diff --git a/mysql-test/suite/sys_vars/r/secure_file_priv.result b/mysql-test/suite/sys_vars/r/secure_file_priv.result new file mode 100644 index 00000000000..eeeb9a58c0f --- /dev/null +++ b/mysql-test/suite/sys_vars/r/secure_file_priv.result @@ -0,0 +1,22 @@ +# +# Bug50373 --secure-file-priv="" +# +CREATE TABLE t1 (c1 VARCHAR(50)); +INSERT INTO t1 VALUES ("one"),("two"),("three"),("four"),("five"); +SHOW VARIABLES LIKE 'secure_file_priv'; +Variable_name Value +secure_file_priv +c1 +one +two +three +four +five +loaded_file +one +two +three +four +five + +DROP TABLE t1; diff --git a/mysql-test/suite/sys_vars/t/secure_file_priv-master.opt b/mysql-test/suite/sys_vars/t/secure_file_priv-master.opt new file mode 100644 index 00000000000..b41d9b04b96 --- /dev/null +++ b/mysql-test/suite/sys_vars/t/secure_file_priv-master.opt @@ -0,0 +1 @@ +--secure_file_priv='' diff --git a/mysql-test/suite/sys_vars/t/secure_file_priv.test b/mysql-test/suite/sys_vars/t/secure_file_priv.test new file mode 100644 index 00000000000..7a534e7d6e4 --- /dev/null +++ b/mysql-test/suite/sys_vars/t/secure_file_priv.test @@ -0,0 +1,21 @@ +--echo # +--echo # Bug50373 --secure-file-priv="" +--echo # +CREATE TABLE t1 (c1 VARCHAR(50)); +INSERT INTO t1 VALUES ("one"),("two"),("three"),("four"),("five"); +SHOW VARIABLES LIKE 'secure_file_priv'; +--disable_query_log +# Atempt to create a file where we normally aren't allowed to create one. +# Doing this in a portable manner is difficult but we should be able to +# count on the depth of the directory hierarchy used. Three steps up from +# the datadir is the 'mysql_test' directory. +--let $PROTECTED_FILE=`SELECT concat(@@datadir,'/../../../bug50373.txt')`; +--eval SELECT * FROM t1 INTO OUTFILE '$PROTECTED_FILE'; +DELETE FROM t1; +--eval LOAD DATA INFILE '$PROTECTED_FILE' INTO TABLE t1; +SELECT * FROM t1; +--eval SELECT load_file('$PROTECTED_FILE') AS loaded_file; +--enable_query_log +remove_file $PROTECTED_FILE; +DROP TABLE t1; + diff --git a/sql/mysqld.cc b/sql/mysqld.cc index a483b9e2381..9b66bdbcdf5 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -8818,10 +8818,25 @@ static int fix_paths(void) */ if (opt_secure_file_priv) { - convert_dirname(buff, opt_secure_file_priv, NullS); - my_free(opt_secure_file_priv, MYF(0)); - opt_secure_file_priv= my_strdup(buff, MYF(MY_FAE)); + if (*opt_secure_file_priv == 0) + { + opt_secure_file_priv= 0; + } + else + { + convert_dirname(buff, opt_secure_file_priv, NullS); + char *secure_file_real_path= (char *)my_malloc(FN_REFLEN, MYF(MY_FAE)); + if (secure_file_real_path == 0 || + my_realpath(secure_file_real_path, opt_secure_file_priv, 0)) + { + sql_print_warning("Failed to normalize the argument for --secure-file-priv."); + return 1; + } + my_free(opt_secure_file_priv, MYF(0)); + opt_secure_file_priv= secure_file_real_path; + } } + return 0; } diff --git a/sql/sql_load.cc b/sql/sql_load.cc index ee3b442c83a..869a52325ea 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -350,9 +350,7 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, } else if (opt_secure_file_priv) { - char secure_file_real_path[FN_REFLEN]; - (void) my_realpath(secure_file_real_path, opt_secure_file_priv, 0); - if (strncmp(secure_file_real_path, name, strlen(secure_file_real_path))) + if (strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv))) { /* Read only allowed from within dir specified by secure_file_priv */ my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--secure-file-priv");