diff options
| author | unknown <reggie@mdk10.(none)> | 2005-05-21 12:31:58 -0500 |
|---|---|---|
| committer | unknown <reggie@mdk10.(none)> | 2005-05-21 12:31:58 -0500 |
| commit | 442c072fdf6c7dd2b7fcad5a44c6438b980629f4 (patch) | |
| tree | 1e3a7eeced13fbee15770b63f2c8c20e3a0d17d1 /mysys | |
| parent | 9b8e02741ab73838ffa9dd26dd94a560d9d3d667 (diff) | |
| download | mariadb-git-442c072fdf6c7dd2b7fcad5a44c6438b980629f4.tar.gz | |
BUG# 9148: Denial of service
This is a second patch needing another review. The first patch didn't solve
the entire problem. open and fopen on Windows will still open
files like "com1.sym" when they shouldn't. This patch
checks that the file exists before trying to open it.
mysys/my_fopen.c:
on Windows, if we are not creating a file the we call my_access to make sure the
file exists before trying to open it.
mysys/my_open.c:
on Windows, if we are not creating a file the we call my_access to make sure the
file exists before trying to open it.
Diffstat (limited to 'mysys')
| -rw-r--r-- | mysys/my_fopen.c | 18 | ||||
| -rw-r--r-- | mysys/my_open.c | 6 |
2 files changed, 21 insertions, 3 deletions
diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c index e918b7b0de2..208e7e80fd8 100644 --- a/mysys/my_fopen.c +++ b/mysys/my_fopen.c @@ -33,9 +33,21 @@ FILE *my_fopen(const char *FileName, int Flags, myf MyFlags) DBUG_ENTER("my_fopen"); DBUG_PRINT("my",("Name: '%s' Flags: %d MyFlags: %d", FileName, Flags, MyFlags)); - - make_ftype(type,Flags); - if ((fd = fopen(FileName, type)) != 0) + /* + * if we are not creating, then we need to use my_access to make sure + * the file exists since Windows doesn't handle files like "com1.sym" very well + */ +#ifdef __WIN__ + if (! (Flags & O_CREAT) && my_access(FileName, F_OK)) + fd=0; + else +#endif + { + make_ftype(type,Flags); + fd = fopen(FileName, type); + } + + if (fd != 0) { /* The test works if MY_NFILE < 128. The problem is that fileno() is char diff --git a/mysys/my_open.c b/mysys/my_open.c index ca5c0d8683f..1f3bb95b5a2 100644 --- a/mysys/my_open.c +++ b/mysys/my_open.c @@ -46,6 +46,12 @@ File my_open(const char *FileName, int Flags, myf MyFlags) DBUG_PRINT("my",("Name: '%s' Flags: %d MyFlags: %d", FileName, Flags, MyFlags)); #if defined(MSDOS) || defined(__WIN__) || defined(__EMX__) || defined(OS2) + /* if we are not creating, then we need to use my_access to make + * sure the file exists since Windows doesn't handle files like + * "com1.sym" very well + */ + if (! (Flags & O_CREAT) && my_access(FileName, F_OK)) + return -1; if (Flags & O_SHARE) fd = sopen((my_string) FileName, (Flags & ~O_SHARE) | O_BINARY, SH_DENYNO, MY_S_IREAD | MY_S_IWRITE); |