MDEV-36268 mariadb-dump used wrong quoting character

use ' not " and use quote_for_equal()
8 months ago · 6aa860be27
4 changed files with 55 additions and 8 deletions
--- a/client/mysqldump.c
+++ b/client/mysqldump.c
@ -2098,7 +2098,7 @@ static char *quote_for_equal(const char *name, char *buff)
      *to++='\\';
    }
    if (*name == '\'')
-      *to++= '\\';
+      *to++= '\'';
    *to++= *name++;
  }
  to[0]= '\'';
@ -3612,7 +3612,7 @@ static void dump_trigger_old(FILE *sql_file, MYSQL_RES *show_triggers_rs,

  fprintf(sql_file,
          "DELIMITER ;;\n"
-          "/*!50003 SET SESSION SQL_MODE=\"%s\" */;;\n"
+          "/*!50003 SET SESSION SQL_MODE='%s' */;;\n"
          "/*!50003 CREATE */ ",
          (*show_trigger_row)[6]);

@ -4578,17 +4578,19 @@ static int dump_all_users_roles_and_grants()
    return 1;
  while ((row= mysql_fetch_row(tableres)))
  {
+    char buf[200];
    if (opt_replace_into)
      /* Protection against removing the current import user */
      /* MySQL-8.0 export capability */
      fprintf(md_result_file,
        "DELIMITER |\n"
-        "/*M!100101 IF current_user()=\"%s\" THEN\n"
+        "/*M!100101 IF current_user()=%s THEN\n"
        "  SIGNAL SQLSTATE '45000' SET MYSQL_ERRNO=30001,"
        " MESSAGE_TEXT=\"Don't remove current user %s'\";\n"
        "END IF */|\n"
        "DELIMITER ;\n"
-        "/*!50701 DROP USER IF EXISTS %s */;\n", row[0], row[0], row[0]);
+        "/*!50701 DROP USER IF EXISTS %s */;\n",
+        quote_for_equal(row[0],buf), row[0], row[0]);
    if (dump_create_user(row[0]))
      result= 1;
    /* if roles exist, defer dumping grants until after roles created */
@ -6698,6 +6700,7 @@ static my_bool get_view_structure(char *table, char* db)
  char       *result_table, *opt_quoted_table;
  char       table_buff[NAME_LEN*2+3];
  char       table_buff2[NAME_LEN*2+3];
+  char       temp_buff[NAME_LEN*2 + 3], temp_buff2[NAME_LEN*2 + 3];
  char       query[QUERY_LENGTH];
  FILE       *sql_file= md_result_file;
  DBUG_ENTER("get_view_structure");
@ -6758,7 +6761,9 @@ static my_bool get_view_structure(char *table, char* db)
              "SELECT CHECK_OPTION, DEFINER, SECURITY_TYPE, "
              "       CHARACTER_SET_CLIENT, COLLATION_CONNECTION "
              "FROM information_schema.views "
-              "WHERE table_name=\"%s\" AND table_schema=\"%s\"", table, db);
+              "WHERE table_name=%s AND table_schema=%s",
+              quote_for_equal(table, temp_buff2),
+              quote_for_equal(db, temp_buff));

  if (mysql_query(mysql, query))
  {
--- a/mysql-test/main/mysqldump-system.result
+++ b/mysql-test/main/mysqldump-system.result
@ -176,21 +176,21 @@ UNLOCK TABLES;
 /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
 /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
 DELIMITER |
-/*M!100101 IF current_user()="'mariadb.sys'@'localhost'" THEN
+/*M!100101 IF current_user()='''mariadb.sys''@''localhost''' THEN
  SIGNAL SQLSTATE '45000' SET MYSQL_ERRNO=30001, MESSAGE_TEXT="Don't remove current user 'mariadb.sys'@'localhost''";
 END IF */|
 DELIMITER ;
 /*!50701 DROP USER IF EXISTS 'mariadb.sys'@'localhost' */;
 CREATE /*M!100103 OR REPLACE */ USER `mariadb.sys`@`localhost` PASSWORD EXPIRE;
 DELIMITER |
-/*M!100101 IF current_user()="'root'@'localhost'" THEN
+/*M!100101 IF current_user()='''root''@''localhost''' THEN
  SIGNAL SQLSTATE '45000' SET MYSQL_ERRNO=30001, MESSAGE_TEXT="Don't remove current user 'root'@'localhost''";
 END IF */|
 DELIMITER ;
 /*!50701 DROP USER IF EXISTS 'root'@'localhost' */;
 CREATE /*M!100103 OR REPLACE */ USER `root`@`localhost`;
 DELIMITER |
-/*M!100101 IF current_user()="'USER'@'%'" THEN
+/*M!100101 IF current_user()='''USER''@''%''' THEN
  SIGNAL SQLSTATE '45000' SET MYSQL_ERRNO=30001, MESSAGE_TEXT="Don't remove current user 'USER'@'%''";
 END IF */|
 DELIMITER ;
--- a/mysql-test/main/mysqldump.result
+++ b/mysql-test/main/mysqldump.result
@ -6590,4 +6590,37 @@ CREATE TABLE `t1` (
 /*!40101 SET character_set_client = @saved_cs_client */;
 ERROR at line 9: Not allowed in the sandbox mode
 drop table t1;
+#
+# MDEV-36268 mariadb-dump used wrong quoting character
+#
+create table t1 (a int);
+create view `v'1"2` as select * from t1 with check option;
+/*M!999999\- enable the sandbox mode */ 
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8mb4 */;
+CREATE TABLE `t1` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+/*!40101 SET character_set_client = @saved_cs_client */;
+SET @saved_cs_client     = @@character_set_client;
+SET character_set_client = utf8mb4;
+/*!50001 CREATE VIEW `v'1"2` AS SELECT
+ 1 AS `a` */;
+SET character_set_client = @saved_cs_client;
+/*!50001 DROP VIEW IF EXISTS `v'1"2`*/;
+/*!50001 SET @saved_cs_client          = @@character_set_client */;
+/*!50001 SET @saved_cs_results         = @@character_set_results */;
+/*!50001 SET @saved_col_connection     = @@collation_connection */;
+/*!50001 SET character_set_client      = utf8 */;
+/*!50001 SET character_set_results     = utf8 */;
+/*!50001 SET collation_connection      = utf8_general_ci */;
+/*!50001 CREATE ALGORITHM=UNDEFINED */
+/*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
+/*!50001 VIEW `v'1"2` AS select `t1`.`a` AS `a` from `t1` */
+/*!50002 WITH CASCADED CHECK OPTION */;
+/*!50001 SET character_set_client      = @saved_cs_client */;
+/*!50001 SET character_set_results     = @saved_cs_results */;
+/*!50001 SET collation_connection      = @saved_col_connection */;
+drop view `v'1"2`;
+drop table t1;
 # End of 10.5 tests
--- a/mysql-test/main/mysqldump.test
+++ b/mysql-test/main/mysqldump.test
@ -3023,4 +3023,13 @@ EOF
 --remove_file $MYSQLTEST_VARDIR/tmp/mdev33727.sql
 drop table t1;

+--echo #
+--echo # MDEV-36268 mariadb-dump used wrong quoting character
+--echo #
+create table t1 (a int);
+create view `v'1"2` as select * from t1 with check option; # "'
+--exec $MYSQL_DUMP --compact test
+drop view `v'1"2`; # "'
+drop table t1;
+
 --echo # End of 10.5 tests