MDEV-10465 general_log_file can be abused

Windows!
author: Sergei Golubchik <serg@mariadb.org> 2016-08-09 13:25:40 +0200
committer: Sergei Golubchik <serg@mariadb.org> 2016-08-09 13:25:40 +0200
commit: 0098d789c9d8be15d62230289f603ac8f3d5b275 (patch)
tree: 470c54cd1ca91f5d4758232426b9e430431c3b98
parent: a3f642415a8f8c52ed8a6b38ba5b48f814ab6bd8 (diff)
download: mariadb-git-0098d789c9d8be15d62230289f603ac8f3d5b275.tar.gz
5 files changed, 12 insertions, 0 deletions
diff --git a/mysql-test/suite/sys_vars/r/general_log_file_basic.result b/mysql-test/suite/sys_vars/r/general_log_file_basic.result
index 4c26cab8956..c7c24f155ca 100644
--- a/mysql-test/suite/sys_vars/r/general_log_file_basic.result
+++ b/mysql-test/suite/sys_vars/r/general_log_file_basic.result
@@ -20,6 +20,8 @@ SET @@global.general_log_file = '.my.cnf';
 ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
 SET @@global.general_log_file = 'my.cnf\0foo';
 ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf'
+SET @@global.general_log_file = 'my.ini';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.ini'
 '#----------------------FN_DYNVARS_004_03------------------------#'
 SELECT @@global.general_log_file = VARIABLE_VALUE 
 FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES 
diff --git a/mysql-test/suite/sys_vars/r/slow_query_log_file_basic.result b/mysql-test/suite/sys_vars/r/slow_query_log_file_basic.result
index db7eb238c43..a64666f6298 100644
--- a/mysql-test/suite/sys_vars/r/slow_query_log_file_basic.result
+++ b/mysql-test/suite/sys_vars/r/slow_query_log_file_basic.result
@@ -17,6 +17,8 @@ SET @@global.general_log_file = '.my.cnf';
 ERROR 42000: Variable 'general_log_file' can't be set to the value of '.my.cnf'
 SET @@global.general_log_file = 'my.cnf\0foo';
 ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.cnf'
+SET @@global.general_log_file = 'my.ini';
+ERROR 42000: Variable 'general_log_file' can't be set to the value of 'my.ini'
 '#----------------------FN_DYNVARS_004_03------------------------#'
 SELECT @@global.slow_query_log_file = VARIABLE_VALUE 
 FROM INFORMATION_SCHEMA.GLOBAL_VARIABLES 
diff --git a/mysql-test/suite/sys_vars/t/general_log_file_basic.test b/mysql-test/suite/sys_vars/t/general_log_file_basic.test
index fdc99fb6dea..0a169b472e2 100644
--- a/mysql-test/suite/sys_vars/t/general_log_file_basic.test
+++ b/mysql-test/suite/sys_vars/t/general_log_file_basic.test
@@ -69,6 +69,8 @@ SET @@global.general_log_file = '/tmp/my.cnf';
 SET @@global.general_log_file = '.my.cnf';
 --error ER_WRONG_VALUE_FOR_VAR
 SET @@global.general_log_file = 'my.cnf\0foo';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = 'my.ini';
 
 
 --echo '#----------------------FN_DYNVARS_004_03------------------------#'
diff --git a/mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test b/mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test
index 79132a1bdc5..69ca5f21f62 100644
--- a/mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test
+++ b/mysql-test/suite/sys_vars/t/slow_query_log_file_basic.test
@@ -67,6 +67,8 @@ SET @@global.slow_query_log_file = '/tmp/my.cnf';
 SET @@global.general_log_file = '.my.cnf';
 --error ER_WRONG_VALUE_FOR_VAR
 SET @@global.general_log_file = 'my.cnf\0foo';
+--error ER_WRONG_VALUE_FOR_VAR
+SET @@global.general_log_file = 'my.ini';
 
 --echo '#----------------------FN_DYNVARS_004_03------------------------#'
 ############################################################################## 
diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
index 7d43984c9c0..7b898906184 100644
--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -3040,10 +3040,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var)
     return true;
 
   static const LEX_CSTRING my_cnf= { STRING_WITH_LEN("my.cnf") };
+  static const LEX_CSTRING my_ini= { STRING_WITH_LEN("my.ini") };
   if (path_length >= my_cnf.length)
   {
     if (strcasecmp(path + path_length - my_cnf.length, my_cnf.str) == 0)
       return true; // log file name ends with "my.cnf"
+    DBUG_ASSERT(my_cnf.length == my_ini.length);
+    if (strcasecmp(path + path_length - my_ini.length, my_ini.str) == 0)
+      return true; // log file name ends with "my.ini"
   }
 
   MY_STAT f_stat;
author	Sergei Golubchik <serg@mariadb.org>	2016-08-09 13:25:40 +0200
committer	Sergei Golubchik <serg@mariadb.org>	2016-08-09 13:25:40 +0200
commit	0098d789c9d8be15d62230289f603ac8f3d5b275 (patch)
tree	470c54cd1ca91f5d4758232426b9e430431c3b98
parent	a3f642415a8f8c52ed8a6b38ba5b48f814ab6bd8 (diff)
download	mariadb-git-0098d789c9d8be15d62230289f603ac8f3d5b275.tar.gz