Commit 5d4dfc16 authored by Ravinder Thakur's avatar Ravinder Thakur

Merging from 5.1 to 5.5 for bug#11761752

parents b132676b 92582232
...@@ -604,6 +604,7 @@ extern int my_access(const char *path, int amode); ...@@ -604,6 +604,7 @@ extern int my_access(const char *path, int amode);
extern int check_if_legal_filename(const char *path); extern int check_if_legal_filename(const char *path);
extern int check_if_legal_tablename(const char *path); extern int check_if_legal_tablename(const char *path);
extern my_bool is_filename_allowed(const char *name, size_t length);
#ifdef _WIN32 #ifdef _WIN32
extern int nt_share_delete(const char *name,myf MyFlags); extern int nt_share_delete(const char *name,myf MyFlags);
......
...@@ -156,6 +156,67 @@ int check_if_legal_tablename(const char *name) ...@@ -156,6 +156,67 @@ int check_if_legal_tablename(const char *name)
} }
#ifdef __WIN__
/**
Checks if the drive letter supplied is valid or not. Valid drive
letters are A to Z, both lower case and upper case.
@param drive_letter : The drive letter to validate.
@return TRUE if the drive exists, FALSE otherwise.
*/
static my_bool does_drive_exists(char drive_letter)
{
DWORD drive_mask= GetLogicalDrives();
drive_letter= toupper(drive_letter);
return (drive_letter >= 'A' && drive_letter <= 'Z') &&
(drive_mask & (0x1 << (drive_letter - 'A')));
}
#endif
/**
Verifies if the file name supplied is allowed or not. On Windows
file names with a colon (:) are not allowed because such file names
store data in Alternate Data Streams which can be used to hide
the data.
@param name contains the file name with or without path
@param length contains the length of file name
@return TRUE if the file name is allowed, FALSE otherwise.
*/
my_bool is_filename_allowed(const char *name __attribute__((unused)),
size_t length __attribute__((unused)))
{
#ifdef __WIN__
/*
For Windows, check if the file name contains : character.
Start from end of path and search if the file name contains :
*/
const char* ch = NULL;
for(ch= name + length - 1; ch >= name; --ch)
{
if (FN_LIBCHAR == *ch || '/' == *ch)
break;
else if (':' == *ch)
{
/*
File names like C:foobar.txt are allowed since the syntax means
file foobar.txt in current directory of C drive. However file
names likes CC:foobar are not allowed since this syntax means ADS
foobar in file CC.
*/
return ((ch - name == 1) && does_drive_exists(*name));
}
}
return TRUE;
#else
/* For other platforms, file names can contain colon : */
return TRUE;
#endif
} /* is_filename_allowed */
#if defined(__WIN__) || defined(__EMX__) #if defined(__WIN__) || defined(__EMX__)
...@@ -177,6 +238,9 @@ int check_if_legal_filename(const char *path) ...@@ -177,6 +238,9 @@ int check_if_legal_filename(const char *path)
const char **reserved_name; const char **reserved_name;
DBUG_ENTER("check_if_legal_filename"); DBUG_ENTER("check_if_legal_filename");
if(!is_filename_allowed(path, strlen(path)))
DBUG_RETURN(1);
path+= dirname_length(path); /* To start of filename */ path+= dirname_length(path); /* To start of filename */
if (!(end= strchr(path, FN_EXTCHAR))) if (!(end= strchr(path, FN_EXTCHAR)))
end= strend(path); end= strend(path);
......
...@@ -2812,6 +2812,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var) ...@@ -2812,6 +2812,14 @@ static bool check_log_path(sys_var *self, THD *thd, set_var *var)
if (!path_length) if (!path_length)
return true; return true;
if (!is_filename_allowed(var->save_result.string_value.str,
var->save_result.string_value.length))
{
my_error(ER_WRONG_VALUE_FOR_VAR, MYF(0),
self->name.str, var->save_result.string_value.str);
return true;
}
MY_STAT f_stat; MY_STAT f_stat;
if (my_stat(path, &f_stat, MYF(0))) if (my_stat(path, &f_stat, MYF(0)))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment