diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2019-07-28 13:43:26 +0200 |
|---|---|---|
| committer | Oleksandr Byelkin <sanja@mariadb.com> | 2019-07-28 13:43:26 +0200 |
| commit | 2792c6e7b057b18c19b506f37c35716529f80979 (patch) | |
| tree | cead6068286ee469dbfe33a28d4585742eb26cbb /sql/sql_plugin.cc | |
| parent | c0743e4b0056eba0b19a19458c85e52a83cef676 (diff) | |
| parent | 4b5a14d0fe3d6945a0a9516261f563dcfd1f2c9c (diff) | |
| download | mariadb-git-2792c6e7b057b18c19b506f37c35716529f80979.tar.gz | |
Merge branch '10.3' into 10.4
Diffstat (limited to 'sql/sql_plugin.cc')
| -rw-r--r-- | sql/sql_plugin.cc | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc index 4279cc25010..5fd3d0f0f6b 100644 --- a/sql/sql_plugin.cc +++ b/sql/sql_plugin.cc @@ -729,9 +729,9 @@ static st_plugin_dl *plugin_dl_add(const LEX_CSTRING *dl, myf MyFlags) This is done to ensure that only approved libraries from the plugin directory are used (to make this even remotely secure). */ - if (check_valid_path(dl->str, dl->length) || - check_string_char_length((LEX_CSTRING *) dl, 0, NAME_CHAR_LEN, + if (check_string_char_length((LEX_CSTRING *) dl, 0, NAME_CHAR_LEN, system_charset_info, 1) || + check_valid_path(dl->str, dl->length) || plugin_dir_len + dl->length + 1 >= FN_REFLEN) { my_error(ER_UDF_NO_PATHS, MyFlags); @@ -1846,6 +1846,9 @@ static void plugin_load(MEM_ROOT *tmp_root) LEX_CSTRING name= {str_name.ptr(), str_name.length()}; LEX_CSTRING dl= {str_dl.ptr(), str_dl.length()}; + if (!name.length || !dl.length) + continue; + /* there're no other threads running yet, so we don't need a mutex. but plugin_add() before is designed to work in multi-threaded |