mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-30 18:41:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysys
History
Jon Olav Hauglid 033b119121 Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE 
During REPAIR TABLE of a MyISAM table, a temporary data file (.TMD)
is created. When repair finishes, this file is renamed to the original
.MYD file. The problem was that during this rename, we copied the
stats from the old file to the new file with chmod/chown. If a user
managed to replace the temporary file before chmod/chown was executed,
it was possible to get an arbitrary file with the privileges of the
mysql user.

This patch fixes the problem by not copying stats from the old
file to the new file. This is not needed as the new file was
created with the correct stats. This fix only changes server
behavior - external utilities such as myisamchk still does
chmod/chown.

No test case provided since the problem involves synchronization
with file system operations.
2016-08-19 09:09:07 +02:00
..
array.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
base64.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
ChangeLog
charset-def.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
charset.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
checksum.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
CMakeLists.txt Backport from trunk: 2014-05-07 17:09:14 +02:00
default.c Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
errors.c Bug#23251517: SEMISYNC REPLICATION HANGING 2016-05-13 16:42:45 +05:30
hash.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
lf_alloc-pin.c Bug#13898343 THREAD LOOPS ENDLESSLY IN LF_PINBOX_PUT_PINS WHILE HOLDING 2012-03-28 17:54:30 +02:00
lf_dynarray.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
lf_hash.c Bug#21770366 backport bug#21657078 to 5.5 and 5.6 2016-01-07 14:36:19 +05:30
list.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
md5.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_arr_appstr.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
mf_cache.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_dirname.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_fn_ext.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_format.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
mf_getdate.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
mf_iocache.c Follow up patch for BUG#13961678. Fixing compilation warning given below. 2012-07-25 14:56:37 +05:30
mf_iocache2.c Bug#18207212 : FILE NAME IS NOT ESCAPED IN BINLOG FOR LOAD DATA INFILE STATEMENT 2014-05-15 15:50:52 +05:30
mf_keycache.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_keycaches.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_loadpath.c Bug# 20376760: STACK-BUFFER-OVERFLOW WITH LONG PATHS TO CERTAIN VARIABLES 2015-06-24 17:48:46 +05:30
mf_pack.c Merge of patch for Bug#16066243 from mysql-5.1. 2013-01-07 16:19:06 +05:30
mf_path.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_qsort.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_qsort2.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
mf_radix.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_same.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_sort.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_soundex.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mf_tempdir.c Bug#16316074 RFE: MAKE TMPDIR A BUILD-TIME CONFIGURABLE OPTION 2013-12-18 11:05:18 +01:00
mf_tempfile.c Bug#16316074 RFE: MAKE TMPDIR A BUILD-TIME CONFIGURABLE OPTION 2013-12-18 11:05:18 +01:00
mf_unixpath.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
mf_wcomp.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
mulalloc.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_access.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_aes.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_alarm.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
my_alloc.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_atomic.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_bit.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_bitmap.c Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_chsize.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_compare.c Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_compress.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_conio.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_copy.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_crc32.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_create.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_delete.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_div.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_error.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_file.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_fopen.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_fstream.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_gethwaddr.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_getncpus.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_getopt.c Bug #21503595 : --QUERY-ALLOC-BLOCK-SIZE=-1125899906842624 + 2015-09-04 11:10:57 +05:30
my_getpagesize.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_getsystime.c Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00
my_getwd.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_handler_errors.h Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_init.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_largepage.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_lib.c Merge of patch for Bug#16066243 from mysql-5.1. 2013-01-07 16:19:06 +05:30
my_libwrap.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
my_lock.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_lockmem.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_malloc.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_memmem.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_mess.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_mkdir.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_mmap.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_new.cc Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
my_once.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_open.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_pread.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_pthread.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_quick.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_rdtsc.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_read.c Merge from mysql-5.1 to mysql-5.5 2013-03-28 14:18:51 +05:30
my_redel.c Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE 2016-08-19 09:09:07 +02:00
my_rename.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_seek.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_sleep.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_static.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_static.h Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_symlink.c Updated/added copyright headers 2012-02-16 10:48:16 +01:00
my_symlink2.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_sync.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_thr_init.c Bug #17514920 MYSQL_THREAD_INIT() CALL WITHOUT MYSQL_INIT() IS CRASHING IN WINDOWS 2014-04-23 12:46:00 +03:00
my_timer_cycles.il Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_wincond.c Bug#21770366 backport bug#21657078 to 5.5 and 5.6 2016-01-26 09:18:10 +01:00
my_windac.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
my_winerr.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_winfile.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
my_winthread.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
my_write.c Bug#23251517: SEMISYNC REPLICATION HANGING 2016-05-13 16:42:45 +05:30
mysys_priv.h Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
ptr_cmp.c Bug#19660891 HANDLE_FATAL_SIGNAL (SIG=11) IN QUEUE_INSERT 2015-06-17 13:44:32 +02:00
queues.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
rijndael.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
sha1.c Updated/added copyright header. Added line "use is subject to license terms" 2014-02-17 18:19:04 +05:30
stacktrace.c Updated/added copyright headers. 2013-02-25 15:26:00 +01:00
string.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
test_charset.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
test_dir.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
test_xml.c Updated/added copyright headers 2014-01-06 10:52:35 +05:30
testhash.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
thr_alarm.c Bug#19974500: SERVER 5.5 / DEBUG DOESN\'T COMPILE WITH GCC 4.9.1 2014-11-06 12:14:05 +01:00
thr_lock.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
thr_mutex.c Updated/added copyright headers 2011-06-30 17:46:53 +02:00
thr_rwlock.c Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 13:29:12 +01:00
tree.c BUG#22594514: HANDLE_FATAL_SIGNAL (SIG=11) IN 2016-03-17 08:49:37 +05:30
typelib.c Fix for Bug 16395495 - OLD FSF ADDRESS IN GPL HEADER 2013-03-19 15:53:48 +01:00