From 5e8ab9b7af159cee6e954f62b6304c2c33b6f6e2 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Tue, 16 Apr 2019 09:33:02 +0530 Subject: Bug#27302459: EMPTY VALUE IN MYSQL.PLUGIN TABLE CAUSES SERVER TO EXIT ON STARTUP Description:- During server startup, the server exits if the 'mysql.plugin' system table has any rows with empty value for the field 'name' (plugin name). --- sql/sql_plugin.cc | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sql/sql_plugin.cc') diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 46df991639e..91d0a4393c5 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -1781,6 +1781,9 @@ static void plugin_load(MEM_ROOT *tmp_root) LEX_STRING name= {(char *)str_name.ptr(), str_name.length()}; LEX_STRING dl= {(char *)str_dl.ptr(), str_dl.length()}; + if (!name.length || !dl.length) + continue; + /* there're no other threads running yet, so we don't need a mutex. but plugin_add() before is designed to work in multi-threaded -- cgit v1.2.1 From 8ddb7e3eb71010decd5acc99aa98c82bbe0139aa Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Wed, 24 Jul 2019 13:14:03 +0200 Subject: Bug#27167197 USING ? IN INSTALL PLUGIN QUERY ABORTS DEBUG, AND HANGS OPTIMIZED SERVER check_valid_path() uses my_strcspn() that cannot handle invalid characters properly. This is fixed by a big refactoring in 10.2 (MDEV-6353). For 5.5, let's simply swap tests, because check_string_char_length() rejects invalid characters just fine. --- sql/sql_plugin.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sql/sql_plugin.cc') diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 91d0a4393c5..a90c7558045 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -736,9 +736,9 @@ static st_plugin_dl *plugin_dl_add(const LEX_STRING *dl, int report) This is done to ensure that only approved libraries from the plugin directory are used (to make this even remotely secure). */ - if (check_valid_path(dl->str, dl->length) || - check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN, + if (check_string_char_length((LEX_STRING *) dl, "", NAME_CHAR_LEN, system_charset_info, 1) || + check_valid_path(dl->str, dl->length) || plugin_dir_len + dl->length + 1 >= FN_REFLEN) { report_error(report, ER_UDF_NO_PATHS); -- cgit v1.2.1