mirror of
https://github.com/MariaDB/server.git
synced 2025-01-26 08:44:33 +01:00
MDEV-11628 mysql.slow_log reports incorrect start time
use thd->start_time for the "start_time" column of the slow_log table. "current_time" here refers to the current_time() function return value not to the actual *current* time. also fixes MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
This commit is contained in:
parent
db9fad1562
commit
dcb814c44e
3 changed files with 47 additions and 1 deletions
|
@ -994,6 +994,34 @@ ERROR HY000: Cannot rename 'slow_log'. When logging enabled, rename to/from log
|
|||
use test;
|
||||
flush tables with read lock;
|
||||
unlock tables;
|
||||
#
|
||||
# MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
|
||||
#
|
||||
truncate mysql.slow_log;
|
||||
set global log_output= 'TABLE';
|
||||
create user u@localhost;
|
||||
set slow_query_log=on, long_query_time=0.1;
|
||||
select 'before evil-doing', sleep(0.2);
|
||||
before evil-doing sleep(0.2)
|
||||
before evil-doing 0
|
||||
connect con1,localhost,u,,;
|
||||
set @@timestamp= 2147483647;
|
||||
set slow_query_log=on, long_query_time=0.1;
|
||||
select 'evil-doing', sleep(1.1);
|
||||
evil-doing sleep(1.1)
|
||||
evil-doing 0
|
||||
disconnect con1;
|
||||
connection default;
|
||||
select 'after evil-doing', sleep(0.2);
|
||||
after evil-doing sleep(0.2)
|
||||
after evil-doing 0
|
||||
select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
|
||||
sql_text
|
||||
select 'before evil-doing', sleep(0.2)
|
||||
select 'evil-doing', sleep(1.1)
|
||||
select 'after evil-doing', sleep(0.2)
|
||||
set global log_output=default;
|
||||
drop user u@localhost;
|
||||
SET @@global.log_output= @old_log_output;
|
||||
SET @@global.slow_query_log= @old_slow_query_log;
|
||||
SET @@global.general_log= @old_general_log;
|
||||
|
|
|
@ -1033,6 +1033,24 @@ use test;
|
|||
flush tables with read lock;
|
||||
unlock tables;
|
||||
|
||||
--echo #
|
||||
--echo # MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
|
||||
--echo #
|
||||
truncate mysql.slow_log;
|
||||
set global log_output= 'TABLE';
|
||||
create user u@localhost;
|
||||
set slow_query_log=on, long_query_time=0.1;
|
||||
select 'before evil-doing', sleep(0.2);
|
||||
--connect (con1,localhost,u,,)
|
||||
set @@timestamp= 2147483647;
|
||||
set slow_query_log=on, long_query_time=0.1;
|
||||
select 'evil-doing', sleep(1.1);
|
||||
--disconnect con1
|
||||
--connection default
|
||||
select 'after evil-doing', sleep(0.2);
|
||||
select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
|
||||
set global log_output=default;
|
||||
drop user u@localhost;
|
||||
|
||||
SET @@global.log_output= @old_log_output;
|
||||
SET @@global.slow_query_log= @old_slow_query_log;
|
||||
|
|
|
@ -1334,7 +1334,7 @@ bool LOGGER::slow_log_print(THD *thd, const char *query, size_t query_length,
|
|||
query_utime= (current_utime - thd->start_utime);
|
||||
lock_utime= (thd->utime_after_lock - thd->start_utime);
|
||||
my_hrtime_t current_time= { hrtime_from_time(thd->start_time) +
|
||||
thd->start_time_sec_part + query_utime };
|
||||
thd->start_time_sec_part };
|
||||
|
||||
if (!query || thd->get_command() == COM_STMT_PREPARE)
|
||||
{
|
||||
|
|
Loading…
Add table
Reference in a new issue