1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
# Description: fix privilege restriction bypass via incorrect calculation
3
# of the mysql_unpacked_real_data_home value
4
# Origin: upstream, http://lists.mysql.com/commits/89940
5
# Bug: http://bugs.mysql.com/bug.php?id=32167
8
diff -urNad mysql-dfsg-5.1-5.1.41~/sql/mysqld.cc mysql-dfsg-5.1-5.1.41/sql/mysqld.cc
9
--- mysql-dfsg-5.1-5.1.41~/sql/mysqld.cc 2009-11-04 13:31:01.000000000 -0500
10
+++ mysql-dfsg-5.1-5.1.41/sql/mysqld.cc 2010-02-22 16:28:18.000000000 -0500
11
@@ -8651,14 +8651,8 @@
15
- convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
16
- my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
17
- mysql_unpacked_real_data_home_len= strlen(mysql_unpacked_real_data_home);
18
- if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
19
- --mysql_unpacked_real_data_home_len;
22
convert_dirname(language,language,NullS);
23
+ convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
24
(void) my_load_path(mysql_home,mysql_home,""); // Resolve current dir
25
(void) my_load_path(mysql_real_data_home,mysql_real_data_home,mysql_home);
26
(void) my_load_path(pidfile_name,pidfile_name,mysql_real_data_home);
27
@@ -8666,6 +8660,12 @@
28
get_relative_path(PLUGINDIR), mysql_home);
29
opt_plugin_dir_ptr= opt_plugin_dir;
31
+ my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
32
+ mysql_unpacked_real_data_home_len=
33
+ (int) strlen(mysql_unpacked_real_data_home);
34
+ if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
35
+ --mysql_unpacked_real_data_home_len;
37
char *sharedir=get_relative_path(SHAREDIR);
38
if (test_if_hard_path(sharedir))
39
strmake(buff,sharedir,sizeof(buff)-1); /* purecov: tested */