From da6538b6cb28fb602bf56ca46132838dbc088e7f Mon Sep 17 00:00:00 2001
From: Ashish Agarwal <ashish.y.agarwal@oracle.com>
Date: Thu, 7 Mar 2013 12:12:58 +0530
Subject: [PATCH] Bug#16169063: SECURITY CONCERN BECAUSE OF INSUFFICIENT
 LOGGING

PROBLEM: If multiple statements are sent by a single
         request then only the last statement was
         getting logged. An attacker can bypass the
         audit log just by sending two comsecutive
         statements in one request.

SOLUTION: Each statements from a single request are
          logged.
---
 sql/sql_parse.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 534c4cee4c7..ef3454ec9c9 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -1048,6 +1048,11 @@ bool dispatch_command(enum enum_server_command command, THD *thd,
       thd->update_server_status();
       thd->protocol->end_statement();
       query_cache_end_of_result(thd);
+
+      mysql_audit_general(thd, MYSQL_AUDIT_GENERAL_STATUS,
+                          thd->stmt_da->is_error() ? thd->stmt_da->sql_errno()
+                          : 0, command_name[command].str);
+
       ulong length= (ulong)(packet_end - beginning_of_next_stmt);
 
       log_slow_statement(thd);