summaryrefslogtreecommitdiff
path: root/sql/sql_plugin.cc
diff options
context:
space:
mode:
authorSergei Golubchik <serg@mariadb.org>2019-07-24 13:14:03 +0200
committerSergei Golubchik <serg@mariadb.org>2019-07-24 18:32:24 +0200
commit8ddb7e3eb71010decd5acc99aa98c82bbe0139aa (patch)
treea46cb1862af0d15a431c6dc07794c802ad3c33bc /sql/sql_plugin.cc
parent5e8ab9b7af159cee6e954f62b6304c2c33b6f6e2 (diff)
downloadmariadb-git-8ddb7e3eb71010decd5acc99aa98c82bbe0139aa.tar.gz
Bug#27167197 USING ? IN INSTALL PLUGIN QUERY ABORTS DEBUG, AND HANGS OPTIMIZED SERVER
check_valid_path() uses my_strcspn() that cannot handle invalid characters properly. This is fixed by a big refactoring in 10.2 (MDEV-6353). For 5.5, let's simply swap tests, because check_string_char_length() rejects invalid characters just fine.
Diffstat (limited to 'sql/sql_plugin.cc')
-rw-r--r--sql/sql_plugin.cc4
1 files changed, 2 insertions, 2 deletions
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc
index 91d0a4393c5..a90c7558045 100644
--- a/sql/sql_plugin.cc
+++ b/sql/sql_plugin.cc
@@ -736,9 +736,9 @@ static st_plugin_dl *plugin_dl_add(const LEX_STRING *dl, int report)
This is done to ensure that only approved libraries from the
plugin directory are used (to make this even remotely secure).
*/
- if (check_valid_path(dl->str, dl->length) ||
- check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN,
+ if (check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN,
system_charset_info, 1) ||
+ check_valid_path(dl->str, dl->length) ||
plugin_dir_len + dl->length + 1 >= FN_REFLEN)
{
report_error(report, ER_UDF_NO_PATHS);