Bug #37805 sql_load.cc: incorrect file type detection
Submitted: 2 Jul 2008 12:08 Modified: 4 Aug 2008 7:47
Reporter: Sergey Vojtovich Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: General Severity:S3 (Non-critical)
Version:5.0+ OS:Any
Assigned to: CPU Architecture:Any

[2 Jul 2008 12:08] Sergey Vojtovich
Description:
There is a piece of code in sql_load.cc, which detects file type:
#if !defined(__WIN__) && ! defined(__NETWARE__)
      MY_STAT stat_info;
      if (!my_stat(name,&stat_info,MYF(MY_WME)))
        DBUG_RETURN(TRUE);

      // if we are not in slave thread, the file must be:
      if (!thd->slave_thread &&
          !((stat_info.st_mode & S_IROTH) == S_IROTH &&  // readable by others
            (stat_info.st_mode & S_IFLNK) != S_IFLNK && // and not a symlink
            ((stat_info.st_mode & S_IFREG) == S_IFREG ||
             (stat_info.st_mode & S_IFIFO) == S_IFIFO)))
      {
        my_error(ER_TEXTFILE_NOT_READABLE, MYF(0), name);
        DBUG_RETURN(TRUE);
      }
      if ((stat_info.st_mode & S_IFIFO) == S_IFIFO)
        is_fifo = 1;
#endif

The problem here is that logic like st_mode & S_IFLNK == S_IFLNK may give false positives. st_mode must be AND-ed with provided mask instead: st_mode & S_IFMT == S_IFLNK.

This is rather minor issue. At least on linux we are in luck: according to analysis of /usr/include/bits/stat.h we may never get false positives here.

How to repeat:
To be verified by code analysis.

Suggested fix:
Either use MY_S_IS*() macro to determine file type or at least copy it's logic, so mode is AND-ed with mask.