diff options
author | unknown <reggie@mdk10.(none)> | 2005-05-20 16:04:10 -0500 |
---|---|---|
committer | unknown <reggie@mdk10.(none)> | 2005-05-20 16:04:10 -0500 |
commit | c1ae672adda45a1b8c5637b8f4d6a3f91378ea20 (patch) | |
tree | 3c11d9563166e2b2ee03a1165069c1f02dfba30a /mysys | |
parent | 25d661adfc144d0de605ff07907ed9004155466d (diff) | |
download | mariadb-git-c1ae672adda45a1b8c5637b8f4d6a3f91378ea20.tar.gz |
BUG# 9148: Denial of service
The problem was that on Windows the access method indicates that access to file
such as "com1" and "lpt1" is allowed (since they are device names) and
this causes mysql to attempt to open them as databases or tables.
The fix was to write our own my_access method that uses other Win32 functions
to determine if the given argument is indeed a file and has to requested
mode.
VC++Files/mysys/mysys.dsp:
added my_access
VC++Files/mysys/mysys_ia64.dsp:
added my_access.c
include/my_sys.h:
if on windows, we use my_access.
if not on windows, then my_access points to the native access method
mysys/Makefile.am:
added my_access to mysys build file
mysys/mf_pack.c:
changed call to access to my_access
sql/sql_db.cc:
changed call to access to my_access
Diffstat (limited to 'mysys')
-rw-r--r-- | mysys/Makefile.am | 2 | ||||
-rw-r--r-- | mysys/mf_pack.c | 2 | ||||
-rw-r--r-- | mysys/my_access.c | 53 |
3 files changed, 55 insertions, 2 deletions
diff --git a/mysys/Makefile.am b/mysys/Makefile.am index 3ae9c05bff5..ab35ccb21ba 100644 --- a/mysys/Makefile.am +++ b/mysys/Makefile.am @@ -53,7 +53,7 @@ libmysys_a_SOURCES = my_init.c my_getwd.c mf_getdate.c \ my_net.c my_semaphore.c my_port.c my_sleep.c \ charset.c charset-def.c my_bitmap.c my_bit.c md5.c \ my_gethostbyname.c rijndael.c my_aes.c sha1.c \ - my_handler.c my_netware.c my_windac.c + my_handler.c my_netware.c my_windac.c my_access.c EXTRA_DIST = thr_alarm.c thr_lock.c my_pthread.c my_thr_init.c \ thr_mutex.c thr_rwlock.c libmysys_a_LIBADD = @THREAD_LOBJECTS@ diff --git a/mysys/mf_pack.c b/mysys/mf_pack.c index 9193238708d..79b194289c6 100644 --- a/mysys/mf_pack.c +++ b/mysys/mf_pack.c @@ -226,7 +226,7 @@ void symdirget(char *dir) { char buff[FN_REFLEN]; char *pos=strend(dir); - if (dir[0] && pos[-1] != FN_DEVCHAR && access(dir, F_OK)) + if (dir[0] && pos[-1] != FN_DEVCHAR && !my_access(dir, F_OK)) { File file; uint length; diff --git a/mysys/my_access.c b/mysys/my_access.c new file mode 100644 index 00000000000..6a8887e42a6 --- /dev/null +++ b/mysys/my_access.c @@ -0,0 +1,53 @@ +/* Copyright (C) 2000 MySQL AB + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + +#include "mysys_priv.h" + +#ifdef __WIN__ + +/* + * Check a file or path for accessability. + * + * SYNOPSIS + * file_access() + * pathpath to check + * amodemode to check + * + * DESCRIPTION + * This function wraps the normal access method because the access + * available in MSVCRT> +reports that filenames such as LPT1 and + * COM1 are valid (they are but should not be so for us). + * + * RETURN VALUES + * 0 ok + * -1 error + */ +int my_access(const char *path, int amode) +{ + WIN32_FILE_ATTRIBUTE_DATA fileinfo; + BOOL result; + + result = GetFileAttributesEx(path, GetFileExInfoStandard, + &fileinfo); + if (! result) + return -1; + if ((fileinfo.dwFileAttributes & FILE_ATTRIBUTE_READONLY) && + (amode & 2)) + return -1; + return 0; +} + +#endif |