List:Commits« Previous MessageNext Message »
From:Alfranio Correia Date:February 14 2009 7:08pm
Subject:bzr commit into mysql-5.1-bugteam branch (alfranio.correia:2768)
Bug#38174
View as plain text  
#At file:///home/acorreia/workspace.sun/repository.mysql/bzrwork/bug-38174/mysql-5.1-bugteam/ based on revid:matthias.leich@stripped

 2768 Alfranio Correia	2009-02-14
      BUG#38174 secure-file-priv breaks LOAD DATA INFILE replication in statement mode
                  
      If secure-file-priv was set on slave, it became unable to execute
      LOAD DATA INFILE statements sent from master using mixed or
      statement-based replication.
                  
      This patch fixes the issue by ignoring this security restriction
      and checking if the files are created and read by the slave in the
      --slave-load-tmpdir while executing the SQL Thread.
added:
  mysql-test/suite/rpl/r/rpl_slave_load_in.result
  mysql-test/suite/rpl/t/rpl_slave_load_in.test
modified:
  sql/log_event.cc
  sql/log_event.h
  sql/rpl_rli.cc
  sql/rpl_rli.h
  sql/sql_load.cc

=== added file 'mysql-test/suite/rpl/r/rpl_slave_load_in.result'
--- a/mysql-test/suite/rpl/r/rpl_slave_load_in.result	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/rpl/r/rpl_slave_load_in.result	2009-02-14 19:08:14 +0000
@@ -0,0 +1,18 @@
+stop slave;
+drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
+reset master;
+reset slave;
+drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
+start slave;
+drop table if exists t1;
+create table t1(a int not null auto_increment, b int, primary key(a));
+load data infile '../../std_data/rpl_loaddata.dat' into table t1;
+select * from t1;
+a	b
+1	10
+2	15
+select * from t1;
+a	b
+1	10
+2	15
+drop table t1;

=== added file 'mysql-test/suite/rpl/t/rpl_slave_load_in.test'
--- a/mysql-test/suite/rpl/t/rpl_slave_load_in.test	1970-01-01 00:00:00 +0000
+++ b/mysql-test/suite/rpl/t/rpl_slave_load_in.test	2009-02-14 19:08:14 +0000
@@ -0,0 +1,49 @@
+##########################################################################
+# This test verifies if a slave is able to process a "LOAD DATA INFILE" 
+# event while the "--secure-file-priv" option is set.
+# 
+# The test is divided in two steps:
+#    1 - Creates a table and populates it through "LOAD DATA INFILE".
+#    2 - Compares the master and slave.
+##########################################################################
+
+##########################################################################
+#                       Configuring Environment
+##########################################################################
+source include/master-slave.inc;
+
+connection master;
+--disable_warnings
+drop table if exists t1;
+--enable_warnings
+
+##########################################################################
+#                            Loading data
+##########################################################################
+connection master;
+
+create table t1(a int not null auto_increment, b int, primary key(a));
+load data infile '../../std_data/rpl_loaddata.dat' into table t1;
+
+##########################################################################
+#                       Checking Consistency
+##########################################################################
+save_master_pos;
+connection slave;
+sync_with_master;
+
+connection master;
+select * from t1;
+connection slave;
+select * from t1;
+
+##########################################################################
+#                             Clean up
+##########################################################################
+connection master;
+
+drop table t1;
+
+save_master_pos;
+connection slave;
+sync_with_master;

=== modified file 'sql/log_event.cc'
--- a/sql/log_event.cc	2009-02-04 11:08:27 +0000
+++ b/sql/log_event.cc	2009-02-14 19:08:14 +0000
@@ -354,7 +354,7 @@ static char *slave_load_file_stem(char *
                                   int event_server_id, const char *ext)
 {
   char *res;
-  fn_format(buf,"SQL_LOAD-",slave_load_tmpdir, "", MY_UNPACK_FILENAME);
+  fn_format(buf,PREFIX_SQL_LOAD,slave_load_tmpdir, "", MY_UNPACK_FILENAME);
   to_unix_path(buf);
 
   buf = strend(buf);
@@ -393,7 +393,7 @@ static void cleanup_load_tmpdir()
      we cannot meet Start_log event in the middle of events from one 
      LOAD DATA.
   */
-  p= strmake(prefbuf, STRING_WITH_LEN("SQL_LOAD-"));
+  p= strmake(prefbuf, STRING_WITH_LEN(PREFIX_SQL_LOAD));
   p= int10_to_str(::server_id, p, 10);
   *(p++)= '-';
   *p= 0;

=== modified file 'sql/log_event.h'
--- a/sql/log_event.h	2009-01-23 12:22:05 +0000
+++ b/sql/log_event.h	2009-02-14 19:08:14 +0000
@@ -47,6 +47,8 @@
 #include "rpl_reporting.h"
 #endif
 
+#define PREFIX_SQL_LOAD "SQL_LOAD-"
+
 /**
    Either assert or return an error.
 

=== modified file 'sql/rpl_rli.cc'
--- a/sql/rpl_rli.cc	2008-09-28 07:34:25 +0000
+++ b/sql/rpl_rli.cc	2009-02-14 19:08:14 +0000
@@ -104,6 +104,12 @@ int init_relay_log_info(Relay_log_info* 
   rli->tables_to_lock= 0;
   rli->tables_to_lock_count= 0;
 
+  fn_format(rli->slave_patternload_file, PREFIX_SQL_LOAD, slave_load_tmpdir, "",
+            MY_PACK_FILENAME | MY_UNPACK_FILENAME |
+            MY_RETURN_REAL_PATH);
+  to_unix_path(rli->slave_patternload_file);
+  rli->slave_patternload_file_size= strlen(rli->slave_patternload_file);
+
   /*
     The relay log will now be opened, as a SEQ_READ_APPEND IO_CACHE.
     Note that the I/O thread flushes it to disk after writing every

=== modified file 'sql/rpl_rli.h'
--- a/sql/rpl_rli.h	2008-02-27 17:46:06 +0000
+++ b/sql/rpl_rli.h	2009-02-14 19:08:14 +0000
@@ -260,6 +260,13 @@ public:
   char ign_master_log_name_end[FN_REFLEN];
   ulonglong ign_master_log_pos_end;
 
+  /* 
+    Indentifies where the SQL Thread should create temporary files for the
+    LOAD DATA INFILE. This is used for security reasons.
+   */ 
+  char slave_patternload_file[FN_REFLEN]; 
+  size_t slave_patternload_file_size;  
+
   Relay_log_info();
   ~Relay_log_info();
 

=== modified file 'sql/sql_load.cc'
--- a/sql/sql_load.cc	2008-09-17 12:54:50 +0000
+++ b/sql/sql_load.cc	2009-02-14 19:08:14 +0000
@@ -15,10 +15,10 @@
 
 
 /* Copy data from a textfile to table */
-
 #include "mysql_priv.h"
 #include <my_dir.h>
 #include <m_ctype.h>
+#include "rpl_mi.h"
 #include "sql_repl.h"
 #include "sp_head.h"
 #include "sql_trigger.h"
@@ -310,8 +310,27 @@ int mysql_load(THD *thd,sql_exchange *ex
 	is_fifo = 1;
 #endif
 
-      if (opt_secure_file_priv &&
-          strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv)))
+      if (thd->slave_thread)
+      {
+#if defined(HAVE_REPLICATION) && !defined(MYSQL_CLIENT)
+        if (strncmp(active_mi->rli.slave_patternload_file, name, 
+            active_mi->rli.slave_patternload_file_size))
+        {
+          /*
+            LOAD DATA INFILE in the slave SQL Thread can only read from 
+            --slave-load-tmpdir". This should never happen.
+           */
+          abort();
+        }
+#else
+        /*
+          This is impossible and should never happen.
+        */
+        DBUG_ASSERT(FALSE); 
+#endif
+      }
+      else if (opt_secure_file_priv &&
+               strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv)))
       {
         /* Read only allowed from within dir specified by secure_file_priv */
         my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--secure-file-priv");
Thread
bzr commit into mysql-5.1-bugteam branch (alfranio.correia:2768)Bug#38174Alfranio Correia14 Feb