[MDEV-23884] donor uses invalid SST methods - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5
Fix Version/s: 10.1.47, 10.2.34, 10.3.25, 10.4.15, 10.5.6
Component/s: Galera SST
Labels:
None

Description

during SST a joiner sends an sst method name to the donor. Donor then appends it to the "wsrep_sst_" string to get the name of the sst script to use, e.g. wsrep_sst_rsync. There is no validation or filtering here, so if the malicious joiner sends, for example, "rsync `rm -rf /`" the donor will execute that too.

Attachments

Issue Links

relates to

MDEV-31470 When set at runtime, wsrep_sst_method accepts any value

Closed

Activity

People

Assignee:: Sergei Golubchik

Reporter:: Sergei Golubchik

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2020-10-03 17:52

Updated:: 2023-10-18 07:20

Resolved:: 2020-10-07 16:49

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.