#At bzr+ssh://bk-internal.mysql.com/bzrroot/server/mysql-maria/
2676 Michael Widenius 2008-10-15
Merging of changes from myisam -> maria missing in last 5.1 - 5.1->maria merge
MARIA_MAX_MSG_BUF -> HA_MAX_MSG_BUF
modified:
include/maria.h
storage/maria/ha_maria.cc
storage/maria/ma_check.c
storage/maria/ma_create.c
storage/maria/ma_open.c
storage/maria/ma_static.c
storage/maria/maria_chk.c
storage/maria/maria_def.h
per-file messages:
include/maria.h
Remove MARIA_MAX_MSG_BUF; We are now using HA_MAX_MSG_BUF
Added maria_test_invalid_symlink
storage/maria/ha_maria.cc
MARIA_MAX_MSG_BUF -> HA_MAX_MSG_BUF
storage/maria/ma_check.c
Removed tab in string constant
Add extra argument to ma_open_datafile()
storage/maria/ma_create.c
Set error number if table is in use
storage/maria/ma_open.c
Added name argument to open functions for security check if filename is linked to another file in database directory
storage/maria/ma_static.c
Default functions for checking if wrong symlink
storage/maria/maria_chk.c
Add extra argument to _ma_open_datafile()
storage/maria/maria_def.h
Add extra argument to _ma_open_datafile()
=== modified file 'include/maria.h'
--- a/include/maria.h 2008-06-26 05:18:28 +0000
+++ b/include/maria.h 2008-10-14 21:23:33 +0000
@@ -43,7 +43,6 @@ extern "C" {
#define MARIA_MAX_KEY MAX_INDEXES /* Max allowed keys */
#endif
-#define MARIA_MAX_MSG_BUF 1024 /* used in CHECK TABLE, REPAIR TABLE */
#define MARIA_NAME_IEXT ".MAI"
#define MARIA_NAME_DEXT ".MAD"
/* Max extra space to use when sorting keys */
@@ -273,6 +272,12 @@ extern my_off_t maria_max_temp_length;
extern ulong maria_bulk_insert_tree_size, maria_data_pointer_size;
extern PAGECACHE maria_pagecache_var, *maria_pagecache;
extern MY_TMPDIR *maria_tmpdir;
+/*
+ This is used to check if a symlink points into the mysql data home,
+ which is normally forbidden as it can be used to get access to
+ not privileged data
+*/
+extern int (*maria_test_invalid_symlink)(const char *filename);
/* Prototypes for maria-functions */
=== modified file 'storage/maria/ha_maria.cc'
--- a/storage/maria/ha_maria.cc 2008-10-09 20:03:54 +0000
+++ b/storage/maria/ha_maria.cc 2008-10-14 21:23:33 +0000
@@ -241,7 +241,7 @@ static void _ma_check_print_msg(HA_CHECK
THD *thd= (THD *) param->thd;
Protocol *protocol= thd->protocol;
uint length, msg_length;
- char msgbuf[MARIA_MAX_MSG_BUF];
+ char msgbuf[HA_MAX_MSG_BUF];
char name[NAME_LEN * 2 + 2];
msg_length= my_vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
@@ -3097,6 +3097,11 @@ static int ha_maria_init(void *p)
((force_start_after_recovery_failures != 0) && mark_recovery_success()) ||
ma_checkpoint_init(checkpoint_interval);
maria_multi_threaded= maria_in_ha_maria= TRUE;
+
+#if defined(HAVE_REALPATH) && !defined(HAVE_purify) && !defined(HAVE_BROKEN_REALPATH)
+ /* We can only test for sub paths if my_symlink.c is using realpath */
+ maria_test_invalid_symlink= test_if_data_home_dir;
+#endif
return res ? HA_ERR_INITIALIZATION : 0;
}
=== modified file 'storage/maria/ma_check.c'
--- a/storage/maria/ma_check.c 2008-08-25 11:49:47 +0000
+++ b/storage/maria/ma_check.c 2008-10-14 21:23:33 +0000
@@ -2097,14 +2097,14 @@ int maria_chk_data_link(HA_CHECK *param,
if (param->del_blocks != share->state.state.del)
{
_ma_check_print_warning(param,
- "Found %10s deleted blocks Should be: %s",
+ "Found %10s deleted blocks. Should be: %s",
llstr(param->del_blocks,llbuff),
llstr(share->state.state.del,llbuff2));
}
if (param->splits != share->state.split)
{
_ma_check_print_warning(param,
- "Found %10s parts Should be: %s parts",
+ "Found %10s key parts. Should be: %s",
llstr(param->splits, llbuff),
llstr(share->state.split,llbuff2));
}
@@ -2685,7 +2685,7 @@ int maria_repair(HA_CHECK *param, regist
(param->testflag & T_BACKUP_DATA ?
MYF(MY_REDEL_MAKE_BACKUP): MYF(0)) |
sync_dir) ||
- _ma_open_datafile(info, share, -1))
+ _ma_open_datafile(info, share, NullS, -1))
{
goto err;
}
@@ -3794,7 +3794,7 @@ int maria_repair_by_sort(HA_CHECK *param
(param->testflag & T_BACKUP_DATA ?
MYF(MY_REDEL_MAKE_BACKUP): MYF(0)) |
sync_dir) ||
- _ma_open_datafile(info, share, -1))
+ _ma_open_datafile(info, share, NullS, -1))
{
_ma_check_print_error(param, "Couldn't change to new data file");
goto err;
@@ -4402,7 +4402,7 @@ err:
MYF((param->testflag & T_BACKUP_DATA ?
MY_REDEL_MAKE_BACKUP : 0) |
sync_dir)) ||
- _ma_open_datafile(info,share,-1))
+ _ma_open_datafile(info,share, NullS, -1))
got_error=1;
}
}
=== modified file 'storage/maria/ma_create.c'
--- a/storage/maria/ma_create.c 2008-08-28 18:52:23 +0000
+++ b/storage/maria/ma_create.c 2008-10-14 21:23:33 +0000
@@ -836,6 +836,7 @@ int maria_create(const char *name, enum
my_printf_error(0, "MARIA table '%s' is in use "
"(most likely by a MERGE table). Try FLUSH TABLES.",
MYF(0), name + dirname_length(name));
+ my_errno= HA_ERR_TABLE_EXIST;
goto err;
}
=== modified file 'storage/maria/ma_open.c'
--- a/storage/maria/ma_open.c 2008-10-09 20:03:54 +0000
+++ b/storage/maria/ma_open.c 2008-10-14 21:23:33 +0000
@@ -85,8 +85,8 @@ MARIA_HA *_ma_test_if_reopen(const char
*/
-static MARIA_HA *maria_clone_internal(MARIA_SHARE *share, int mode,
- File data_file)
+static MARIA_HA *maria_clone_internal(MARIA_SHARE *share, const char *name,
+ int mode, File data_file)
{
int save_errno;
uint errpos;
@@ -104,7 +104,7 @@ static MARIA_HA *maria_clone_internal(MA
}
if (data_file >= 0)
info.dfile.file= data_file;
- else if (_ma_open_datafile(&info, share, -1))
+ else if (_ma_open_datafile(&info, share, name, -1))
goto err;
errpos= 5;
@@ -236,7 +236,7 @@ MARIA_HA *maria_clone(MARIA_SHARE *share
{
MARIA_HA *new_info;
pthread_mutex_lock(&THR_LOCK_maria);
- new_info= maria_clone_internal(share, mode,
+ new_info= maria_clone_internal(share, NullS, mode,
share->data_file_type == BLOCK_RECORD ?
share->bitmap.file.file : -1);
pthread_mutex_unlock(&THR_LOCK_maria);
@@ -256,7 +256,7 @@ MARIA_HA *maria_clone(MARIA_SHARE *share
MARIA_HA *maria_open(const char *name, int mode, uint open_flags)
{
int kfile,open_mode,save_errno;
- uint i,j,len,errpos,head_length,base_pos,info_length,keys,
+ uint i,j,len,errpos,head_length,base_pos,info_length,keys, realpath_err,
key_parts,unique_key_parts,fulltext_keys,uniques;
char name_buff[FN_REFLEN], org_name[FN_REFLEN], index_name[FN_REFLEN],
data_name[FN_REFLEN];
@@ -277,8 +277,16 @@ MARIA_HA *maria_open(const char *name, i
head_length=sizeof(share_buff.state.header);
bzero((uchar*) &info,sizeof(info));
- my_realpath(name_buff, fn_format(org_name,name,"",MARIA_NAME_IEXT,
- MY_UNPACK_FILENAME),MYF(0));
+ realpath_err= my_realpath(name_buff, fn_format(org_name, name, "",
+ MARIA_NAME_IEXT,
+ MY_UNPACK_FILENAME),MYF(0));
+ if (my_is_symlink(org_name) &&
+ (realpath_err || (*maria_test_invalid_symlink)(name_buff)))
+ {
+ my_errno= HA_WRONG_CREATE_OPTION;
+ DBUG_RETURN(0);
+ }
+
pthread_mutex_lock(&THR_LOCK_maria);
old_info= 0;
if ((open_flags & HA_OPEN_COPY) ||
@@ -347,7 +355,7 @@ MARIA_HA *maria_open(const char *name, i
if (!strcmp(name_buff, org_name) ||
my_readlink(index_name, org_name, MYF(0)) == -1)
(void) strmov(index_name, org_name);
- *strrchr(org_name, '.')= '\0';
+ *strrchr(org_name, FN_EXTCHAR)= '\0';
(void) fn_format(data_name,org_name,"",MARIA_NAME_DEXT,
MY_APPEND_EXT|MY_UNPACK_FILENAME|MY_RESOLVE_SYMLINKS);
@@ -739,7 +747,7 @@ MARIA_HA *maria_open(const char *name, i
if ((share->data_file_type == BLOCK_RECORD ||
share->data_file_type == COMPRESSED_RECORD))
{
- if (_ma_open_datafile(&info, share, -1))
+ if (_ma_open_datafile(&info, share, name, -1))
goto err;
data_file= info.dfile.file;
}
@@ -884,7 +892,7 @@ MARIA_HA *maria_open(const char *name, i
data_file= share->bitmap.file.file; /* Only opened once */
}
- if (!(m_info= maria_clone_internal(share, mode, data_file)))
+ if (!(m_info= maria_clone_internal(share, name, mode, data_file)))
goto err;
pthread_mutex_unlock(&THR_LOCK_maria);
@@ -1729,9 +1737,27 @@ void _ma_set_index_pagecache_callbacks(P
exist a dup()-like call that would give us two different file descriptors.
*************************************************************************/
-int _ma_open_datafile(MARIA_HA *info, MARIA_SHARE *share,
+int _ma_open_datafile(MARIA_HA *info, MARIA_SHARE *share, const char *org_name,
File file_to_dup __attribute__((unused)))
{
+ char *data_name= share->data_file_name.str;
+ char real_data_name[FN_REFLEN];
+
+ if (org_name)
+ {
+ fn_format(real_data_name, org_name, "", MARIA_NAME_DEXT, 4);
+ if (my_is_symlink(real_data_name))
+ {
+ if (my_realpath(real_data_name, real_data_name, MYF(0)) ||
+ (*maria_test_invalid_symlink)(real_data_name))
+ {
+ my_errno= HA_WRONG_CREATE_OPTION;
+ return 1;
+ }
+ data_name= real_data_name;
+ }
+ }
+
info->dfile.file= share->bitmap.file.file=
my_open(share->data_file_name.str, share->mode | O_SHARE,
MYF(MY_WME));
=== modified file 'storage/maria/ma_static.c'
--- a/storage/maria/ma_static.c 2008-08-06 19:30:05 +0000
+++ b/storage/maria/ma_static.c 2008-10-14 21:23:33 +0000
@@ -13,6 +13,15 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
+
+static int always_valid(const char *filename __attribute__((unused)))
+{
+ return 0;
+}
+
+int (*maria_test_invalid_symlink)(const char *filename)= always_valid;
+
+
/*
Static variables for MARIA library. All definied here for easy making of
a shared library
=== modified file 'storage/maria/maria_chk.c'
--- a/storage/maria/maria_chk.c 2008-09-05 13:52:21 +0000
+++ b/storage/maria/maria_chk.c 2008-10-14 21:23:33 +0000
@@ -1189,7 +1189,7 @@ static int maria_chk(HA_CHECK *param, ch
VOID(my_close(info->dfile.file, MYF(MY_WME))); /* Close new file */
error|=maria_change_to_newfile(filename,MARIA_NAME_DEXT,DATA_TMP_EXT,
MYF(0));
- if (_ma_open_datafile(info,info->s, -1))
+ if (_ma_open_datafile(info,info->s, NullS, -1))
error=1;
param->out_flag&= ~O_NEW_DATA; /* We are using new datafile */
param->read_cache.file= info->dfile.file;
=== modified file 'storage/maria/maria_def.h'
--- a/storage/maria/maria_def.h 2008-10-09 20:03:54 +0000
+++ b/storage/maria/maria_def.h 2008-10-14 21:23:33 +0000
@@ -1100,7 +1100,8 @@ void _ma_def_scan_restore_pos(MARIA_HA *
extern MARIA_HA *_ma_test_if_reopen(const char *filename);
my_bool _ma_check_table_is_closed(const char *name, const char *where);
-int _ma_open_datafile(MARIA_HA *info, MARIA_SHARE *share, File file_to_dup);
+int _ma_open_datafile(MARIA_HA *info, MARIA_SHARE *share, const char *org_name,
+ File file_to_dup);
int _ma_open_keyfile(MARIA_SHARE *share);
void _ma_setup_functions(register MARIA_SHARE *share);
my_bool _ma_dynmap_file(MARIA_HA *info, my_off_t size);
| Thread |
|---|
| • bzr commit into MySQL/Maria:mysql-maria branch (monty:2676) | Michael Widenius | 14 Oct |
