Merge of fix for bug#11757855 from mysql-5.1 -> mysql-5.5.

15 years ago · 51721df03a
4 changed files with 28 additions and 5 deletions
--- a/cmake/os/WindowsCache.cmake
+++ b/cmake/os/WindowsCache.cmake
@ -101,6 +101,10 @@ SET(HAVE_IPV6_V6ONLY 1 CACHE  INTERNAL "")
 SET(HAVE_ISINF CACHE  INTERNAL "")
 SET(HAVE_ISNAN CACHE  INTERNAL "")
 SET(HAVE_ISSETUGID CACHE  INTERNAL "")
+SET(HAVE_GETUID CACHE  INTERNAL "")
+SET(HAVE_GETEUID CACHE  INTERNAL "")
+SET(HAVE_GETGID CACHE  INTERNAL "")
+SET(HAVE_GETEGID CACHE  INTERNAL "")
 SET(HAVE_LANGINFO_H CACHE  INTERNAL "")
 SET(HAVE_LDIV 1 CACHE  INTERNAL "")
 SET(HAVE_LIMITS_H 1 CACHE  INTERNAL "")
--- a/cmd-line-utils/libedit/el.c
+++ b/cmd-line-utils/libedit/el.c
@ -478,7 +478,13 @@ el_source(EditLine *el, const char *fname)

 	fp = NULL;
 	if (fname == NULL) {
-#ifdef HAVE_ISSETUGID
+/* XXXMYSQL: Bug#49967 */
+#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) && \
+    defined(HAVE_GETGID) && defined(HAVE_GETEGID)
+#define HAVE_IDENTITY_FUNCS 1
+#endif
+
+#if (defined(HAVE_ISSETUGID) || defined(HAVE_IDENTITY_FUNCS))
 		static const char elpath[] = "/.editrc";
 /* XXXMYSQL: Portability fix (for which platforms?) */
 #ifdef MAXPATHLEN
@ -486,9 +492,13 @@ el_source(EditLine *el, const char *fname)
 #else
 		char path[4096];
 #endif
-
+#ifdef HAVE_ISSETUGID
 		if (issetugid())
 			return (-1);
+#elif defined(HAVE_IDENTITY_FUNCS)
+                if (getuid() != geteuid() || getgid() != getegid())
+                  return (-1);
+#endif
 		if ((ptr = getenv("HOME")) == NULL)
 			return (-1);
 		if (strlcpy(path, ptr, sizeof(path)) >= sizeof(path))
@ -498,9 +508,10 @@ el_source(EditLine *el, const char *fname)
 		fname = path;
 #else
 		/*
-		 * If issetugid() is missing, always return an error, in order
-		 * to keep from inadvertently opening up the user to a security
-		 * hole.
+		 * If issetugid() or the above mentioned get[e][u|g]id()
+		 * functions are missing, always return an error, in order
+		 * to keep from inadvertently opening up the user to a
+		 * security hole.
 		 */
 		return (-1);
 #endif
--- a/config.h.cmake
+++ b/config.h.cmake
@ -174,6 +174,10 @@
 #cmakedefine gmtime_r @gmtime_r@
 #cmakedefine HAVE_INITGROUPS 1
 #cmakedefine HAVE_ISSETUGID 1
+#cmakedefine HAVE_GETUID 1
+#cmakedefine HAVE_GETEUID 1
+#cmakedefine HAVE_GETGID 1
+#cmakedefine HAVE_GETEGID 1
 #cmakedefine HAVE_ISNAN 1
 #cmakedefine HAVE_ISINF 1
 #cmakedefine HAVE_LARGE_PAGE_OPTION 1
--- a/configure.cmake
+++ b/configure.cmake
@ -362,6 +362,10 @@ CHECK_FUNCTION_EXISTS (getwd HAVE_GETWD)
 CHECK_FUNCTION_EXISTS (gmtime_r HAVE_GMTIME_R)
 CHECK_FUNCTION_EXISTS (initgroups HAVE_INITGROUPS)
 CHECK_FUNCTION_EXISTS (issetugid HAVE_ISSETUGID)
+CHECK_FUNCTION_EXISTS (getuid HAVE_GETUID)
+CHECK_FUNCTION_EXISTS (geteuid HAVE_GETEUID)
+CHECK_FUNCTION_EXISTS (getgid HAVE_GETGID)
+CHECK_FUNCTION_EXISTS (getegid HAVE_GETEGID)
 CHECK_FUNCTION_EXISTS (ldiv HAVE_LDIV)
 CHECK_FUNCTION_EXISTS (localtime_r HAVE_LOCALTIME_R)
 CHECK_FUNCTION_EXISTS (longjmp HAVE_LONGJMP)