File: mysqldump_debug_bugs.test

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (30 lines) | stat: -rw-r--r-- 914 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
--source include/mysql_have_debug.inc

--echo #
--echo # Bug#36248967: Security issue in mysqldump (mysql dump utility)
--echo #

let $grep_file=$MYSQLTEST_VARDIR/tmp/bug36248967.sql;
let $grep_output=boolean;

CREATE DATABASE test_bug36248967;

--echo -- Run mysqldump with payload injected to server version.
--echo A warning must be issued.
--exec $MYSQL_DUMP --debug="d,server_version_injection_test" --result-file=$grep_file test_bug36248967 2>&1

--echo The test version must be found:
let $grep_pattern=8.0.0-injection_test;
--source include/grep_pattern.inc

--echo The test injected string must not be found:
let $grep_pattern=\\! touch /tmp/xxx;
--source include/grep_pattern.inc

--echo -- Run mysqldump with correct server version.
--exec $MYSQL_DUMP --result-file=$grep_file test_bug36248967 2>&1
--echo A warning must not be issued.

#Cleanup
--remove_file $grep_file
DROP DATABASE test_bug36248967;