MDEV-11628 mysql.slow_log reports incorrect start time

use thd->start_time for the "start_time" column of the slow_log table. "current_time" here refers to the current_time() function return value not to the actual *current* time. also fixes MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table

MDEV-11628 mysql.slow_log reports incorrect start time
use thd->start_time for the "start_time" column of the slow_log table. "current_time" here refers to the current_time() function return value not to the actual *current* time. also fixes MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
dcb814c4 · Sergei Golubchik · db9fad15 · dcb814c4 · dcb814c4 · dcb814c4
Commit dcb814c4 authored Jan 21, 2024 by Sergei Golubchik
Hide whitespace changes
Inline Side-by-side

Showing with 47 additions and 1 deletion

mysql-test/main/log_tables.result mysql-test/main/log_tables.result +28 -0

mysql-test/main/log_tables.test mysql-test/main/log_tables.test +18 -0

sql/log.cc sql/log.cc +1 -1

No files found.
--- a/mysql-test/main/log_tables.result
+++ b/mysql-test/main/log_tables.result
@@ -994,6 +994,34 @@ ERROR HY000: Cannot rename 'slow_log'. When logging enabled, rename to/from log
 use test;
 flush tables with read lock;
 unlock tables;
+#
+# MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
+#
+truncate mysql.slow_log;
+set global log_output= 'TABLE';
+create user u@localhost;
+set slow_query_log=on, long_query_time=0.1;
+select 'before evil-doing', sleep(0.2);
+before evil-doing	sleep(0.2)
+before evil-doing	0
+connect  con1,localhost,u,,;
+set @@timestamp= 2147483647;
+set slow_query_log=on, long_query_time=0.1;
+select 'evil-doing', sleep(1.1);
+evil-doing	sleep(1.1)
+evil-doing	0
+disconnect con1;
+connection default;
+select 'after evil-doing', sleep(0.2);
+after evil-doing	sleep(0.2)
+after evil-doing	0
+select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
+sql_text
+select 'before evil-doing', sleep(0.2)
+select 'evil-doing', sleep(1.1)
+select 'after evil-doing', sleep(0.2)
+set global log_output=default;
+drop user u@localhost;
 SET @@global.log_output=       @old_log_output;
 SET @@global.slow_query_log=   @old_slow_query_log;
 SET @@global.general_log=      @old_general_log;
--- a/mysql-test/main/log_tables.test
+++ b/mysql-test/main/log_tables.test
@@ -1033,6 +1033,24 @@ use test;
 flush tables with read lock;
 unlock tables;

+--echo #
+--echo # MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
+--echo #
+truncate mysql.slow_log;
+set global log_output= 'TABLE';
+create user u@localhost;
+set slow_query_log=on, long_query_time=0.1;
+select 'before evil-doing', sleep(0.2);
+--connect (con1,localhost,u,,)
+set @@timestamp= 2147483647;
+set slow_query_log=on, long_query_time=0.1;
+select 'evil-doing', sleep(1.1);
+--disconnect con1
+--connection default
+select 'after evil-doing', sleep(0.2);
+select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
+set global log_output=default;
+drop user u@localhost;

 SET @@global.log_output=       @old_log_output;
 SET @@global.slow_query_log=   @old_slow_query_log;

--- a/sql/log.cc
+++ b/sql/log.cc
@@ -1334,7 +1334,7 @@ bool LOGGER::slow_log_print(THD *thd, const char *query, size_t query_length,
    query_utime= (current_utime - thd->start_utime);
    lock_utime=  (thd->utime_after_lock - thd->start_utime);
    my_hrtime_t current_time= { hrtime_from_time(thd->start_time) +
-                                thd->start_time_sec_part + query_utime };
+                                thd->start_time_sec_part };

    if (!query || thd->get_command() == COM_STMT_PREPARE)
    {