diff options
author | Sjon Hortensius <sjon@hortensius.net> | 2019-05-18 17:14:21 +0200 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2019-05-22 12:44:55 +0200 |
commit | 96404eb8e223bde0f5f697987a81acb640cc539f (patch) | |
tree | 6b71b7eb4d7ebe402eb004b915337d1a40facd30 | |
parent | 62fe6ba20c229bb6ffd910f1b494a310c950cef6 (diff) | |
download | php-git-96404eb8e223bde0f5f697987a81acb640cc539f.tar.gz |
Fix #77956 - When mysqli.allow_local_infile = Off, return a client error
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | ext/mysqli/tests/bug77956.phpt | 50 | ||||
-rw-r--r-- | ext/mysqlnd/mysqlnd_loaddata.c | 2 |
3 files changed, 56 insertions, 0 deletions
@@ -10,6 +10,10 @@ PHP NEWS . Fixed bug #78025 (segfault when accessing properties of DOMDocumentType). (cmb) +- MySQLi: + . Fixed bug #77956 (When mysqli.allow_local_infile = Off, use a meaningful + error message). (Sjon Hortensius) + 30 May 2019, PHP 7.2.19 - FPM: diff --git a/ext/mysqli/tests/bug77956.phpt b/ext/mysqli/tests/bug77956.phpt new file mode 100644 index 0000000000..b3c7943c93 --- /dev/null +++ b/ext/mysqli/tests/bug77956.phpt @@ -0,0 +1,50 @@ +--TEST-- +ensure an error is returned when mysqli.allow_local_infile is off +--SKIPIF-- +<?php +require_once('skipif.inc'); +require_once('skipifconnectfailure.inc'); +?> +--INI-- +mysqli.allow_local_infile=0 +--FILE-- +<?php + require_once("connect.inc"); + if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) { + printf("[001] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error()); + } + if (!$link->query("DROP TABLE IF EXISTS test")) { + printf("[002] [%d] %s\n", $link->errno, $link->error); + } + if (!$link->query("CREATE TABLE test (dump1 INT UNSIGNED NOT NULL PRIMARY KEY) ENGINE=" . $engine)) { + printf("[003] [%d] %s\n", $link->errno, $link->error); + } + if (FALSE == file_put_contents('bug77956.data', "waa? meukee!")) + printf("[004] Failed to create CVS file\n"); + if (!$link->query("SELECT 1 FROM DUAL")) + printf("[005] [%d] %s\n", $link->errno, $link->error); + if (!$link->query("LOAD DATA LOCAL INFILE 'bug77956.data' INTO TABLE test")) { + printf("[006] [%d] %s\n", $link->errno, $link->error); + echo "done"; + } else { + echo "bug"; + } + $link->close(); +?> +--CLEAN-- +<?php +require_once('connect.inc'); +if (!$link = my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)) { + printf("[clean] Cannot connect to the server using host=%s, user=%s, passwd=***, dbname=%s, port=%s, socket=%s\n", + $host, $user, $db, $port, $socket); +} +if (!$link->query($link, 'DROP TABLE IF EXISTS test')) { + printf("[clean] Failed to drop old test table: [%d] %s\n", mysqli_errno($link), mysqli_error($link)); +} +$link->close(); +unlink('bug77956.data'); +?> +--EXPECTF-- +Warning: mysqli::query(): LOAD DATA LOCAL INFILE forbidden in %s on line %d +[006] [2000] LOAD DATA LOCAL INFILE is forbidden, check mysqli.allow_local_infile +done diff --git a/ext/mysqlnd/mysqlnd_loaddata.c b/ext/mysqlnd/mysqlnd_loaddata.c index 33d5e2397f..a2ef96789c 100644 --- a/ext/mysqlnd/mysqlnd_loaddata.c +++ b/ext/mysqlnd/mysqlnd_loaddata.c @@ -156,6 +156,8 @@ mysqlnd_handle_local_infile(MYSQLND_CONN_DATA * conn, const char * const filenam if (!(conn->options->flags & CLIENT_LOCAL_FILES)) { php_error_docref(NULL, E_WARNING, "LOAD DATA LOCAL INFILE forbidden"); + SET_CLIENT_ERROR(conn->error_info, CR_UNKNOWN_ERROR, UNKNOWN_SQLSTATE, + "LOAD DATA LOCAL INFILE is forbidden, check mysqli.allow_local_infile"); /* write empty packet to server */ ret = net->data->m.send(net, vio, empty_packet, 0, conn->stats, conn->error_info); *is_warning = TRUE; |