Merging from 5.1 to 5.5 for bug#11761752

5d4dfc16 · Ravinder Thakur · b132676b · 92582232 · 5d4dfc16 · 5d4dfc16
Commit 5d4dfc16 authored Dec 13, 2012 by Ravinder Thakur
Hide whitespace changes
Inline Side-by-side

Showing with 73 additions and 0 deletions

include/my_sys.h include/my_sys.h +1 -0

mysys/my_access.c mysys/my_access.c +64 -0

sql/sys_vars.cc sql/sys_vars.cc +8 -0

No files found.
--- a/include/my_sys.h
+++ b/include/my_sys.h
@@ -604,6 +604,7 @@ extern int      my_access(const char *path, int amode);

 extern int check_if_legal_filename(const char *path);
 extern int check_if_legal_tablename(const char *path);
+extern my_bool is_filename_allowed(const char *name, size_t length);

 #ifdef _WIN32
 extern int nt_share_delete(const char *name,myf MyFlags);

--- a/mysys/my_access.c
+++ b/mysys/my_access.c
@@ -156,6 +156,67 @@ int check_if_legal_tablename(const char *name)
 }


+#ifdef __WIN__
+/**
+  Checks if the drive letter supplied is valid or not. Valid drive
+  letters are A to Z, both lower case and upper case.
+
+  @param drive_letter : The drive letter to validate.
+ 
+  @return TRUE if the drive exists, FALSE otherwise.
+*/
+static my_bool does_drive_exists(char drive_letter)
+{
+  DWORD drive_mask= GetLogicalDrives();
+  drive_letter= toupper(drive_letter);
+
+  return (drive_letter >= 'A' && drive_letter <= 'Z') &&
+         (drive_mask & (0x1 << (drive_letter - 'A')));
+}
+#endif
+
+/**
+  Verifies if the file name supplied is allowed or not. On Windows
+  file names with a colon (:) are not allowed because such file names
+  store data in Alternate Data Streams which can be used to hide 
+  the data.
+
+  @param name contains the file name with or without path
+  @param length contains the length of file name
+ 
+  @return TRUE if the file name is allowed, FALSE otherwise.
+*/
+my_bool is_filename_allowed(const char *name __attribute__((unused)),
+                            size_t length __attribute__((unused)))
+{
+#ifdef __WIN__
+  /* 
+    For Windows, check if the file name contains : character.
+    Start from end of path and search if the file name contains :
+  */
+  const char* ch = NULL;
+  for(ch= name + length - 1; ch >= name; --ch)
+  {
+    if (FN_LIBCHAR == *ch || '/' == *ch)
+      break;
+    else if (':' == *ch)
+    {
+      /*
+        File names like C:foobar.txt are allowed since the syntax means
+        file foobar.txt in current directory of C drive. However file
+        names likes CC:foobar are not allowed since this syntax means ADS
+        foobar in file CC.
+      */
+      return ((ch - name == 1) && does_drive_exists(*name));
+    }
+  }
+  return TRUE;
+#else
+  /* For other platforms, file names can contain colon : */
+  return TRUE;
+#endif
+} /* is_filename_allowed */
+
 #if defined(__WIN__) || defined(__EMX__)


@@ -177,6 +238,9 @@ int check_if_legal_filename(const char *path)
  const char **reserved_name;
  DBUG_ENTER("check_if_legal_filename");

+  if(!is_filename_allowed(path, strlen(path)))
+    DBUG_RETURN(1);
+
  path+= dirname_length(path);                  /* To start of filename */
  if (!(end= strchr(path, FN_EXTCHAR)))
    end= strend(path);

--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -2812,6 +2812,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var)
  if (!path_length)
    return true;

+  if (!is_filename_allowed(var->save_result.string_value.str, 
+                           var->save_result.string_value.length))
+  {
+     my_error(ER_WRONG_VALUE_FOR_VAR, MYF(0), 
+              self->name.str, var->save_result.string_value.str);
+     return true;
+  }
+
  MY_STAT f_stat;

  if (my_stat(path, &f_stat, MYF(0)))