Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-395

PR_SET_DUMPABLE set in unreachable code

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Minor
    • Resolution: Fixed
    • 5.5.25
    • 5.5.27
    • None
    • None
    • linux

    Description

      There has been a patch in MySQL 5.0.44 (see mysql bugs #21723 / #21361) that would enable core dumps on Linux even when setuid() was used on mysqld by setting "prctl(PR_SET_DUMPABLE, 1);"

      This is actually dead code though as it was placed behind the final error handling block in the check_user() function in sql/mysqld.cc, right after an unconditional unireg_abort() call. So this can never actually have worked.

      Proposed fix: call prctl() directly after changing the user id in set_user()/set_effective_user() instead. (this is actually the place where Deans patch from bug #21723 suggested to add the pcrtl() call, no idea why it was added in a completely different place instead ...)

      Attachments

        1. patch-prctl.txt
          1 kB
          Hartmut Holzgraefe

        Activity

          People

            serg Sergei Golubchik
            hholzgra Hartmut Holzgraefe
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.