two fixes for potential security bugs

9d48570c · unknown · 59abcd44 · 9d48570c · 9d48570c
Commit 9d48570c authored Dec 07, 2004 by unknown
Show whitespace changes
Inline Side-by-side

Showing with 12 additions and 10 deletions

sql/log.cc sql/log.cc +10 -8

sql/sql_class.cc sql/sql_class.cc +2 -2

No files found.
--- a/sql/log.cc
+++ b/sql/log.cc
@@ -1797,6 +1797,7 @@ bool flush_error_log()
    char err_renamed[FN_REFLEN], *end;
    end= strmake(err_renamed,log_error_file,FN_REFLEN-4);
    strmov(end, "-old");
+    VOID(pthread_mutex_lock(&LOCK_error_log));
 #ifdef __WIN__
    char err_temp[FN_REFLEN+4];
    /*
@@ -1817,7 +1818,7 @@ bool flush_error_log()
      if ((fd = my_open(err_temp, O_RDONLY, MYF(0))) >= 0)
      {
        while ((bytes = (int) my_read(fd, (byte*) buf, IO_SIZE, MYF(0))) > 0)
-             my_fwrite(stderr, (byte*) buf, (uint) strlen(buf),MYF(0));
+             my_fwrite(stderr, (byte*) buf, bytes, MYF(0));
        my_close(fd, MYF(0));
      }
      (void) my_delete(err_temp, MYF(0));
@@ -1831,6 +1832,7 @@ bool flush_error_log()
    else
      result= 1;
 #endif
+    VOID(pthread_mutex_unlock(&LOCK_error_log));
  }
   return result;
 }

--- a/sql/sql_class.cc
+++ b/sql/sql_class.cc
@@ -564,7 +564,7 @@ select_export::prepare(List<Item> &list)
    return 1;
  }
  /* Create the file world readable */
-  if ((file=my_create(path, 0666, O_WRONLY, MYF(MY_WME))) < 0)
+  if ((file=my_create(path, 0666, O_WRONLY|O_EXCL, MYF(MY_WME))) < 0)
    return 1;
 #ifdef HAVE_FCHMOD
  (void) fchmod(file,0666);			// Because of umask()
@@ -803,7 +803,7 @@ select_dump::prepare(List<Item> &list __attribute__((unused)))
    return 1;
  }
  /* Create the file world readable */
-  if ((file=my_create(path, 0666, O_WRONLY, MYF(MY_WME))) < 0)
+  if ((file=my_create(path, 0666, O_WRONLY|O_EXCL, MYF(MY_WME))) < 0)
    return 1;
 #ifdef HAVE_FCHMOD
  (void) fchmod(file,0666);			// Because of umask()