OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Michael van Elst
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 18-Mar-2003 12:32:50
Branch: OPENPKG_1_2_SOLID Handle: 2003031811324900
Modified files: (Branch: OPENPKG_1_2_SOLID)
openpkg-src/mysql mysql.patch mysql.spec
Log:
SA-2003.023 backported security fix from 3.23.56
Summary:
Revision Changes Path
1.3.4.2 +140 -27 openpkg-src/mysql/mysql.patch
1.49.2.1.2.3+1 -1 openpkg-src/mysql/mysql.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/mysql/mysql.patch
============================================================================
$ cvs diff -u -r1.3.4.1 -r1.3.4.2 mysql.patch
--- openpkg-src/mysql/mysql.patch 29 Jan 2003 11:44:54 -0000 1.3.4.1
+++ openpkg-src/mysql/mysql.patch 18 Mar 2003 11:32:49 -0000 1.3.4.2
@@ -1,5 +1,23 @@
---- sql/mini_client.cc Mon Aug 19 15:47:00 2002
-+++ sql/mini_client.cc Mon Aug 19 15:48:44 2002
+--- sql/sql_parse.cc.dist Tue Mar 18 12:05:56 2003
++++ sql/sql_parse.cc Tue Mar 18 12:05:57 2003
+@@ -794,6 +794,7 @@
+ char *save_user= thd->user;
+ char *save_priv_user= thd->priv_user;
+ char *save_db= thd->db;
++ thd->user=0;
+
+ if ((uint) ((uchar*) db - net->read_pos) > packet_length)
+ { // Check if protocol is ok
+@@ -803,7 +804,6 @@
+ if (check_user(thd, COM_CHANGE_USER, user, passwd, db, 0))
+ { // Restore old user
+ x_free(thd->user);
+- x_free(thd->db);
+ thd->master_access=save_master_access;
+ thd->db_access=save_db_access;
+ thd->db=save_db;
+--- sql/mini_client.cc.dist Thu Jan 16 13:37:46 2003
++++ sql/mini_client.cc Thu Jan 16 13:38:03 2003
@@ -318,7 +318,7 @@
*/
@@ -9,9 +27,9 @@
return(-1);
if (s_err)
---- sql/mysqld.cc Mon Aug 19 15:47:01 2002
-+++ sql/mysqld.cc Mon Aug 19 15:49:01 2002
-@@ -2407,7 +2407,7 @@
+--- sql/mysqld.cc.dist Thu Jan 16 13:35:14 2003
++++ sql/mysqld.cc Tue Mar 18 10:18:18 2003
+@@ -2475,7 +2475,7 @@
{
size_socket length=sizeof(struct sockaddr_in);
new_sock = accept(sock, my_reinterpret_cast(struct sockaddr *) (&cAddr),
@@ -20,7 +38,7 @@
if (new_sock != INVALID_SOCKET ||
(socket_errno != SOCKET_EINTR && socket_errno != SOCKET_EAGAIN))
break;
-@@ -2473,7 +2473,7 @@
+@@ -2541,7 +2541,7 @@
size_socket dummyLen;
struct sockaddr dummy;
dummyLen = sizeof(struct sockaddr);
@@ -29,8 +47,60 @@
{
sql_perror("Error on new connection socket");
(void) shutdown(new_sock,2);
---- scripts/mysql_install_db.sh Mon Dec 2 17:40:15 2002
-+++ scripts/mysql_install_db.sh Mon Dec 2 17:41:41 2002
+@@ -3633,7 +3633,10 @@
+ use_temp_pool=1;
+ break;
+ case 'u':
+- mysqld_user=optarg;
++ if (!mysqld_user)
++ mysqld_user=optarg;
++ else
++ fprintf(stderr, "Warning: Ignoring user change to '%s' because the user was
set to '%s' earlier on the command line\n", optarg, mysqld_user);
+ break;
+ case 'v':
+ case 'V':
+--- sql/ha_myisam.cc.dist Tue Mar 18 09:52:28 2003
++++ sql/ha_myisam.cc Tue Mar 18 09:54:38 2003
+@@ -427,7 +427,7 @@
+
+ if (my_copy(fn_format(src_path, table->path,"", reg_ext, 4),
+ dst_path,
+- MYF(MY_WME | MY_HOLD_ORIGINAL_MODES )))
++ MYF(MY_WME | MY_HOLD_ORIGINAL_MODES | MY_DONT_OVERWRITE_FILE)))
+ {
+ error = HA_ADMIN_FAILED;
+ errmsg = "Failed copying .frm file: errno = %d";
+@@ -443,7 +443,7 @@
+
+ if (my_copy(fn_format(src_path, table->path,"", MI_NAME_DEXT, 4),
+ dst_path,
+- MYF(MY_WME | MY_HOLD_ORIGINAL_MODES )) )
++ MYF(MY_WME | MY_HOLD_ORIGINAL_MODES | MY_DONT_OVERWRITE_FILE)) )
+ {
+ errmsg = "Failed copying .MYD file: errno = %d";
+ error= HA_ADMIN_FAILED;
+--- sql/ha_gemini.cc.dist Tue Mar 18 10:15:05 2003
++++ sql/ha_gemini.cc Tue Mar 18 10:14:47 2003
+@@ -2985,7 +2985,7 @@
+
+ if (my_copy(fn_format(src_path, table->path,"", reg_ext, 4),
+ dst_path,
+- MYF(MY_WME | MY_HOLD_ORIGINAL_MODES )))
++ MYF(MY_WME | MY_HOLD_ORIGINAL_MODES | MY_DONT_OVERWRITE_FILE)))
+ {
+ error = HA_ADMIN_FAILED;
+ errmsg = "Failed copying .frm file: errno = %d";
+@@ -3006,7 +3006,7 @@
+
+ if (my_copy(fn_format(src_path, table->path,"", ha_gemini_ext, 4),
+ dst_path,
+- MYF(MY_WME | MY_HOLD_ORIGINAL_MODES )) )
++ MYF(MY_WME | MY_HOLD_ORIGINAL_MODES | MY_DONT_OVERWRITE_FILE)) )
+ {
+ errmsg = "Failed copying .GMD file: errno = %d";
+ error= HA_ADMIN_FAILED;
+--- scripts/mysql_install_db.sh.dist Thu Jan 16 13:38:44 2003
++++ scripts/mysql_install_db.sh Thu Jan 16 13:38:52 2003
@@ -133,14 +133,13 @@
fi
fi
@@ -81,8 +151,8 @@
echo
fi
echo "Please report any problems with the @scriptdir@/mysqlbug script!"
---- mysys/default.c.dist Fri Jan 10 11:42:15 2003
-+++ mysys/default.c Fri Jan 10 11:42:31 2003
+--- mysys/default.c.dist Thu Jan 16 13:39:26 2003
++++ mysys/default.c Thu Jan 16 13:39:37 2003
@@ -48,7 +48,7 @@
#ifdef __WIN__
"C:/",
@@ -92,21 +162,64 @@
#endif
#ifdef DATADIR
DATADIR,
---- sql/sql_parse.cc Thu Dec 5 10:37:04 2002
-+++ sql/sql_parse.cc Wed Jan 29 12:24:05 2003
-@@ -794,6 +794,7 @@
- char *save_user= thd->user;
- char *save_priv_user= thd->priv_user;
- char *save_db= thd->db;
-+ thd->user=0;
+--- mysys/my_copy.c.dist Tue Mar 18 10:17:00 2003
++++ mysys/my_copy.c Tue Mar 18 10:17:20 2003
+@@ -32,17 +32,29 @@
+ #endif
- if ((uint) ((uchar*) db - net->read_pos) > packet_length)
- { // Check if protocol is ok
-@@ -803,7 +804,6 @@
- if (check_user(thd, COM_CHANGE_USER, user, passwd, db, 0))
- { // Restore old user
- x_free(thd->user);
-- x_free(thd->db);
- thd->master_access=save_master_access;
- thd->db_access=save_db_access;
- thd->db=save_db;
+
+- /*
+- Ordinary ownership and accesstimes are copied from 'from-file'
+- if MyFlags & MY_HOLD_ORIGINAL_MODES is set and to-file exists then
+- the modes of to-file isn't changed
+- Dont set MY_FNABP or MY_NABP bits on when calling this function !
+- */
++/*
++ int my_copy(const char *from, const char *to, myf MyFlags)
++
++ NOTES
++ Ordinary ownership and accesstimes are copied from 'from-file'
++ If MyFlags & MY_HOLD_ORIGINAL_MODES is set and to-file exists then
++ the modes of to-file isn't changed
++ If MyFlags & MY_DONT_OVERWRITE_FILE is set, we will give an error
++ if the file existed.
++
++ WARNING
++ Don't set MY_FNABP or MY_NABP bits on when calling this function !
++
++ RETURN
++ 0 ok
++ # Error
++
++*/
+
+ int my_copy(const char *from, const char *to, myf MyFlags)
+ {
+ uint Count;
+- int new_file_stat;
++ int new_file_stat, create_flag;
+ File from_file,to_file;
+ char buff[IO_SIZE];
+ struct stat stat_buff,new_stat_buff;
+@@ -63,8 +75,10 @@
+ }
+ if (MyFlags & MY_HOLD_ORIGINAL_MODES && !new_file_stat)
+ stat_buff=new_stat_buff;
++ create_flag= (MyFlags & MY_DONT_OVERWRITE_FILE) ? O_EXCL : O_TRUNC;
++
+ if ((to_file= my_create(to,(int) stat_buff.st_mode,
+- O_WRONLY | O_TRUNC | O_BINARY | O_SHARE,
++ O_WRONLY | create_flag | O_BINARY | O_SHARE,
+ MyFlags)) < 0)
+ goto err;
+
+--- include/my_sys.h.dist Tue Mar 18 10:16:16 2003
++++ include/my_sys.h Tue Mar 18 10:16:32 2003
+@@ -73,6 +73,7 @@
+ #define MY_FREE_ON_ERROR 128 /* my_realloc() ; Free old ptr on error */
+ #define MY_HOLD_ON_ERROR 256 /* my_realloc() ; Return old ptr on error */
+ #define MY_THREADSAFE 128 /* pread/pwrite: Don't allow interrupts */
++#define MY_DONT_OVERWRITE_FILE 1024 /* my_copy; Don't overwrite file */
+
+ #define MY_CHECK_ERROR 1 /* Params to my_end; Check open-close */
+ #define MY_GIVE_INFO 2 /* Give time info about process*/
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/mysql/mysql.spec
============================================================================
$ cvs diff -u -r1.49.2.1.2.2 -r1.49.2.1.2.3 mysql.spec
--- openpkg-src/mysql/mysql.spec 29 Jan 2003 11:44:54 -0000 1.49.2.1.2.2
+++ openpkg-src/mysql/mysql.spec 18 Mar 2003 11:32:49 -0000 1.49.2.1.2.3
@@ -37,7 +37,7 @@
Group: Database
License: GPL
Version: %{V_major}.%{V_minor}
-Release: 1.2.1
+Release: 1.2.2
# package options
%option with_berkeleydb yes
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
