BUG#38174 secure-file-priv breaks LOAD DATA INFILE replication in statement mode

If secure-file-priv was set on slave, it became unable to execute LOAD DATA INFILE statements sent from master using mixed or statement-based replication. This patch fixes the issue by ignoring this security restriction and checking if the files are created and read by the slave in the --slave-load-tmpdir while executing the SQL Thread.
author: Alfranio Correia <alfranio.correia@sun.com> 2009-02-21 09:36:07 +0000
committer: Alfranio Correia <alfranio.correia@sun.com> 2009-02-21 09:36:07 +0000
commit: d822ab8957ad636de01eaabfc4981f0e0d0c5b47 (patch)
tree: da0f9ea1883f6601834e69916f437846be614243 /sql
parent: 9b36597ac1836020d875538b891cc7ebbcbbd305 (diff)
download: mariadb-git-d822ab8957ad636de01eaabfc4981f0e0d0c5b47.tar.gz
5 files changed, 43 insertions, 5 deletions
diff --git a/sql/log_event.cc b/sql/log_event.cc
index 0e400ac2705..243790c7d76 100644
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -354,7 +354,7 @@ static char *slave_load_file_stem(char *buf, uint file_id,
                                   int event_server_id, const char *ext)
 {
   char *res;
-  fn_format(buf,"SQL_LOAD-",slave_load_tmpdir, "", MY_UNPACK_FILENAME);
+  fn_format(buf,PREFIX_SQL_LOAD,slave_load_tmpdir, "", MY_UNPACK_FILENAME);
   to_unix_path(buf);
 
   buf = strend(buf);
@@ -393,7 +393,7 @@ static void cleanup_load_tmpdir()
      we cannot meet Start_log event in the middle of events from one 
      LOAD DATA.
   */
-  p= strmake(prefbuf, STRING_WITH_LEN("SQL_LOAD-"));
+  p= strmake(prefbuf, STRING_WITH_LEN(PREFIX_SQL_LOAD));
   p= int10_to_str(::server_id, p, 10);
   *(p++)= '-';
   *p= 0;
diff --git a/sql/log_event.h b/sql/log_event.h
index 1d11d7e2d5f..82fc8d771e1 100644
--- a/sql/log_event.h
+++ b/sql/log_event.h
@@ -47,6 +47,8 @@
 #include "rpl_reporting.h"
 #endif
 
+#define PREFIX_SQL_LOAD "SQL_LOAD-"
+
 /**
    Either assert or return an error.
 
diff --git a/sql/rpl_rli.cc b/sql/rpl_rli.cc
index 3a0f784d195..6077c17e1f0 100644
--- a/sql/rpl_rli.cc
+++ b/sql/rpl_rli.cc
@@ -104,6 +104,12 @@ int init_relay_log_info(Relay_log_info* rli,
   rli->tables_to_lock= 0;
   rli->tables_to_lock_count= 0;
 
+  fn_format(rli->slave_patternload_file, PREFIX_SQL_LOAD, slave_load_tmpdir, "",
+            MY_PACK_FILENAME | MY_UNPACK_FILENAME |
+            MY_RETURN_REAL_PATH);
+  to_unix_path(rli->slave_patternload_file);
+  rli->slave_patternload_file_size= strlen(rli->slave_patternload_file);
+
   /*
     The relay log will now be opened, as a SEQ_READ_APPEND IO_CACHE.
     Note that the I/O thread flushes it to disk after writing every
diff --git a/sql/rpl_rli.h b/sql/rpl_rli.h
index e13ea93842c..171778d9675 100644
--- a/sql/rpl_rli.h
+++ b/sql/rpl_rli.h
@@ -260,6 +260,13 @@ public:
   char ign_master_log_name_end[FN_REFLEN];
   ulonglong ign_master_log_pos_end;
 
+  /* 
+    Indentifies where the SQL Thread should create temporary files for the
+    LOAD DATA INFILE. This is used for security reasons.
+   */ 
+  char slave_patternload_file[FN_REFLEN]; 
+  size_t slave_patternload_file_size;  
+
   Relay_log_info();
   ~Relay_log_info();
 
diff --git a/sql/sql_load.cc b/sql/sql_load.cc
index 239fb1d49f3..0acc22c3daf 100644
--- a/sql/sql_load.cc
+++ b/sql/sql_load.cc
@@ -15,10 +15,10 @@
 
 
 /* Copy data from a textfile to table */
-
 #include "mysql_priv.h"
 #include <my_dir.h>
 #include <m_ctype.h>
+#include "rpl_mi.h"
 #include "sql_repl.h"
 #include "sp_head.h"
 #include "sql_trigger.h"
@@ -310,8 +310,31 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list,
 	is_fifo = 1;
 #endif
 
-      if (opt_secure_file_priv &&
-          strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv)))
+      if (thd->slave_thread)
+      {
+#if defined(HAVE_REPLICATION) && !defined(MYSQL_CLIENT)
+        if (strncmp(active_mi->rli.slave_patternload_file, name, 
+            active_mi->rli.slave_patternload_file_size))
+        {
+          /*
+            LOAD DATA INFILE in the slave SQL Thread can only read from 
+            --slave-load-tmpdir". This should never happen. Please, report a bug.
+           */
+
+          sql_print_error("LOAD DATA INFILE in the slave SQL Thread can only read from --slave-load-tmpdir. " \
+                          "Please, report a bug.");
+          my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--slave-load-tmpdir");
+          DBUG_RETURN(TRUE);
+        }
+#else
+        /*
+          This is impossible and should never happen.
+        */
+        DBUG_ASSERT(FALSE); 
+#endif
+      }
+      else if (opt_secure_file_priv &&
+               strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv)))
       {
         /* Read only allowed from within dir specified by secure_file_priv */
         my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--secure-file-priv");
author	Alfranio Correia <alfranio.correia@sun.com>	2009-02-21 09:36:07 +0000
committer	Alfranio Correia <alfranio.correia@sun.com>	2009-02-21 09:36:07 +0000
commit	d822ab8957ad636de01eaabfc4981f0e0d0c5b47 (patch)
tree	da0f9ea1883f6601834e69916f437846be614243 /sql
parent	9b36597ac1836020d875538b891cc7ebbcbbd305 (diff)
download	mariadb-git-d822ab8957ad636de01eaabfc4981f0e0d0c5b47.tar.gz