+++ /dev/null
-From: kpettersson
-Date: October 23 2007 4:07pm
-Subject: bk commit into 5.0 tree (thek:1.2537) BUG#16470
-
-Below is the list of changes that have just been committed into a local
-5.0 repository of thek. When thek does a push these changes will
-be propagated to the main repository and, within 24 hours after the
-push, to the public repository.
-For information on how to access the public repository
-see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
-
-ChangeSet@stripped, 2007-10-23 16:07:32+02:00, thek@adventure.(none) +1 -0
- Bug #16470 crash on grant if old grant tables
-
- If a user upgraded the server without running mysql_upgrade, and later tried
- to run a GRANT command on grant tables like tables_priv, the server would
- crash.
-
- This patch fixes this problem by checking if the grant tables were properly
- initialized before attempt to store any new grants.
-
- sql/sql_acl.cc@stripped, 2007-10-23 16:07:31+02:00, thek@adventure.(none) +9 -3
- If grant_reload fails, don't try to store new GRANTs because the grant tables
- weren't properly initialized.
-
-diff -Nrup a/sql/sql_acl.cc b/sql/sql_acl.cc
---- a/sql/sql_acl.cc 2007-06-20 14:24:27 +02:00
-+++ b/sql/sql_acl.cc 2007-10-23 16:07:31 +02:00
-@@ -2786,7 +2786,12 @@ bool mysql_table_grant(THD *thd, TABLE_L
- MYF(0));
- DBUG_RETURN(TRUE);
- }
--
-+ if (!grant_option)
-+ {
-+ my_message(ER_TABLE_NEEDS_UPGRADE, ER(ER_ILLEGAL_GRANT_FOR_TABLE),
-+ MYF(0));
-+ DBUG_RETURN(TRUE);
-+ }
- if (!revoke_grant)
- {
- if (columns.elements)
-@@ -3335,13 +3340,14 @@ my_bool grant_init()
- DBUG_RETURN(1); /* purecov: deadcode */
- thd->thread_stack= (char*) &thd;
- thd->store_globals();
-- return_val= grant_reload(thd);
-+ if (grant_reload(thd))
-+ return TRUE;
- delete thd;
- /* Remember that we don't have a THD */
- my_pthread_setspecific_ptr(THR_THD, 0);
- /* Set the grant option flag so we will check grants */
- grant_option= TRUE;
-- DBUG_RETURN(return_val);
-+ DBUG_RETURN(FALSE);
- }
-
-
+++ /dev/null
-From: msvensson at mysql dot com
-Date: December 22 2006 12:05am
-Subject: bk commit into 5.0 tree (msvensson:1.2352) BUG#24148
-
-Below is the list of changes that have just been committed into a local
-5.0 repository of msvensson. When msvensson does a push these changes will
-be propagated to the main repository and, within 24 hours after the
-push, to the public repository.
-For information on how to access the public repository
-see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html
-
-ChangeSet@stripped, 2006-12-22 00:05:40+01:00, msvensson@stripped +1 -0
- Bug#24148 regression tests hang with SSL enabled
- - Don't call SSL_shutdown a second time
-
- vio/viossl.c@stripped, 2006-12-22 00:05:39+01:00, msvensson@stripped +9 -5
- SSL_shutdown might return 0 indicating that it should be called once
- again for a graceful shutdown. Since the socket are going to be closed
- anyway ther is no need for the second call.
-
-# This is a BitKeeper patch. What follows are the unified diffs for the
-# set of deltas contained in the patch. The rest of the patch, the part
-# that BitKeeper cares about, is below these diffs.
-# User: msvensson
-# Host: pilot.mysql.com
-# Root: /home/msvensson/mysql/mysql-5.0-maint
-
---- 1.38/vio/viossl.c 2006-11-20 21:41:56 +01:00
-+++ 1.39/vio/viossl.c 2006-12-22 00:05:39 +01:00
-@@ -126,12 +126,16 @@
- {
- switch ((r= SSL_shutdown(ssl)))
- {
-- case 1: /* Shutdown successful */
-+ case 1:
-+ /* Shutdown successful */
-+ break;
-+ case 0:
-+ /*
-+ Shutdown not yet finished - since the socket is going to
-+ be closed there is no need to call SSL_shutdown() a second
-+ time to wait for the other side to respond
-+ */
- break;
-- case 0: /* Shutdown not yet finished, call it again */
-- if ((r= SSL_shutdown(ssl) >= 0))
-- break;
-- /* Fallthrough */
- default: /* Shutdown failed */
- DBUG_PRINT("vio_error", ("SSL_shutdown() failed, error: %d",
- SSL_get_error(ssl, r)));
+++ /dev/null
-
-#### ChangeSet ####
-2007-11-06 18:09:33+04:00, svoj@mysql.com
- BUG#32111 - Security Breach via DATA/INDEX DIRECORY and RENAME TABLE
-
- RENAME TABLE against a table with DATA/INDEX DIRECTORY overwrites
- the file to which the symlink points.
-
- This is security issue, because it is possible to create a table with
- some name in some non-system database and set DATA/INDEX DIRECTORY
- to mysql system database. Renaming this table to one of mysql system
- tables (e.g. user, host) would overwrite the system table.
-
- Return an error when the file to which the symlink points exist.
-
-==== mysql-test/r/symlink.result ====
-2007-11-06 18:09:32+04:00, svoj@mysql.com +6 -0
- A test case for BUG#32111.
-
---- 1.7/mysql-test/r/symlink.result 2003-12-12 12:26:56 -08:00
-+++ 1.8/mysql-test/r/symlink.result 2007-11-06 06:09:32 -08:00
-@@ -84,3 +84,9 @@ t1 CREATE TABLE `t1` (
- `b` int(11) default NULL
- ) TYPE=MyISAM
- drop table t1;
-+CREATE TABLE t1(a INT)
-+DATA DIRECTORY='TEST_DIR/var/master-data/mysql'
-+INDEX DIRECTORY='TEST_DIR/var/master-data/mysql';
-+RENAME TABLE t1 TO user;
-+Can't create/write to file 'TEST_DIR/var/master-data/mysql/user.MYI' (Errcode: 17)
-+DROP TABLE t1;
-
-==== mysql-test/t/symlink.test ====
-2007-11-06 18:09:32+04:00, svoj@mysql.com +12 -0
- A test case for BUG#32111.
-
---- 1.6/mysql-test/t/symlink.test 2003-12-12 12:26:56 -08:00
-+++ 1.7/mysql-test/t/symlink.test 2007-11-06 06:09:32 -08:00
-@@ -112,3 +112,15 @@ eval alter table t1 index directory="$MY
- enable_query_log;
- show create table t1;
- drop table t1;
-+
-+#
-+# BUG#32111 - Security Breach via DATA/INDEX DIRECORY and RENAME TABLE
-+#
-+--replace_result $MYSQL_TEST_DIR TEST_DIR
-+eval CREATE TABLE t1(a INT)
-+DATA DIRECTORY='$MYSQL_TEST_DIR/var/master-data/mysql'
-+INDEX DIRECTORY='$MYSQL_TEST_DIR/var/master-data/mysql';
-+--replace_result $MYSQL_TEST_DIR TEST_DIR
-+--error 1
-+RENAME TABLE t1 TO user;
-+DROP TABLE t1;
-
-==== mysys/my_symlink2.c ====
-2007-11-06 18:09:32+04:00, svoj@mysql.com +10 -1
- Return an error when the file to which the symlink points exist.
-
---- 1.6/mysys/my_symlink2.c 2003-12-12 12:26:56 -08:00
-+++ 1.7/mysys/my_symlink2.c 2007-11-06 06:09:32 -08:00
-@@ -120,6 +120,7 @@ int my_rename_with_symlink(const char *f
- int was_symlink= (!my_disable_symlinks &&
- !my_readlink(link_name, from, MYF(0)));
- int result=0;
-+ int name_is_different;
- DBUG_ENTER("my_rename_with_symlink");
-
- if (!was_symlink)
-@@ -128,6 +129,14 @@ int my_rename_with_symlink(const char *f
- /* Change filename that symlink pointed to */
- strmov(tmp_name, to);
- fn_same(tmp_name,link_name,1); /* Copy dir */
-+ name_is_different= strcmp(link_name, tmp_name);
-+ if (name_is_different && !access(tmp_name, F_OK))
-+ {
-+ my_errno= EEXIST;
-+ if (MyFlags & MY_WME)
-+ my_error(EE_CANTCREATEFILE, MYF(0), tmp_name, EEXIST);
-+ DBUG_RETURN(1);
-+ }
-
- /* Create new symlink */
- if (my_symlink(tmp_name, to, MyFlags))
-@@ -139,7 +148,7 @@ int my_rename_with_symlink(const char *f
- the same basename and different directories.
- */
-
-- if (strcmp(link_name, tmp_name) && my_rename(link_name, tmp_name, MyFlags))
-+ if (name_is_different && my_rename(link_name, tmp_name, MyFlags))
- {
- int save_errno=my_errno;
- my_delete(to, MyFlags); /* Remove created symlink */
+++ /dev/null
-check process mysql with pidfile /var/lib/mysql/mysqldb/mysql.pid
- group database
- start program = "/etc/rc.d/init.d/mysql restart"
- stop program = "/etc/rc.d/init.d/mysql stop"
- if failed unix /var/lib/mysql/mysql.sock then restart
- if 5 restarts within 5 cycles then timeout
- depends on mysql_bin
- depends on mysql_rc
-
-check file mysql_bin with path /usr/sbin/mysqld
- group database
- if failed checksum then unmonitor
- if failed permission 755 then unmonitor
- if failed uid root then unmonitor
- if failed gid root then unmonitor
-
-check file mysql_rc with path /etc/rc.d/init.d/mysql
- group database
- if failed checksum then unmonitor
- if failed permission 754 then unmonitor
- if failed uid root then unmonitor
- if failed gid root then unmonitor
-
projects / packages / mysql.git / commitdiff