diff options
author | Nirbhay Choubey <nirbhay.choubey@oracle.com> | 2011-04-30 10:54:38 +0530 |
---|---|---|
committer | Nirbhay Choubey <nirbhay.choubey@oracle.com> | 2011-04-30 10:54:38 +0530 |
commit | 51721df03ab1ba63c8d051139275ae59fc535243 (patch) | |
tree | 4ffa900aaf8596d8b088008c5b58a622a03ee640 /cmd-line-utils/libedit | |
parent | 5f49c7d6b7d382690c750ddc943f72457a02adc7 (diff) | |
parent | 8843aea78a6ddb99598ad77818e5f71fd993ed54 (diff) | |
download | mariadb-git-51721df03ab1ba63c8d051139275ae59fc535243.tar.gz |
Merge of fix for bug#11757855 from mysql-5.1 -> mysql-5.5.
Diffstat (limited to 'cmd-line-utils/libedit')
-rw-r--r-- | cmd-line-utils/libedit/el.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/cmd-line-utils/libedit/el.c b/cmd-line-utils/libedit/el.c index d99946eb68f..c7f8386773d 100644 --- a/cmd-line-utils/libedit/el.c +++ b/cmd-line-utils/libedit/el.c @@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname) fp = NULL; if (fname == NULL) { -#ifdef HAVE_ISSETUGID +/* XXXMYSQL: Bug#49967 */ +#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \ + defined(HAVE_GETGID) && defined(HAVE_GETEGID) +#define HAVE_IDENTITY_FUNCS 1 +#endif + +#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS)) static const char elpath[] = "/.editrc"; /* XXXMYSQL: Portability fix (for which platforms?) */ #ifdef MAXPATHLEN @@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname) #else char path[4096]; #endif - +#ifdef HAVE_ISSETUGID if (issetugid()) return (-1); +#elif defined(HAVE_IDENTITY_FUNCS) + if (getuid() != geteuid() || getgid() != getegid()) + return (-1); +#endif if ((ptr = getenv("HOME")) == NULL) return (-1); if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path)) @@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname) fname = path; #else /* - * If issetugid() is missing, always return an error, in order - * to keep from inadvertently opening up the user to a security - * hole. + * If issetugid() or the above mentioned get[e][u|g]id() + * functions are missing, always return an error, in order + * to keep from inadvertently opening up the user to a + * security hole. */ return (-1); #endif |