mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-18 04:53:01 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/include
History
Jon Olav Hauglid 033b119121 Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE 
During REPAIR TABLE of a MyISAM table, a temporary data file (.TMD)
is created. When repair finishes, this file is renamed to the original
.MYD file. The problem was that during this rename, we copied the
stats from the old file to the new file with chmod/chown. If a user
managed to replace the temporary file before chmod/chown was executed,
it was possible to get an arbitrary file with the privileges of the
mysql user.

This patch fixes the problem by not copying stats from the old
file to the new file. This is not needed as the new file was
created with the correct stats. This fix only changes server
behavior - external utilities such as myisamchk still does
chmod/chown.

No test case provided since the problem involves synchronization
with file system operations.
2016-08-19 09:09:07 +02:00
..
atomic Updated/added copyright headers 2011-06-30 17:46:53 +02:00
mysql Bug#17283409 4-WAY DEADLOCK: ZOMBIES, PURGING BINLOGS, 2014-05-08 18:13:01 +05:30
base64.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
CMakeLists.txt Updated/added copyright headers 2011-06-30 17:46:53 +02:00
decimal.h Updated/added copyright headers 2012-02-15 17:21:38 +01:00
errmsg.h BUG#18080920: CRASH; MY_REALLOC_STR DEREFERENCES NEGATIVE VALUE 2014-04-24 09:30:21 +05:30
ft_global.h Updated/added copyright headers 2013-02-26 06:35:17 +01:00
hash.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
heap.h Updated/added copyright headers 2012-02-15 17:13:47 +01:00
keycache.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
lf.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
m_ctype.h Bug #23296299 : HANDLE_FATAL_SIGNAL (SIG=11) IN 2016-07-01 12:01:27 +05:30
m_string.h Updated/added copyright headers 2013-02-26 06:35:17 +01:00
my_aes.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_alarm.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_alloc.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_atomic.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_attribute.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_base.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_bit.h Updated/added copyright headers 2011-07-04 01:25:49 +02:00
my_bitmap.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_check_opt.h Bug#17513737 INTRODUCE CHECK TABLE...QUICK 2013-10-17 18:09:04 +05:30
my_compare.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_compiler.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_dbug.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_dir.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_getopt.h Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_global.h Bug#16729109: FIX COMPILATION WARNINGS WITH GCC 4.8 2013-06-14 10:52:23 +02:00
my_libwrap.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_list.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_md5.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_net.h Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_nosys.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_pthread.h Bug#21770366 backport bug#21657078 to 5.5 and 5.6 2016-01-07 14:36:19 +05:30
my_rdtsc.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_stacktrace.h Bug#11761576 54082: HANDLE_SEGFAULT MAKES USE OF UNSAFE FUNCTIONS 2011-12-02 14:16:48 +01:00
my_sys.h Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE 2016-08-19 09:09:07 +02:00
my_time.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_tree.h BUG#22594514: HANDLE_FATAL_SIGNAL (SIG=11) IN 2016-03-17 08:49:37 +05:30
my_uctype.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_user.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_xml.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
myisam.h Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE 2016-08-19 09:09:07 +02:00
myisammrg.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
myisampack.h Updated/added copyright headers 2013-02-26 06:35:17 +01:00
mysql.h Updated/added copyright headers 2013-02-26 06:35:17 +01:00
mysql.h.pp Bug #12998841: libmysql divulges plaintext password upon request in 5.5 2012-07-05 09:55:20 +03:00
mysql_com.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
mysql_embed.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
mysql_time.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
mysql_version.h.in Fixing the bug 18184414: WRONG COPYRIGHT TO FILE INCLUDE/MYSQL_VERSION.H.IN 2014-02-06 14:11:38 +05:30
mysys_err.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
password.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
probes_mysql.d.base Updated/added copyright headers 2011-06-30 17:46:53 +02:00
probes_mysql.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
probes_mysql_nodtrace.h merge mysql-5.1->mysql-5.5 2011-07-07 12:42:14 +03:00
queues.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
rijndael.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
service_versions.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
sha1.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
sha2.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
sql_common.h Bug #12998841: libmysql divulges plaintext password upon request in 5.5 2012-07-05 09:55:20 +03:00
sslopt-case.h WL#9072: Backport WL#8785 to 5.5 2016-02-19 23:31:10 +04:00
sslopt-longopts.h WL#9072: Backport WL#8785 to 5.5 2016-02-19 23:31:10 +04:00
sslopt-vars.h WL#9072: Backport WL#8785 to 5.5 2016-02-19 23:31:10 +04:00
t_ctype.h Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
thr_alarm.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
thr_lock.h Updated/added copyright headers 2011-06-30 17:46:53 +02:00
typelib.h Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
violite.h Bug #21221862 NEWEST RHEL/CENTOS OPENSSL UPDATE BREAKS MYSQL DHE CIPHERS 2015-06-19 08:26:33 +05:30
welcome_copyright_notice.h Updated copyright year in user visible text 2016-01-11 14:10:58 +01:00