diff options
| author | Mats Kindahl <mats.kindahl@oracle.com> | 2010-12-01 13:54:50 +0100 |
|---|---|---|
| committer | Mats Kindahl <mats.kindahl@oracle.com> | 2010-12-01 13:54:50 +0100 |
| commit | 91a4a8aba6b087c908e3d29ccfbb7ff97d19dea7 (patch) | |
| tree | d1f2687923ea72c7120814a13560cc11581cfa76 /include/my_global.h | |
| parent | 80246ac8b8d0d2db08feae2a643a3dc89f9022d6 (diff) | |
| download | mariadb-git-91a4a8aba6b087c908e3d29ccfbb7ff97d19dea7.tar.gz | |
BUG#58246: INSTALL PLUGIN not secure & crashable
When installing plugins, there is a missing check
for slash (/) in the path on Windows. Note that on
Windows, both / and \ can be used to separate
directories.
This patch fixes the issue by:
- Adding a FN_DIRSEP symbol for all platforms
consisting of a string of legal directory
separators.
- Adding a charset-aware version of strcspn().
- Adding a check_valid_path() function that uses
my_strcspn() to check if any FN_DIRSEP character
is in the supplied string.
- Using the check_valid_path() function in
sql_plugin.cc and sql_udf.cc (which means
replacing the existing test there).
Diffstat (limited to 'include/my_global.h')
| -rw-r--r-- | include/my_global.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/my_global.h b/include/my_global.h index ec22a57329b..ac5d72249f2 100644 --- a/include/my_global.h +++ b/include/my_global.h @@ -758,6 +758,7 @@ typedef SOCKET_SIZE_TYPE size_socket; #ifndef FN_LIBCHAR #define FN_LIBCHAR '/' +#define FN_DIRSEP "/" /* Valid directory separators */ #define FN_ROOTDIR "/" #endif #define MY_NFILE 64 /* This is only used to save filenames */ |