diff options
Diffstat (limited to 'mysql-test/t')
| -rw-r--r-- | mysql-test/t/loaddata.test | 23 | ||||
| -rw-r--r-- | mysql-test/t/outfile.test | 12 | ||||
| -rw-r--r-- | mysql-test/t/query_cache.test | 4 | ||||
| -rw-r--r-- | mysql-test/t/type_blob.test | 27 |
4 files changed, 50 insertions, 16 deletions
diff --git a/mysql-test/t/loaddata.test b/mysql-test/t/loaddata.test index 27c8005ca0c..0dc91c36a09 100644 --- a/mysql-test/t/loaddata.test +++ b/mysql-test/t/loaddata.test @@ -110,6 +110,29 @@ truncate table t1; load data infile '../std_data_ln/rpl_loaddata.dat' into table t1 (@dummy,@n) set a= @n, c= (select str from t2 where num=@n); select * from t1; +# +# Bug#18628 mysql-test-run: security problem +# +# It should not be possible to load from a file outside of vardir + +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +show variables like "secure_file_pri%"; +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +select @@secure_file_priv; +--error 1238 +set @@secure_file_priv= 0; + +# Test "load data" +truncate table t1; +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR +--error 1290 +eval load data infile '$MYSQL_TEST_DIR/Makefile' into table t1; +select * from t1; + +# Test "load_file" returns NULL +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR +eval select load_file("$MYSQL_TEST_DIR/Makefile"); + # cleanup drop table t1, t2; diff --git a/mysql-test/t/outfile.test b/mysql-test/t/outfile.test index c48e6c9730d..7c90fd32909 100644 --- a/mysql-test/t/outfile.test +++ b/mysql-test/t/outfile.test @@ -84,3 +84,15 @@ FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"' FROM schemata LIMIT 0, 5; enable_query_log; --exec rm $MYSQLTEST_VARDIR/tmp/outfile-test.4 +use test; + +# +# Bug#18628 mysql-test-run: security problem +# +# It should not be possible to write to a file outside of vardir +create table t1(a int); +--replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR +--error 1290 +eval select * into outfile "$MYSQL_TEST_DIR/outfile-test1" from t1; +drop table t1; + diff --git a/mysql-test/t/query_cache.test b/mysql-test/t/query_cache.test index f6e480282ff..427334805ce 100644 --- a/mysql-test/t/query_cache.test +++ b/mysql-test/t/query_cache.test @@ -405,8 +405,8 @@ select * from t1 where id=2; create table t1 (word char(20) not null); select * from t1; show status like "Qcache_queries_in_cache"; ---replace_result $MYSQL_TEST_DIR TEST_DIR -eval load data infile '$MYSQL_TEST_DIR/std_data/words.dat' into table t1; +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +eval load data infile '$MYSQLTEST_VARDIR/std_data_ln/words.dat' into table t1; show status like "Qcache_queries_in_cache"; select count(*) from t1; drop table t1; diff --git a/mysql-test/t/type_blob.test b/mysql-test/t/type_blob.test index 6d79dcc863b..ba9f374a24c 100644 --- a/mysql-test/t/type_blob.test +++ b/mysql-test/t/type_blob.test @@ -307,22 +307,21 @@ drop table t1; create table t1 (id integer auto_increment unique,imagem LONGBLOB not null default ''); insert into t1 (id) values (1); # We have to clean up the path in the results for safe comparison ---replace_result $MYSQL_TEST_DIR ../.. -eval select - charset(load_file('$MYSQL_TEST_DIR/std_data/words.dat')), - collation(load_file('$MYSQL_TEST_DIR/std_data/words.dat')), - coercibility(load_file('$MYSQL_TEST_DIR/std_data/words.dat')); ---replace_result $MYSQL_TEST_DIR ../.. -eval explain extended select - charset(load_file('$MYSQL_TEST_DIR/std_data/words.dat')), - collation(load_file('$MYSQL_TEST_DIR/std_data/words.dat')), - coercibility(load_file('$MYSQL_TEST_DIR/std_data/words.dat')); ---replace_result $MYSQL_TEST_DIR ../.. -eval update t1 set imagem=load_file('$MYSQL_TEST_DIR/std_data/words.dat') where id=1; +eval select + charset(load_file('../std_data_ln/words.dat')), + collation(load_file('../std_data_ln/words.dat')), + coercibility(load_file('../std_data_ln/words.dat')); +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +eval explain extended select + charset(load_file('$MYSQLTEST_VARDIR/std_data_ln/words.dat')), + collation(load_file('$MYSQLTEST_VARDIR/std_data_ln/words.dat')), + coercibility(load_file('$MYSQLTEST_VARDIR/std_data_ln/words.dat')); +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +eval update t1 set imagem=load_file('$MYSQLTEST_VARDIR/std_data_ln/words.dat') where id=1; select if(imagem is null, "ERROR", "OK"),length(imagem) from t1 where id = 1; drop table t1; ---replace_result $MYSQL_TEST_DIR ../.. -eval create table t1 select load_file('$MYSQL_TEST_DIR/std_data/words.dat') l; +--replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR +eval create table t1 select load_file('$MYSQLTEST_VARDIR/std_data_ln/words.dat') l; # We mask out the Privileges column because it differs for embedded server --replace_column 8 # show full fields from t1; |