_info.st_mode & S_IFMT) == S_IFREG)
+
+  {
+    fprintf(stderr, "Warning: World-writable config file '%s' is ignored\n",
+            file_name);
+    return 0;
+  }
+#endif
+  return 2;                                     /* Success */
+}
+

No bundle (reason: useless for push emails).
Thread
bzr push into mysql-5.6 branch (nirbhay.choubey:4200 to 4201) Bug#14513708Nirbhay Choubey30 Aug