Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-395

PR_SET_DUMPABLE set in unreachable code

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5.5.25
    • Fix Version/s: 5.5.27
    • Component/s: None
    • Labels:
      None
    • Environment:
      linux

      Description

      There has been a patch in MySQL 5.0.44 (see mysql bugs #21723 / #21361) that would enable core dumps on Linux even when setuid() was used on mysqld by setting "prctl(PR_SET_DUMPABLE, 1);"

      This is actually dead code though as it was placed behind the final error handling block in the check_user() function in sql/mysqld.cc, right after an unconditional unireg_abort() call. So this can never actually have worked.

      Proposed fix: call prctl() directly after changing the user id in set_user()/set_effective_user() instead. (this is actually the place where Deans patch from bug #21723 suggested to add the pcrtl() call, no idea why it was added in a completely different place instead ...)

        Attachments

          Activity

            People

            • Assignee:
              serg Sergei Golubchik
              Reporter:
              hholzgra Hartmut Holzgraefe
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: