Bug#11757855 - 49967: built-in libedit doesn't read

.editrc on linux. MySQL client when build with libedit support ignores .editrc at startup. The reason for this regression was the incluison of a safety check, issetugid(), which is not available on some linux platforms. Fixed by adding an equivalent check for platforms which have get[e][u|g]id() set of functions. cmd-line-utils/libedit/el.c: Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added function calls to check user/group IDs on linux systems which does not have issetugid() function. configure.in: Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added check for getuid, geteuid, getgid, getegid functions.

Bug#11757855 - 49967: built-in libedit doesn't read
.editrc on linux. MySQL client when build with libedit support ignores .editrc at startup. The reason for this regression was the incluison of a safety check, issetugid(), which is not available on some linux platforms. Fixed by adding an equivalent check for platforms which have get[e][u|g]id() set of functions. cmd-line-utils/libedit/el.c: Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added function calls to check user/group IDs on linux systems which does not have issetugid() function. configure.in: Bug#11757855 - 49967: built-in libedit doesn't read .editrc on linux. Added check for getuid, geteuid, getgid, getegid functions.
c3ac7439 · Nirbhay Choubey · 203cdb10 · c3ac7439 · c3ac7439
Commit c3ac7439 authored Apr 29, 2011 by Nirbhay Choubey
Show whitespace changes
Inline Side-by-side

Showing with 17 additions and 6 deletions

cmd-line-utils/libedit/el.c cmd-line-utils/libedit/el.c +16 -5

configure.in configure.in +1 -1

No files found.
--- a/cmd-line-utils/libedit/el.c
+++ b/cmd-line-utils/libedit/el.c
@@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname)

 	fp = NULL;
 	if (fname == NULL) {
-#ifdef HAVE_ISSETUGID
+/* XXXMYSQL: Bug#49967 */
+#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \
+    defined(HAVE_GETGID) && defined(HAVE_GETEGID)
+#define HAVE_IDENTITY_FUNCS 1
+#endif
+
+#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS))
 		static const char elpath[] = "/.editrc";
 /* XXXMYSQL: Portability fix (for which platforms?) */
 #ifdef MAXPATHLEN
@@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname)
 #else
 		char path[4096];
 #endif
-
+#ifdef HAVE_ISSETUGID
 		if (issetugid())
 			return (-1);
+#elif defined(HAVE_IDENTITY_FUNCS)
+                if (getuid() != geteuid() || getgid() != getegid())
+                  return (-1);
+#endif
 		if ((ptr = getenv("HOME")) == NULL)
 			return (-1);
 		if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
@@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname)
 		fname = path;
 #else
 		/*
-		 * If issetugid() is missing, always return an error, in order
-		 * to keep from inadvertently opening up the user to a security
-		 * hole.
+		 * If issetugid() or the above mentioned get[e][u|g]id()
+		 * functions are missing, always return an error, in order
+		 * to keep from inadvertently opening up the user to a
+		 * security hole.
 		 */
 		return (-1);
 #endif

--- a/configure.in
+++ b/configure.in
@@ -1963,7 +1963,7 @@ AC_CHECK_HEADER(vis.h,
    [AC_DEFINE([HAVE_VIS_H], [1],[Found vis.h and the strvis() function])])])

 AC_CHECK_FUNCS(strlcat strlcpy)
-AC_CHECK_FUNCS(issetugid)
+AC_CHECK_FUNCS(issetugid getuid geteuid getgid getegid)
 AC_CHECK_FUNCS(fgetln)
 AC_CHECK_FUNCS(getline flockfile)