diff options
Diffstat (limited to 'meta-oe/recipes-support/mysql/mariadb/CVE-2016-6664_p3.patch')
-rw-r--r-- | meta-oe/recipes-support/mysql/mariadb/CVE-2016-6664_p3.patch | 430 |
1 files changed, 430 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/mysql/mariadb/CVE-2016-6664_p3.patch b/meta-oe/recipes-support/mysql/mariadb/CVE-2016-6664_p3.patch new file mode 100644 index 0000000000..5cfea7a2be --- /dev/null +++ b/meta-oe/recipes-support/mysql/mariadb/CVE-2016-6664_p3.patch @@ -0,0 +1,430 @@ +From e90cb0acd45bf58d36abf78d01d60ed597982835 Mon Sep 17 00:00:00 2001 +From: Sergei Golubchik <serg@mariadb.org> +Date: Tue, 20 Dec 2016 21:16:23 +0100 +Subject: [PATCH 3/3] Numerous issues in mysqld_safe + +Upstream-Status: Backport + +CVE: CVE-2016-6664 patch#3 + +Signed-off-by: Sunil Kumar <sukumar@mvista.com> +--- + .gitignore | 1 + + debian/dist/Debian/mariadb-server-5.5.files.in | 1 + + debian/dist/Ubuntu/mariadb-server-5.5.files.in | 1 + + extra/CMakeLists.txt | 3 + + extra/mysqld_safe_helper.c | 77 ++++++++++++++++++ + scripts/mysqld_safe.sh | 107 ++++++++++--------------- + support-files/mysql.server.sh | 8 +- + 7 files changed, 128 insertions(+), 70 deletions(-) + create mode 100644 extra/mysqld_safe_helper.c + +diff --git a/.gitignore b/.gitignore +index c3d50ee335b..9229a6345fc 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -49,6 +49,7 @@ extra/jemalloc/build/ + extra/jemalloc/tmp/ + extra/my_print_defaults + extra/mysql_waitpid ++extra/mysqld_safe_helper + extra/perror + extra/replace + extra/resolve_stack_dump +diff --git a/debian/dist/Debian/mariadb-server-5.5.files.in b/debian/dist/Debian/mariadb-server-5.5.files.in +index c1ea58740e4..47a9887b075 100644 +--- a/debian/dist/Debian/mariadb-server-5.5.files.in ++++ b/debian/dist/Debian/mariadb-server-5.5.files.in +@@ -32,6 +32,7 @@ usr/bin/mysql_zap + usr/bin/mysqlbinlog + usr/bin/mysqld_multi + usr/bin/mysqld_safe ++usr/bin/mysqld_safe_helper + usr/bin/mysqlhotcopy + usr/bin/perror + usr/bin/replace +diff --git a/debian/dist/Ubuntu/mariadb-server-5.5.files.in b/debian/dist/Ubuntu/mariadb-server-5.5.files.in +index 7f75ccc2303..5182dd76346 100644 +--- a/debian/dist/Ubuntu/mariadb-server-5.5.files.in ++++ b/debian/dist/Ubuntu/mariadb-server-5.5.files.in +@@ -34,6 +34,7 @@ usr/bin/mysql_zap + usr/bin/mysqlbinlog + usr/bin/mysqld_multi + usr/bin/mysqld_safe ++usr/bin/mysqld_safe_helper + usr/bin/mysqlhotcopy + usr/bin/perror + usr/bin/replace +diff --git a/extra/CMakeLists.txt b/extra/CMakeLists.txt +index f8f71b00743..7f47f878110 100644 +--- a/extra/CMakeLists.txt ++++ b/extra/CMakeLists.txt +@@ -82,4 +82,7 @@ IF(UNIX) + + MYSQL_ADD_EXECUTABLE(mysql_waitpid mysql_waitpid.c COMPONENT Client) + TARGET_LINK_LIBRARIES(mysql_waitpid mysys) ++ ++ MYSQL_ADD_EXECUTABLE(mysqld_safe_helper mysqld_safe_helper.c COMPONENT Server) ++ TARGET_LINK_LIBRARIES(mysqld_safe_helper mysys) + ENDIF() +diff --git a/extra/mysqld_safe_helper.c b/extra/mysqld_safe_helper.c +new file mode 100644 +index 00000000000..09e507c6e1c +--- /dev/null ++++ b/extra/mysqld_safe_helper.c +@@ -0,0 +1,77 @@ ++#include <my_global.h> ++#include <m_string.h> ++#include <my_sys.h> ++#include <my_pthread.h> ++#ifdef HAVE_PWD_H ++#include <pwd.h> ++#endif ++#include <stdlib.h> ++#include <stdio.h> ++ ++void my_exit(int c) ++{ ++ my_end(0); ++ exit(c); ++} ++ ++void do_usage() ++{ ++ printf("Usage:\n" ++ " %s <user> log <filename>\n" ++ " %s <user> exec <command> <args>\n", ++ my_progname, my_progname); ++ my_exit(1); ++} ++ ++void do_log(const char *logfile) ++{ ++ FILE *f; ++ uchar buf[4096]; ++ int size; ++ ++ if (!logfile) ++ do_usage(); ++ ++ f= my_fopen(logfile, O_WRONLY|O_APPEND|O_CREAT, MYF(MY_WME)); ++ if (!f) ++ my_exit(1); ++ ++ while ((size= my_fread(stdin, buf, sizeof(buf), MYF(MY_WME))) > 0) ++ if ((int)my_fwrite(f, buf, size, MYF(MY_WME)) != size) ++ my_exit(1); ++ ++ my_fclose(f, MYF(0)); ++ my_exit(0); ++} ++ ++void do_exec(char *args[]) ++{ ++ if (!args[0]) ++ do_usage(); ++ ++ my_end(0); ++ execvp(args[0], args); ++} ++ ++int main(int argc, char *argv[]) ++{ ++ struct passwd *user_info; ++ MY_INIT(argv[0]); ++ ++ if (argc < 3) ++ do_usage(argv[0]); ++ ++ user_info= my_check_user(argv[1], MYF(0)); ++ if (user_info ? my_set_user(argv[1], user_info, MYF(MY_WME)) ++ : my_errno == EINVAL) ++ my_exit(1); ++ ++ if (strcmp(argv[2], "log") == 0) ++ do_log(argv[3]); ++ ++ if (strcmp(argv[2], "exec") == 0) ++ do_exec(argv+3); ++ ++ my_end(0); ++ return 1; ++} +diff --git a/scripts/mysqld_safe.sh b/scripts/mysqld_safe.sh +index 7cadce725d1..059263fad51 100644 +--- a/scripts/mysqld_safe.sh ++++ b/scripts/mysqld_safe.sh +@@ -20,6 +20,7 @@ mysqld_ld_preload= + mysqld_ld_library_path= + flush_caches=0 + numa_interleave=0 ++unsafe_my_cnf=0 + + # Initial logging status: error log is not open, and not using syslog + logging=init +@@ -128,6 +129,18 @@ my_which () + return $ret # Success + } + ++find_in_bin() { ++ if test -x "$MY_BASEDIR_VERSION/bin/$1" ++ then ++ echo "$MY_BASEDIR_VERSION/bin/$1" ++ elif test -x "@bindir@/$1" ++ then ++ echo "@bindir@/$1" ++ else ++ echo "$1" ++ fi ++} ++ + log_generic () { + priority="$1" + shift +@@ -136,7 +149,7 @@ log_generic () { + echo "$msg" + case $logging in + init) ;; # Just echo the message, don't save it anywhere +- file) echo "$msg" >> "$err_log" ;; ++ file) echo "$msg" | "$helper" "$user" log "$err_log" ;; + syslog) logger -t "$syslog_tag_mysqld_safe" -p "$priority" "$*" ;; + *) + echo "Internal program error (non-fatal):" \ +@@ -156,7 +169,7 @@ log_notice () { + eval_log_error () { + cmd="$1" + case $logging in +- file) cmd="$cmd >> "`shell_quote_string "$err_log"`" 2>&1" ;; ++ file) cmd="$cmd 2>&1 | "`shell_quote_string "$helper"`" $user log "`shell_quote_string "$err_log"` ;; + syslog) + # mysqld often prefixes its messages with a timestamp, which is + # redundant when logging to syslog (which adds its own timestamp) +@@ -190,6 +203,13 @@ shell_quote_string() { + echo "$1" | sed -e 's,\([^a-zA-Z0-9/_.=-]\),\\\1,g' + } + ++check_executable_location() { ++ if test "$unsafe_my_cnf" = 1 -a "$unrecognized_handling" != collect; then ++ log_error "Cannot accept $1 from a config file, when my.cnf is in the datadir" ++ exit 1 ++ fi ++} ++ + parse_arguments() { + for arg do + # the parameter after "=", or the whole $arg if no match +@@ -200,7 +220,6 @@ parse_arguments() { + optname_subst=`echo "$optname" | sed 's/_/-/g'` + arg=`echo $arg | sed "s/^$optname/$optname_subst/"` + case "$arg" in +- --crash-script=*) CRASH_SCRIPT="$val" ;; + # these get passed explicitly to mysqld + --basedir=*) MY_BASEDIR_VERSION="$val" ;; + --datadir=*|--data=*) DATADIR="$val" ;; +@@ -220,12 +239,14 @@ parse_arguments() { + + # mysqld_safe-specific options - must be set in my.cnf ([mysqld_safe])! + --core-file-size=*) core_file_size="$val" ;; +- --ledir=*) ledir="$val" ;; +- --malloc-lib=*) set_malloc_lib "$val" ;; +- --mysqld=*) MYSQLD="$val" ;; ++ --ledir=*) check_executable_location "$arg" ; ledir="$val" ;; ++ --malloc-lib=*) check_executable_location "$arg"; set_malloc_lib "$val" ;; ++ --crash-script=*) check_executable_location "$arg"; crash_script="$val" ;; ++ --mysqld=*) check_executable_location "$arg"; MYSQLD="$val" ;; + --mysqld-version=*) + if test -n "$val" + then ++ check_executable_location "$arg" + MYSQLD="mysqld-$val" + PLUGIN_VARIANT="/$val" + else +@@ -385,15 +406,8 @@ set_malloc_lib() { + # First, try to find BASEDIR and ledir (where mysqld is) + # + +-if echo '@pkgdatadir@' | grep '^@prefix@' > /dev/null +-then +- relpkgdata=`echo '@pkgdatadir@' | sed -e 's,^@prefix@,,' -e 's,^/,,' -e 's,^,./,'` +-else +- # pkgdatadir is not relative to prefix +- relpkgdata='@pkgdatadir@' +-fi +- +-MY_PWD=`pwd` ++MY_PWD=`dirname $0` ++MY_PWD=`cd "$MY_PWD"/.. && pwd` + # Check for the directories we would expect from a binary release install + if test -n "$MY_BASEDIR_VERSION" -a -d "$MY_BASEDIR_VERSION" + then +@@ -409,16 +423,16 @@ then + else + ledir="$MY_BASEDIR_VERSION/bin" + fi +-elif test -f "$relpkgdata"/english/errmsg.sys -a -x "$MY_PWD/bin/mysqld" ++elif test -x "$MY_PWD/bin/mysqld" + then + MY_BASEDIR_VERSION="$MY_PWD" # Where bin, share and data are + ledir="$MY_PWD/bin" # Where mysqld is + # Check for the directories we would expect from a source install +-elif test -f "$relpkgdata"/english/errmsg.sys -a -x "$MY_PWD/libexec/mysqld" ++elif test -x "$MY_PWD/libexec/mysqld" + then + MY_BASEDIR_VERSION="$MY_PWD" # Where libexec, share and var are + ledir="$MY_PWD/libexec" # Where mysqld is +-elif test -f "$relpkgdata"/english/errmsg.sys -a -x "$MY_PWD/sbin/mysqld" ++elif test -x "$MY_PWD/sbin/mysqld" + then + MY_BASEDIR_VERSION="$MY_PWD" # Where sbin, share and var are + ledir="$MY_PWD/sbin" # Where mysqld is +@@ -428,6 +442,8 @@ else + ledir='@libexecdir@' + fi + ++helper=`find_in_bin mysqld_safe_helper` ++print_defaults=`find_in_bin my_print_defaults` + + # + # Second, try to find the data directory +@@ -465,6 +481,7 @@ IGNORING $DATADIR/my.cnf" + log_error "WARNING: Found $DATADIR/my.cnf + The data directory is a deprecated location for my.cnf, please move it to + $MY_BASEDIR_VERSION/my.cnf" ++ unsafe_my_cnf=1 + MYSQL_HOME=$DATADIR + else + MYSQL_HOME=$MY_BASEDIR_VERSION +@@ -472,34 +489,15 @@ $MY_BASEDIR_VERSION/my.cnf" + fi + export MYSQL_HOME + +- +-# Get first arguments from the my.cnf file, groups [mysqld] and [mysqld_safe] +-# and then merge with the command line arguments +-if test -x "$MY_BASEDIR_VERSION/bin/my_print_defaults" +-then +- print_defaults="$MY_BASEDIR_VERSION/bin/my_print_defaults" +-elif test -x `dirname $0`/my_print_defaults +-then +- print_defaults="`dirname $0`/my_print_defaults" +-elif test -x ./bin/my_print_defaults +-then +- print_defaults="./bin/my_print_defaults" +-elif test -x @bindir@/my_print_defaults +-then +- print_defaults="@bindir@/my_print_defaults" +-elif test -x @bindir@/mysql_print_defaults +-then +- print_defaults="@bindir@/mysql_print_defaults" +-else +- print_defaults="my_print_defaults" +-fi +- + append_arg_to_args () { + args="$args "`shell_quote_string "$1"` + } + + args= + ++# Get first arguments from the my.cnf file, groups [mysqld] and [mysqld_safe] ++# and then merge with the command line arguments ++ + SET_USER=2 + parse_arguments `$print_defaults $defaults --loose-verbose --mysqld` + if test $SET_USER -eq 2 +@@ -603,11 +601,6 @@ then + log_notice "Logging to '$err_log'." + logging=file + +- if [ ! -f "$err_log" ]; then # if error log already exists, +- touch "$err_log" # we just append. otherwise, +- chmod "$fmode" "$err_log" # fix the permissions here! +- fi +- + else + if [ -n "$syslog_tag" ] + then +@@ -620,10 +613,6 @@ else + logging=syslog + fi + +-# close stdout and stderr, everything goes to $logging now +-exec 1>&- +-exec 2>&- +- + USER_OPTION="" + if test -w / -o "$USER" = "root" + then +@@ -631,11 +620,6 @@ then + then + USER_OPTION="--user=$user" + fi +- # Change the err log to the right user, if it is in use +- if [ $want_syslog -eq 0 ]; then +- touch "$err_log" +- chown $user "$err_log" +- fi + if test -n "$open_files" + then + ulimit -n $open_files +@@ -879,6 +863,10 @@ max_fast_restarts=5 + # flag whether a usable sleep command exists + have_sleep=1 + ++# close stdout and stderr, everything goes to $logging now ++exec 1>&- ++exec 2>&- ++ + while true + do + rm -f "$pid_file" # Some extra safety +@@ -886,13 +874,6 @@ do + start_time=`date +%M%S` + + eval_log_error "$cmd" +- +- if [ $want_syslog -eq 0 -a ! -f "$err_log" ]; then +- touch "$err_log" # hypothetical: log was renamed but not +- chown $user "$err_log" # flushed yet. we'd recreate it with +- chmod "$fmode" "$err_log" # wrong owner next time we log, so set +- fi # it up correctly while we can! +- + end_time=`date +%M%S` + + if test ! -f "$pid_file" # This is removed if normal shutdown +@@ -956,9 +937,9 @@ do + done + fi + log_notice "mysqld restarted" +- if test -n "$CRASH_SCRIPT" ++ if test -n "$crash_script" + then +- crash_script_output=`$CRASH_SCRIPT 2>&1` ++ crash_script_output=`$crash_script 2>&1` + log_error "$crash_script_output" + fi + done +diff --git a/support-files/mysql.server.sh b/support-files/mysql.server.sh +index 8fb217e4136..c77d3a26168 100644 +--- a/support-files/mysql.server.sh ++++ b/support-files/mysql.server.sh +@@ -157,15 +157,9 @@ parse_server_arguments() { + + # Get arguments from the my.cnf file, + # the only group, which is read from now on is [mysqld] +-if test -x ./bin/my_print_defaults +-then +- print_defaults="./bin/my_print_defaults" +-elif test -x $bindir/my_print_defaults ++if test -x $bindir/my_print_defaults + then + print_defaults="$bindir/my_print_defaults" +-elif test -x $bindir/mysql_print_defaults +-then +- print_defaults="$bindir/mysql_print_defaults" + else + # Try to find basedir in /etc/my.cnf + conf=/etc/my.cnf +-- +2.11.1 + |