diff options
Diffstat (limited to 'client/mysqladmin.cc')
| -rw-r--r-- | client/mysqladmin.cc | 60 |
1 files changed, 56 insertions, 4 deletions
diff --git a/client/mysqladmin.cc b/client/mysqladmin.cc index 1bb4ac41b1e..2a1f8b521f0 100644 --- a/client/mysqladmin.cc +++ b/client/mysqladmin.cc @@ -1,5 +1,5 @@ /* - Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -71,6 +71,7 @@ extern "C" my_bool get_one_option(int optid, const struct my_option *opt, char *argument); static my_bool sql_connect(MYSQL *mysql, uint wait); static int execute_commands(MYSQL *mysql,int argc, char **argv); +static char **mask_password(int argc, char ***argv); static int drop_db(MYSQL *mysql,const char *db); extern "C" sig_handler endprog(int signal_number); static void nice_time(ulong sec,char *buff); @@ -304,9 +305,9 @@ get_one_option(int optid, const struct my_option *opt __attribute__((unused)), int main(int argc,char *argv[]) { - int error= 0, ho_error; + int error= 0, ho_error, temp_argc; MYSQL mysql; - char **commands, **save_argv; + char **commands, **save_argv, **temp_argv; MY_INIT(argv[0]); mysql_init(&mysql); @@ -318,6 +319,9 @@ int main(int argc,char *argv[]) free_defaults(save_argv); exit(ho_error); } + temp_argv= mask_password(argc, &argv); + temp_argc= argc; + if (debug_info_flag) my_end_arg= MY_CHECK_ERROR | MY_GIVE_INFO; if (debug_check_flag) @@ -328,7 +332,7 @@ int main(int argc,char *argv[]) usage(); exit(1); } - commands = argv; + commands = temp_argv; if (tty_password) opt_password = get_tty_password(NullS); @@ -476,6 +480,13 @@ int main(int argc,char *argv[]) my_free(shared_memory_base_name); #endif free_defaults(save_argv); + temp_argc--; + while(temp_argc >= 0) + { + my_free(temp_argv[temp_argc]); + temp_argc--; + } + my_free(temp_argv); my_end(my_end_arg); exit(error ? 1 : 0); return 0; @@ -1089,6 +1100,47 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv) return 0; } +/** + @brief Masking the password if it is passed as command line argument. + + @details It works in Linux and changes cmdline in ps and /proc/pid/cmdline, + but it won't work for history file of shell. + The command line arguments are copied to another array and the + password in the argv is masked. This function is called just after + "handle_options" because in "handle_options", the agrv pointers + are altered which makes freeing of dynamically allocated memory + difficult. The password masking is done before all other operations + in order to minimise the time frame of password visibility via cmdline. + + @param argc command line options (count) + @param argv command line options (values) + + @return temp_argv copy of argv +*/ + +static char **mask_password(int argc, char ***argv) +{ + char **temp_argv; + temp_argv= (char **)(my_malloc(sizeof(char *) * argc, MYF(MY_WME))); + argc--; + while (argc > 0) + { + temp_argv[argc]= my_strdup((*argv)[argc], MYF(MY_FAE)); + if (find_type((*argv)[argc - 1],&command_typelib, FIND_TYPE_BASIC) == ADMIN_PASSWORD || + find_type((*argv)[argc - 1],&command_typelib, FIND_TYPE_BASIC) == ADMIN_OLD_PASSWORD) + { + char *start= (*argv)[argc]; + while (*start) + *start++= 'x'; + start= (*argv)[argc]; + if (*start) + start[1]= 0; /* Cut length of argument */ + } + argc--; + } + temp_argv[argc]= my_strdup((*argv)[argc], MYF(MY_FAE)); + return(temp_argv); +} static void print_version(void) { |