From b1bfec73099b8349f07673e68d1d7ac25316dd4c Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 18 Jan 2007 11:38:05 -0500 Subject: [PATCH] Bug#22807 mysql_upgrade fails when called with a basedir-path containing spaces - Create space safe strings for system() calls in mysql_upgrade.exe client/mysql_upgrade.c: Bug#22807 mysql_upgrade fails when called with a basedir-path containing spaces - Make use of new dynstr_append_os_quoted function to produce a string safe for passing to the system() function. - Refactor possible source of assertion. include/my_sys.h: Bug#22807 mysql_upgrade fails when called with a basedir-path containing spaces - Declare dynstr_append_os_quoted function. mysys/string.c: Bug#22807 mysql_upgrade fails when called with a basedir-path containing spaces - Define dynstr_append_os_quoted function. This function will concatenate any number of strings, escapes any OS quote in the result then surround the whole affair in another set of quotes which is finally appended to specified DYNAMIC_STRING. --- client/mysql_upgrade.c | 77 +++++++++++++++++++++++++++++++----------- include/my_sys.h | 2 ++ mysys/string.c | 52 ++++++++++++++++++++++++++++ 3 files changed, 111 insertions(+), 20 deletions(-) diff --git a/client/mysql_upgrade.c b/client/mysql_upgrade.c index cce4b440be0..01e544af972 100644 --- a/client/mysql_upgrade.c +++ b/client/mysql_upgrade.c @@ -461,7 +461,12 @@ int main(int argc, char **argv) load_defaults("my", load_default_groups, &argc, &argv); - if (handle_options(&argc, &argv, my_long_options, get_one_option)) + /* + Must init_dynamic_string before handle_options because string is freed + at error label. + */ + if (init_dynamic_string(&cmdline, NULL, 2 * FN_REFLEN + 128, FN_REFLEN) || + handle_options(&argc, &argv, my_long_options, get_one_option)) { ret= 1; goto error; @@ -469,11 +474,6 @@ int main(int argc, char **argv) if (tty_password) opt_password= get_tty_password(NullS); - if (init_dynamic_string(&cmdline, NULL, 2 * FN_REFLEN + 128, FN_REFLEN)) - { - ret= 1; - goto error; - } if (!basedir) { my_getwd(path, sizeof(path), MYF(0)); @@ -556,17 +556,34 @@ int main(int argc, char **argv) goto error; } else - dynstr_set(&cmdline, path); + { +#ifdef __WIN__ + /* Windows requires an extra pair of quotes around the entire string. */ + dynstr_set(&cmdline, "\""); +#else + dynstr_set(&cmdline, ""); +#endif /* __WIN__ */ + dynstr_append_os_quoted(&cmdline, path, NullS); + } if (defaults_to_use) { - dynstr_append(&cmdline, " --defaults-extra-file="); - dynstr_append(&cmdline, defaults_to_use); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--defaults-extra-file=", + defaults_to_use, NullS); } - - dynstr_append(&cmdline, " --check-upgrade --all-databases" - " --auto-repair --user="); - dynstr_append(&cmdline, user); + + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--check-upgrade", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--all-databases", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--auto-repair", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--user=", user, NullS); +#ifdef __WIN__ + dynstr_append(&cmdline, "\""); +#endif /* __WIN__ */ if (opt_verbose) printf("Running %s\n", cmdline.str); @@ -595,7 +612,15 @@ fix_priv_tables: goto error; } else - dynstr_set(&cmdline, path); + { +#ifdef __WIN__ + /* Windows requires an extra pair of quotes around the entire string. */ + dynstr_set(&cmdline, "\""); +#else + dynstr_set(&cmdline, ""); +#endif /* __WIN__ */ + dynstr_append_os_quoted(&cmdline, path, NullS); + } if (find_file(MYSQL_FIX_PRIV_TABLES_NAME, basedir, MYF(0), path, sizeof(path), @@ -617,13 +642,25 @@ fix_priv_tables: if (defaults_to_use) { - dynstr_append(&cmdline, " --defaults-extra-file="); - dynstr_append(&cmdline, defaults_to_use); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--defaults-extra-file=", + defaults_to_use, NullS); } - dynstr_append(&cmdline, " --force --no-auto-rehash --batch --user="); - dynstr_append(&cmdline, user); - dynstr_append(&cmdline, " mysql < "); - dynstr_append(&cmdline, script_line); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--force", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--no-auto-rehash", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--batch", NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--user=", user, NullS); + dynstr_append(&cmdline, " "); + dynstr_append_os_quoted(&cmdline, "--database=mysql", NullS); + dynstr_append(&cmdline, " < "); + dynstr_append_os_quoted(&cmdline, script_line, NullS); +#ifdef __WIN__ + dynstr_append(&cmdline, "\""); +#endif /* __WIN__ */ if (opt_verbose) printf("Running %s\n", cmdline.str); diff --git a/include/my_sys.h b/include/my_sys.h index d19091a85e8..cbcc6cf7486 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -781,6 +781,8 @@ extern my_bool init_dynamic_string(DYNAMIC_STRING *str, const char *init_str, extern my_bool dynstr_append(DYNAMIC_STRING *str, const char *append); my_bool dynstr_append_mem(DYNAMIC_STRING *str, const char *append, uint length); +extern my_bool dynstr_append_os_quoted(DYNAMIC_STRING *str, const char *append, + ...); extern my_bool dynstr_set(DYNAMIC_STRING *str, const char *init_str); extern my_bool dynstr_realloc(DYNAMIC_STRING *str, ulong additional_size); extern void dynstr_free(DYNAMIC_STRING *str); diff --git a/mysys/string.c b/mysys/string.c index dfd42d137dd..c5657cd430d 100644 --- a/mysys/string.c +++ b/mysys/string.c @@ -116,6 +116,58 @@ my_bool dynstr_append_mem(DYNAMIC_STRING *str, const char *append, } +/** Concatenates any number of strings, escapes any OS quote in the result then + * surround the whole affair in another set of quotes which is finally appended + * to specified DYNAMIC_STRING. This function is especially useful when + * building strings to be executed with the system() function. + * @param str Dynamic String which will have addtional strings appended. + * @param append String to be appended. + * @param ... Optional. Additional string(s) to be appended. + * + * @note The final argument in the list must be NullS even if no additional + * options are passed. + * + * @return True = Success. + */ +my_bool dynstr_append_os_quoted(DYNAMIC_STRING *str, const char *append, ...) +{ +#ifdef __WIN__ + char quote_str[]= "\""; +#else + char quote_str[]= "\'"; +#endif /* __WIN__ */ + my_bool ret= TRUE; + va_list dirty_text; + + ret&= dynstr_append(str, quote_str); /* Leading quote */ + va_start(dirty_text,append); + while (append != NullS) + { + char *cur_pos= append; + char *next_pos= cur_pos; + + /* Search for quote in each string and replace with escaped quote */ + while(*(next_pos= strcend(cur_pos, quote_str[0])) != '\0') + { + char *tmp_buff= my_malloc((next_pos - cur_pos) + 1, MYF(MY_ZEROFILL)); + strnmov(tmp_buff, cur_pos, (next_pos - cur_pos)); + ret&= dynstr_append(str, tmp_buff); + my_free((gptr)tmp_buff, MYF(0)); + + ret&= dynstr_append(str ,"\\"); + ret&= dynstr_append(str, quote_str); + cur_pos= next_pos + 1; + } + ret&= dynstr_append(str, cur_pos); + append= va_arg(dirty_text, char *); + } + va_end(dirty_text); + ret&= dynstr_append(str, quote_str); /* Trailing quote */ + + return ret; +} + + void dynstr_free(DYNAMIC_STRING *str) { if (str->str)