MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Chad MILLER Date:August 11 2006 7:31pm
Subject:bk commit into 5.0 tree (cmiller:1.2250) BUG#21224
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of cmiller. When cmiller does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2006-08-11 15:31:06-04:00, cmiller@stripped +1 -0
  Bug#21224: mysql_upgrade uses possibly insecure temporary files
  
  We open for writing a known location, which is exploitable with a symlink
  attack.  Now, use the EXCLusive flag, so that the presence of anything at 
  that location causes a failure.  Try once to open safely, and if failure 
  then remove that location and try again to open safely.  If both fail, then
  raise an error.

  client/mysql_upgrade.c@stripped, 2006-08-11 15:31:04-04:00, cmiller@stripped +14 -2
    Open the file with the O_EXCL flag, so that a symlink attack would not work.
    
    If opening it fails, try removing something at that location, and try again.
    If the second time fails, then abort as previous.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	cmiller
# Host:	zippy.cornsilk.net
# Root:	/home/cmiller/work/mysql/m50-maint--07R2F

--- 1.3/client/mysql_upgrade.c	2006-08-11 15:31:10 -04:00
+++ 1.4/client/mysql_upgrade.c	2006-08-11 15:31:10 -04:00
@@ -149,17 +149,29 @@
   File our_defaults_file, defaults_file;
   char buffer[512];
   char *buffer_end;
+  int failed_to_open_count= 0;
   int error;
 
   /* check if the defaults file is needed at all */
   if (!opt_password)
     return 0;
 
-  defaults_file= my_open(path, O_BINARY | O_CREAT | O_WRONLY,
+retry_open:
+  defaults_file= my_open(path, O_BINARY | O_CREAT | O_WRONLY | O_EXCL,
                          MYF(MY_FAE | MY_WME));
 
   if (defaults_file < 0)
-    return 1;
+  {
+    if (failed_to_open_count == 0)
+    {
+      remove(path);
+      failed_to_open_count+= 1;
+      goto retry_open;
+    }
+    else
+      return 1;
+  }
+
   upgrade_defaults_created= 1;
   if (our_defaults_path)
   {
Thread
bk commit into 5.0 tree (cmiller:1.2250) BUG#21224Chad MILLER11 Aug