From: Date: July 31 2008 11:54am
Subject: bzr commit into mysql-5.0 branch (holyfoot:2584) Bug#32167
List-Archive: http://lists.mysql.com/commits/50773
X-Bug: 32167
Message-Id: <20080731095405.0C2912C380B7@hfmain.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

#At file:///home/hf/work/mysql_common/50xyz/

 2584 Alexey Botchkov	2008-07-31
      Buq#32167 another privilege bypass with DATA/INDEX DIRECTORY.
      
          test_if_data_home_dir fixed to look into real path.
          Checks added to mi_open for symlinks into data home directory.
      
       per-file messages:
              include/my_sys.h
                Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
                
                my_is_symlink interface added
      
              mysql-test/r/udf.result
                test result fixed (not related to #32167)
      
              mysys/my_symlink.c
                my_is_symlink() implementsd
                my_realpath() now returns the 'realpath' even if a file isn't a symlink
modified:
  include/my_sys.h
  mysql-test/r/udf.result
  mysys/my_symlink.c

=== modified file 'include/my_sys.h'
--- a/include/my_sys.h	2008-07-18 15:40:31 +0000
+++ b/include/my_sys.h	2008-07-31 09:42:44 +0000
@@ -575,6 +575,7 @@ extern int my_close(File Filedes,myf MyF
 extern File my_dup(File file, myf MyFlags);
 extern int my_mkdir(const char *dir, int Flags, myf MyFlags);
 extern int my_readlink(char *to, const char *filename, myf MyFlags);
+extern int my_is_symlink(const char *filename);
 extern int my_realpath(char *to, const char *filename, myf MyFlags);
 extern File my_create_with_symlink(const char *linkname, const char *filename,
 				   int createflags, int access_flags,

=== modified file 'mysql-test/r/udf.result'
--- a/mysql-test/r/udf.result	2007-11-27 15:16:52 +0000
+++ b/mysql-test/r/udf.result	2008-07-31 09:42:44 +0000
@@ -1,5 +1,7 @@
 drop table if exists t1;
 CREATE FUNCTION metaphon RETURNS STRING SONAME "UDF_EXAMPLE_LIB";
+Warnings:
+Warning	1105	plugin_dir was not specified
 CREATE FUNCTION myfunc_double RETURNS REAL SONAME "UDF_EXAMPLE_LIB";
 CREATE FUNCTION myfunc_nonexist RETURNS INTEGER SONAME "UDF_EXAMPLE_LIB";
 ERROR HY000: Can't find function 'myfunc_nonexist' in library
@@ -197,6 +199,8 @@ DROP FUNCTION avgcost;
 select * from mysql.func;
 name	ret	dl	type
 CREATE FUNCTION is_const RETURNS STRING SONAME "UDF_EXAMPLE_LIB";
+Warnings:
+Warning	1105	plugin_dir was not specified
 select IS_const(3);
 IS_const(3)
 const
@@ -206,6 +210,8 @@ name	ret	dl	type
 select is_const(3);
 ERROR 42000: FUNCTION test.is_const does not exist
 CREATE FUNCTION is_const RETURNS STRING SONAME "UDF_EXAMPLE_LIB";
+Warnings:
+Warning	1105	plugin_dir was not specified
 select
 is_const(3) as const,
 is_const(3.14) as const,

=== modified file 'mysys/my_symlink.c'
--- a/mysys/my_symlink.c	2006-12-23 19:17:15 +0000
+++ b/mysys/my_symlink.c	2008-07-31 09:42:44 +0000
@@ -2,7 +2,8 @@
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
 
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -106,38 +107,38 @@ int my_symlink(const char *content, cons
 #define BUFF_LEN FN_LEN
 #endif
 
+int my_is_symlink(const char *filename __attribute__((unused)))
+{
+  struct stat stat_buff;
+  return !lstat(filename, &stat_buff) && S_ISLNK(stat_buff.st_mode);
+}
+
+
 int my_realpath(char *to, const char *filename,
 		myf MyFlags __attribute__((unused)))
 {
 #if defined(HAVE_REALPATH) && !defined(HAVE_purify) && !defined(HAVE_BROKEN_REALPATH)
   int result=0;
   char buff[BUFF_LEN];
-  struct stat stat_buff;
+  char *ptr;
   DBUG_ENTER("my_realpath");
 
-  if (!(MyFlags & MY_RESOLVE_LINK) ||
-      (!lstat(filename,&stat_buff) && S_ISLNK(stat_buff.st_mode)))
+  DBUG_PRINT("info",("executing realpath"));
+  if ((ptr=realpath(filename,buff)))
+    strmake(to,ptr,FN_REFLEN-1);
+  else
   {
-    char *ptr;
-    DBUG_PRINT("info",("executing realpath"));
-    if ((ptr=realpath(filename,buff)))
-    {
-      strmake(to,ptr,FN_REFLEN-1);
-    }
-    else
-    {
-      /*
-	Realpath didn't work;  Use my_load_path() which is a poor substitute
-	original name but will at least be able to resolve paths that starts
-	with '.'.
-      */
-      DBUG_PRINT("error",("realpath failed with errno: %d", errno));
-      my_errno=errno;
-      if (MyFlags & MY_WME)
-	my_error(EE_REALPATH, MYF(0), filename, my_errno);
-      my_load_path(to, filename, NullS);
-      result= -1;
-    }
+    /*
+      Realpath didn't work;  Use my_load_path() which is a poor substitute
+      original name but will at least be able to resolve paths that starts
+      with '.'.
+    */
+    DBUG_PRINT("error",("realpath failed with errno: %d", errno));
+    my_errno=errno;
+    if (MyFlags & MY_WME)
+      my_error(EE_REALPATH, MYF(0), filename, my_errno);
+    my_load_path(to, filename, NullS);
+    result= -1;
   }
   DBUG_RETURN(result);
 #else
@@ -145,3 +146,4 @@ int my_realpath(char *to, const char *fi
   return 0;
 #endif
 }
+