From a63185e8638365d401732803ba93b6b149d33c65 Mon Sep 17 00:00:00 2001 From: Karthik Kamath Date: Thu, 10 Nov 2016 15:11:57 +0530 Subject: BUG#24437124: POSSIBLE BUFFER OVERFLOW ON CREATE TABLE ANALYSIS: ========= 'CREATE TABLE' query with a large value for 'CONNECTION' string reports an incorrect error. The length of connection string is stored in .frm in two bytes (max value= 65535). When the string length exceeds the max value, the length is truncated to fit the two bytes limit. Further processing leads to reading only a part of the string as the length stored is incorrect. The remaining part of the string is treated as engine type and hence results in an error. FIX: ==== We are now restricting the connection string length to 1024. An appropriate error is reported if the length crosses this limit. NOTE: ===== The 'PASSWORD' table option is documented as unused and processed within a dead code. Hence it will not cause similar issue with large strings. --- include/mysql_com.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/mysql_com.h b/include/mysql_com.h index f2345be6fd6..5cd40915743 100644 --- a/include/mysql_com.h +++ b/include/mysql_com.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -26,6 +26,7 @@ #define USERNAME_CHAR_LENGTH 16 #define NAME_LEN (NAME_CHAR_LEN*SYSTEM_CHARSET_MBMAXLEN) #define USERNAME_LENGTH (USERNAME_CHAR_LENGTH*SYSTEM_CHARSET_MBMAXLEN) +#define CONNECT_STRING_MAXLEN 1024 #define MYSQL_AUTODETECT_CHARSET_NAME "auto" -- cgit v1.2.1 From 69bbf9efebf8df4af9cd049b052ef1474660257d Mon Sep 17 00:00:00 2001 From: Balasubramanian Kandasamy Date: Fri, 6 Jan 2017 18:15:13 +0530 Subject: Updated copyright year in user visible text --- include/welcome_copyright_notice.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/welcome_copyright_notice.h b/include/welcome_copyright_notice.h index 7b6c28c2f56..0c17b5e650c 100644 --- a/include/welcome_copyright_notice.h +++ b/include/welcome_copyright_notice.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ #ifndef _welcome_copyright_notice_h_ #define _welcome_copyright_notice_h_ -#define COPYRIGHT_NOTICE_CURRENT_YEAR "2016" +#define COPYRIGHT_NOTICE_CURRENT_YEAR "2017" /* This define specifies copyright notice which is displayed by every MySQL -- cgit v1.2.1 From 060b1eadf4913f7066484ea34ec62feead1bca44 Mon Sep 17 00:00:00 2001 From: Ramil Kalimullin Date: Fri, 10 Mar 2017 01:19:50 +0400 Subject: BUG#25575605: SETTING --SSL-MODE=REQUIRED SENDS CREDENTIALS BEFORE VERIFYING SSL CONNECTION MYSQL_OPT_SSL_MODE option introduced. It is set in case of --ssl-mode=REQUIRED and permits only SSL connection. (cherry picked from commit 3b2d28578c526f347f5cfe763681eff365731f99) --- include/mysql.h | 9 +++++++-- include/mysql.h.pp | 6 +++++- include/sql_common.h | 3 ++- include/sslopt-case.h | 4 ++-- include/sslopt-vars.h | 6 +++--- 5 files changed, 19 insertions(+), 9 deletions(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index da29cb342cc..7ebf2f725a2 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -167,7 +167,7 @@ enum mysql_option MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH, MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH, - MYSQL_ENABLE_CLEARTEXT_PLUGIN + MYSQL_ENABLE_CLEARTEXT_PLUGIN, MYSQL_OPT_SSL_MODE }; /** @@ -224,6 +224,11 @@ enum mysql_protocol_type MYSQL_PROTOCOL_PIPE, MYSQL_PROTOCOL_MEMORY }; +enum mysql_ssl_mode +{ + SSL_MODE_REQUIRED= 3 +}; + typedef struct character_set { unsigned int number; /* character set number */ diff --git a/include/mysql.h.pp b/include/mysql.h.pp index c2c5ba35044..0f292d921ee 100644 --- a/include/mysql.h.pp +++ b/include/mysql.h.pp @@ -263,7 +263,7 @@ enum mysql_option MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH, MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH, - MYSQL_ENABLE_CLEARTEXT_PLUGIN + MYSQL_ENABLE_CLEARTEXT_PLUGIN, MYSQL_OPT_SSL_MODE }; struct st_mysql_options_extention; struct st_mysql_options { @@ -307,6 +307,10 @@ enum mysql_protocol_type MYSQL_PROTOCOL_DEFAULT, MYSQL_PROTOCOL_TCP, MYSQL_PROTOCOL_SOCKET, MYSQL_PROTOCOL_PIPE, MYSQL_PROTOCOL_MEMORY }; +enum mysql_ssl_mode +{ + SSL_MODE_REQUIRED= 3 +}; typedef struct character_set { unsigned int number; diff --git a/include/sql_common.h b/include/sql_common.h index a2ea3ac45e7..05bbb5a4f53 100644 --- a/include/sql_common.h +++ b/include/sql_common.h @@ -1,7 +1,7 @@ #ifndef SQL_COMMON_INCLUDED #define SQL_COMMON_INCLUDED -/* Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,6 +32,7 @@ struct st_mysql_options_extention { char *plugin_dir; char *default_auth; my_bool enable_cleartext_plugin; + unsigned int ssl_mode; }; typedef struct st_mysql_methods diff --git a/include/sslopt-case.h b/include/sslopt-case.h index 57702b3b352..0fddafc4fa9 100644 --- a/include/sslopt-case.h +++ b/include/sslopt-case.h @@ -1,7 +1,7 @@ #ifndef SSLOPT_CASE_INCLUDED #define SSLOPT_CASE_INCLUDED -/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -38,7 +38,7 @@ exit(1); } else - opt_ssl_required= 1; + opt_ssl_mode= SSL_MODE_REQUIRED; break; #endif /* MYSQL_CLIENT */ #endif diff --git a/include/sslopt-vars.h b/include/sslopt-vars.h index 6c9bd4296ef..a037538f693 100644 --- a/include/sslopt-vars.h +++ b/include/sslopt-vars.h @@ -1,7 +1,7 @@ #ifndef SSLOPT_VARS_INCLUDED #define SSLOPT_VARS_INCLUDED -/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -31,11 +31,11 @@ SSL_STATIC char *opt_ssl_key = 0; #ifdef MYSQL_CLIENT SSL_STATIC my_bool opt_ssl_verify_server_cert= 0; -SSL_STATIC my_bool opt_ssl_required= 0; +SSL_STATIC uint opt_ssl_mode= 0; #endif /* MYSQL_CLIENT */ #else /* HAVE_OPENSSL */ -#define opt_ssl_required 0 +#define opt_ssl_mode 0 #endif /* HAVE_OPENSSL */ #endif /* SSLOPT_VARS_INCLUDED */ -- cgit v1.2.1 From 87e37ee06b32dda19f8c17a888586dd03191eeec Mon Sep 17 00:00:00 2001 From: Ramil Kalimullin Date: Mon, 13 Mar 2017 17:01:59 +0400 Subject: BUG#25575605: SETTING --SSL-MODE=REQUIRED SENDS CREDENTIALS BEFORE VERIFYING SSL CONNECTION Changed MYSQL_OPT_SSL_MODE to be the same as in 5.6 (ABI compatibility). (cherry picked from commit 47bb4eb5df1629b5d5e30aebfa9d7a6d74388a5d) --- include/mysql.h | 4 +++- include/mysql.h.pp | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/mysql.h b/include/mysql.h index 7ebf2f725a2..3a27ab4128c 100644 --- a/include/mysql.h +++ b/include/mysql.h @@ -167,7 +167,9 @@ enum mysql_option MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH, MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH, - MYSQL_ENABLE_CLEARTEXT_PLUGIN, MYSQL_OPT_SSL_MODE + MYSQL_ENABLE_CLEARTEXT_PLUGIN, + /* Set MYSQL_OPT_SSL_MODE to be the same as in 5.6 (ABI compatibility). */ + MYSQL_OPT_SSL_MODE= 38 }; /** diff --git a/include/mysql.h.pp b/include/mysql.h.pp index 0f292d921ee..774bf2d0301 100644 --- a/include/mysql.h.pp +++ b/include/mysql.h.pp @@ -263,7 +263,8 @@ enum mysql_option MYSQL_OPT_GUESS_CONNECTION, MYSQL_SET_CLIENT_IP, MYSQL_SECURE_AUTH, MYSQL_REPORT_DATA_TRUNCATION, MYSQL_OPT_RECONNECT, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, MYSQL_PLUGIN_DIR, MYSQL_DEFAULT_AUTH, - MYSQL_ENABLE_CLEARTEXT_PLUGIN, MYSQL_OPT_SSL_MODE + MYSQL_ENABLE_CLEARTEXT_PLUGIN, + MYSQL_OPT_SSL_MODE= 38 }; struct st_mysql_options_extention; struct st_mysql_options { -- cgit v1.2.1 From 4fe65ca33a6012ec60c665f6eeb5ff08969fb267 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Tue, 18 Apr 2017 12:35:05 +0200 Subject: =?UTF-8?q?MDEV-12230=20include/my=5Fsys.h:600:43:=20error:=20unkn?= =?UTF-8?q?own=20type=20name=20=E2=80=98PSI=5Ffile=5Fkey=E2=80=99"=20when?= =?UTF-8?q?=20-DWITHOUT=5FSERVER=3D1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit cherry-pick 2c2bd8c155 (MDEV-12261 build failure without P_S) from 10.0 --- include/my_sys.h | 3 +-- include/mysql/psi/mysql_file.h | 47 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/my_sys.h b/include/my_sys.h index 10551e119ac..27940683dad 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -580,8 +580,7 @@ extern File my_create_with_symlink(const char *linkname, const char *filename, myf MyFlags); extern int my_rename_with_symlink(const char *from,const char *to,myf MyFlags); extern int my_symlink(const char *content, const char *linkname, myf MyFlags); -extern int my_handler_delete_with_symlink(PSI_file_key key, const char *name, - const char *ext, myf sync_dir); +extern int my_handler_delete_with_symlink(const char *filename, myf sync_dir); extern size_t my_read(File Filedes,uchar *Buffer,size_t Count,myf MyFlags); extern size_t my_pread(File Filedes,uchar *Buffer,size_t Count,my_off_t offset, diff --git a/include/mysql/psi/mysql_file.h b/include/mysql/psi/mysql_file.h index 4a0f3fdd68b..aa3ed7e901d 100644 --- a/include/mysql/psi/mysql_file.h +++ b/include/mysql/psi/mysql_file.h @@ -434,6 +434,20 @@ inline_mysql_file_create_with_symlink(P1, P2, P3, P4, P5) #endif +/** + @def mysql_file_delete_with_symlink(K, P1, P2, P3) + Instrumented delete with symbolic link. + @c mysql_file_delete_with_symlink is a replacement + for @c my_handler_delete_with_symlink. +*/ +#ifdef HAVE_PSI_INTERFACE + #define mysql_file_delete_with_symlink(K, P1, P2, P3) \ + inline_mysql_file_delete_with_symlink(K, __FILE__, __LINE__, P1, P2, P3) +#else + #define mysql_file_delete_with_symlink(K, P1, P2, P3) \ + inline_mysql_file_delete_with_symlink(P1, P2, P3) +#endif + /** @def mysql_file_rename_with_symlink(K, P1, P2, P3) Instrumented rename with symbolic link. @@ -1305,6 +1319,7 @@ inline_mysql_file_rename( return result; } + static inline File inline_mysql_file_create_with_symlink( #ifdef HAVE_PSI_INTERFACE @@ -1334,6 +1349,38 @@ inline_mysql_file_create_with_symlink( return file; } +static inline int +inline_mysql_file_delete_with_symlink( +#ifdef HAVE_PSI_INTERFACE + PSI_file_key key, const char *src_file, uint src_line, +#endif + const char *name, const char *ext, myf flags) +{ + int result; + char fullname[FN_REFLEN]; +#ifdef HAVE_PSI_INTERFACE + struct PSI_file_locker *locker= NULL; + PSI_file_locker_state state; +#endif + fn_format(fullname, name, "", ext, MY_UNPACK_FILENAME | MY_APPEND_EXT); +#ifdef HAVE_PSI_INTERFACE + if (likely(PSI_server != NULL)) + { + locker= PSI_server->get_thread_file_name_locker(&state, key, PSI_FILE_DELETE, + fullname, &locker); + if (likely(locker != NULL)) + PSI_server->start_file_wait(locker, (size_t) 0, src_file, src_line); + } +#endif + result= my_handler_delete_with_symlink(fullname, flags); +#ifdef HAVE_PSI_INTERFACE + if (likely(locker != NULL)) + PSI_server->end_file_wait(locker, (size_t) 0); +#endif + return result; +} + + static inline int inline_mysql_file_rename_with_symlink( #ifdef HAVE_PSI_INTERFACE -- cgit v1.2.1 From 602b5e4c498ad2e2d045adfa4fd1478ac437582a Mon Sep 17 00:00:00 2001 From: Daniel Black Date: Tue, 18 Apr 2017 17:20:34 +1000 Subject: WIP: global readonly variable pcre_frame_size --- include/my_sys.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include') diff --git a/include/my_sys.h b/include/my_sys.h index 5b0a11408a4..395d0956430 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -227,6 +227,9 @@ extern void (*fatal_error_handler_hook)(uint my_err, const char *str, myf MyFlags); extern uint my_file_limit; extern ulonglong my_thread_stack_size; +#ifndef EMBEDDED_LIBRARY +extern ulonglong my_pcre_frame_size; +#endif extern int sf_leaking_memory; /* set to 1 to disable memleak detection */ extern void (*proc_info_hook)(void *, const PSI_stage_info *, PSI_stage_info *, -- cgit v1.2.1 From 52aa200919b1fd9357c05bcdfc66a42e51f242b3 Mon Sep 17 00:00:00 2001 From: Sergei Golubchik Date: Thu, 11 May 2017 19:48:42 +0200 Subject: MDEV-12420 max_recursive_iterations did not prevent a stack-overflow and segfault post-review fixes * move pcre-specific variable out of mysys * don't use current_thd * move a commonly used macro to my_sys.h * remove new sysvar --- include/my_sys.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/my_sys.h b/include/my_sys.h index 395d0956430..22ed7616f1c 100644 --- a/include/my_sys.h +++ b/include/my_sys.h @@ -227,9 +227,6 @@ extern void (*fatal_error_handler_hook)(uint my_err, const char *str, myf MyFlags); extern uint my_file_limit; extern ulonglong my_thread_stack_size; -#ifndef EMBEDDED_LIBRARY -extern ulonglong my_pcre_frame_size; -#endif extern int sf_leaking_memory; /* set to 1 to disable memleak detection */ extern void (*proc_info_hook)(void *, const PSI_stage_info *, PSI_stage_info *, @@ -909,6 +906,12 @@ extern ulonglong my_getcputime(void); #define hrtime_sec_part(X) ((ulong)((X).val % HRTIME_RESOLUTION)) #define my_time(X) hrtime_to_time(my_hrtime()) +#if STACK_DIRECTION < 0 +#define available_stack_size(CUR,END) (long) ((char*)(CUR) - (char*)(END)) +#else +#define available_stack_size(CUR,END) (long) ((char*)(END) - (char*)(CUR)) +#endif + #ifdef HAVE_SYS_MMAN_H #include -- cgit v1.2.1