mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 12:02:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysys
History
Sergei Golubchik b27fd90ad3 MDEV-11902 mi_open race condition 
TOCTOU bug. The path is checked to be valid, symlinks are resolved.
Then the resolved path is opened. Between the check and the open,
there's a window when one can replace some path component with a
symlink, bypassing validity checks.

Fix: after we resolved all symlinks in the path, don't allow open()
to resolve symlinks, there should be none.

Compared to the old MyISAM/Aria code:
* fastpath. Opening of not-symlinked files is just one open(),
  no fn_format() and lstat() anymore.
* opening of symlinked tables doesn't do fn_format() and lstat() either.
  it also doesn't to realpath() (which was lstat-ing every path
  component), instead if opens every path component with O_PATH.
* share->data_file_name stores realpath(path) not readlink(path). So,
  SHOW CREATE TABLE needs to do lstat/readlink() now (see ::info()),
  and certain error messages (cannot open file "XXX") show the real
  file path with all symlinks resolved.
2017-02-27 12:35:10 +01:00
..
array.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
base64.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
ChangeLog
charset-def.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
charset.c 5.3 merge 2012-01-13 15:50:02 +01:00
checksum.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
CMakeLists.txt move check_user/set_user from mysqld.cc to mysys 2016-12-22 12:25:10 +01:00
default.c Fix memory leak when failing to read config file 2016-02-14 18:31:48 +02:00
errors.c Merge branch 'mysql/5.5' into 5.5 2016-06-14 13:55:28 +02:00
file_logger.c MDEV-9106 Audit plugin compiled with MariaDB can't install on MySQL 5.7. 2016-01-12 18:43:55 +04:00
hash.c Merge with 5.2. 2011-12-11 11:34:44 +02:00
lf_alloc-pin.c MDEV-9733 Server crashes in lf_pinbox_real_free on replication slaves 2016-03-17 21:30:33 +01:00
lf_dynarray.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
lf_hash.c Merge branch 'mysql/5.5' into 5.5 2016-02-09 11:27:40 +01:00
list.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
ma_dyncol.c MDEV-4941 make: AIX fails with 'Identifier not allowed in cast'; syntax error in include/my_global.h 2013-09-09 19:31:29 +02:00
md5.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_arr_appstr.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
mf_cache.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_dirname.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_fn_ext.c MDEV-6939 : Dots in file names of configuration files 2014-10-29 22:20:58 -04:00
mf_format.c cleanup: fn_format, remove dead code 2017-02-27 12:35:10 +01:00
mf_getdate.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
mf_iocache.c MDEV-9433: [PATCH} cppcheck reported a number of minor coding errors 2016-06-14 19:17:29 +03:00
mf_iocache2.c mysql-5.5.39 merge 2014-08-02 21:26:16 +02:00
mf_keycache.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
mf_keycaches.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_loadpath.c Bug# 20376760: STACK-BUFFER-OVERFLOW WITH LONG PATHS TO CERTAIN VARIABLES 2015-06-24 17:48:46 +05:30
mf_pack.c MDEV-4503 : Installation fails if TEMP directory contains "~" subdirectory. 2013-06-17 19:18:14 +02:00
mf_path.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_qsort.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
mf_qsort2.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
mf_radix.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_same.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_sort.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_soundex.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
mf_tempdir.c Bug#16316074 RFE: MAKE TMPDIR A BUILD-TIME CONFIGURABLE OPTION 2013-12-18 11:05:18 +01:00
mf_tempfile.c Bug#16316074 RFE: MAKE TMPDIR A BUILD-TIME CONFIGURABLE OPTION 2013-12-18 11:05:18 +01:00
mf_unixpath.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_wcomp.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mulalloc.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_access.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
my_addr_resolve.c my_addr_resolve: don't resolve unknown addresses to ??:0(??), but return an error instead 2013-12-12 18:14:14 +01:00
my_aes.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_alarm.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
my_alloc.c 5.3 merge 2012-01-13 15:50:02 +01:00
my_atomic.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_basename.c - Fix rpl_checksum test. Use basename of file in error messages, not the o 2012-01-20 01:57:58 +01:00
my_bit.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_bitmap.c mysql-5.5.32 merge 2013-07-16 19:09:54 +02:00
my_chmod.c Added wrapper for chmod(): my_chmod() 2008-01-03 09:45:46 +02:00
my_chsize.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_compare.c mysql-5.5.32 merge 2013-07-16 19:09:54 +02:00
my_compress.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_conio.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_context.c MDEV-10357 my_context_continue() does not store current fiber on Windows 2016-08-03 12:41:38 +00:00
my_copy.c MDEV-9748 Include Twin (mysys_err.h is included twice in mysys/my_copy.c) 2016-04-19 11:27:00 +02:00
my_crc32.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_create.c cleanup: my_register_filename() 2017-02-27 12:35:10 +01:00
my_delete.c MDEV-5829: STOP SLAVE resets global status variables 2014-03-14 16:29:23 +02:00
my_div.c cleanup: my_register_filename() 2017-02-27 12:35:10 +01:00
my_error.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
my_file.c 5.3 merge 2012-01-13 15:50:02 +01:00
my_fopen.c cleanup: my_register_filename() 2017-02-27 12:35:10 +01:00
my_fstream.c Merge with 5.2. 2011-12-11 11:34:44 +02:00
my_gethwaddr.c fix my_gethwaddr() for solaris 2016-02-15 12:51:35 +01:00
my_getncpus.c 5.3 merge 2012-01-13 15:50:02 +01:00
my_getopt.c Merge branch 'mysql/5.5' into 5.5 2015-12-09 10:00:49 +01:00
my_getpagesize.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_getsystime.c fix a comment 2013-08-14 11:12:57 +02:00
my_getwd.c 5.3 merge 2012-01-13 15:50:02 +01:00
my_handler_errors.h Fix for MDEV-5547: Bad error message when moving very old .frm files to MariaDB 5.5. 2014-01-22 15:16:57 +02:00
my_init.c Fix for memory leak in applications, like QT,that calls 2017-01-27 16:46:26 +02:00
my_largepage.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_lib.c 5.2 -> 5.3 2013-02-28 21:48:47 +01:00
my_libwrap.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
my_lock.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_lockmem.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_malloc.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
my_memmem.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_mess.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_mkdir.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_mmap.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_new.cc Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_once.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_open.c MDEV-11902 mi_open race condition 2017-02-27 12:35:10 +01:00
my_port.c Merge with MySQL 5.1.57/58 2011-05-02 20:58:45 +03:00
my_pread.c Merge with 5.2. 2011-12-11 11:34:44 +02:00
my_pthread.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_quick.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_rdtsc.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_read.c mysql-5.5.32 merge 2013-07-16 19:09:54 +02:00
my_redel.c don't use my_copystat in the server 2016-09-12 16:42:05 +02:00
my_rename.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_rnd.c We are now using Valgrind rather than purify, and have for quite some time. 2009-05-06 14:03:24 +02:00
my_safehash.c use PSI wrappers in aria and other non-MySQL code 2011-07-13 21:10:18 +02:00
my_safehash.h use PSI wrappers in aria and other non-MySQL code 2011-07-13 21:10:18 +02:00
my_seek.c 5.3 merge 2012-01-13 15:50:02 +01:00
my_setuser.c MDEV-11676 Starting service with mysqld_safe_helper fails in SELINUX "enforcing" mode 2017-01-04 13:38:03 +01:00
my_sleep.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_static.c don't use my_copystat in the server 2016-09-12 16:42:05 +02:00
my_static.h Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_symlink.c cleanup: mysys_test_invalid_symlink 2017-02-27 12:35:10 +01:00
my_symlink2.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
my_sync.c 5.3 merge 2012-08-31 14:15:52 +02:00
my_thr_init.c Fix for memory leak in applications, like QT,that calls 2017-01-27 16:46:26 +02:00
my_timer_cycles.il Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_uuid.c merge with 5.3 2011-10-19 21:45:18 +02:00
my_wincond.c Merge branch 'mysql/5.5' into 5.5 2016-02-09 11:27:40 +01:00
my_windac.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_winerr.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_winfile.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_winthread.c MySQL-5.5.36 merge 2014-02-17 11:00:51 +01:00
my_write.c Merge branch 'mysql/5.5' into 5.5 2016-06-14 13:55:28 +02:00
mysys_priv.h Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
ptr_cmp.c Merge tag 'mysql-5.5.45' into 5.5 2015-08-01 14:56:18 +02:00
queues.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
rijndael.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
safemalloc.c add a space between safemalloc error mesage and a stack trace 2012-04-18 03:29:26 +02:00
sha1.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
stacktrace.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
string.c MDEV-4664 mysql_upgrade crashes if root's password contains an apostrophe/single quotation mark 2016-02-06 17:57:37 +01:00
test_charset.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
test_dir.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
test_thr_mutex.c Add missing file: Testing of mutex-wrong-usage-detector 2008-12-03 00:09:37 +02:00
test_xml.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
testhash.c MDEV-9433: [PATCH] cppcheck reported a number of minor coding errors 2016-06-14 19:17:29 +03:00
thr_alarm.c Bug#19974500: SERVER 5.5 / DEBUG DOESN\'T COMPILE WITH GCC 4.9.1 2014-11-06 12:14:05 +01:00
thr_lock.c MDEV-4010 Deadlock on concurrent INSERT .. SELECT into an Aria table with statement binary logging 2014-12-15 14:49:23 +02:00
thr_mutex.c MDEV-419 ensure that all HAVE_XXX constants can be set by cmake 2012-07-31 19:29:07 +02:00
thr_rwlock.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
tree.c Merge branch 'mysql/5.5' into 5.5 2016-06-14 13:55:28 +02:00
typelib.c mysql-5.5.32 merge 2013-07-16 19:09:54 +02:00
waiting_threads.c MDEV-4815 - allow multiple mysql_server_init() / mysql_server_end() in the same process, for embedded library. 2013-07-29 16:03:41 +02:00
wqueue.c fix the include guards and add missing gplv2 headers 2012-02-17 12:19:38 +01:00