-
Notifications
You must be signed in to change notification settings - Fork 0
/
lib_mysqludf_secure_shell.cc
105 lines (87 loc) · 2.23 KB
/
lib_mysqludf_secure_shell.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/wait.h>
#include "mysql.h"
#include "mysql/udf_registration_types.h"
#if defined (__WIN32__)
#define SHELL "cmd.exe"
#define FLAG "/C"
#else
#define FLAG "-lc"
#ifdef SECURE_SHELL
#define SHELL "/usr/bin/rbash"
#else
#define SHELL "/usr/bin/bash"
#endif
#endif
#ifndef SECURE_SHELL
extern "C" bool sys_run_init(UDF_INIT *initid, UDF_ARGS *args,
char *message) {
if(args->arg_count == 2
&& args->arg_type[0]==STRING_RESULT
&& args->arg_type[1]==STRING_RESULT){
return false;
} else {
strcpy(
message
, "Expected exactly two string type parameters"
);
return true;
}
}
extern "C" unsigned long long sys_run(UDF_INIT *, UDF_ARGS *args,
unsigned char *is_null, unsigned char *) {
//use default shell
//return system(args->args[0]);
//use restricted shell
int child;
int fd[2];
pipe(fd);
if ( (child = fork() ) == -1){
return 1;
} else if( child == 0) {
dup2(fd[1], 1);
close(fd[0]);
execlp(args->args[0], args->args[1], NULL);
}
int status;
wait(&status);
return WEXITSTATUS(status);
}
#endif
extern "C" bool sys_shell_init(UDF_INIT *initid, UDF_ARGS *args,
char *message) {
unsigned int i=0;
if(args->arg_count == 1
&& args->arg_type[i]==STRING_RESULT){
return false;
} else {
strcpy(
message
, "Expected exactly one string type parameter"
);
return true;
}
}
extern "C" unsigned long long sys_shell(UDF_INIT *, UDF_ARGS *args,
unsigned char *is_null, unsigned char *) {
//use default shell
//return system(args->args[0]);
//use restricted shell
int child;
int fd[2];
pipe(fd);
if ( (child = fork() ) == -1){
return 1;
} else if( child == 0) {
dup2(fd[1], 1);
close(fd[0]);
execlp(SHELL, SHELL, FLAG, args->args[0], NULL);
}
int status;
wait(&status);
return WEXITSTATUS(status);
}