From: "Léo Le Bouter via Bug reports for GNU Guix" <bug-guix@gnu.org>
To: 47257@debbugs.gnu.org
Cc: "Léo Le Bouter" <lle-bout@zaclys.net>
Subject: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928.
Date: Thu, 25 Mar 2021 13:39:21 +0100 [thread overview]
Message-ID: <20210325123921.9800-1-lle-bout@zaclys.net> (raw)
In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net>
* gnu/packages/patches/mariadb-CVE-2021-27928.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/databases.scm (mariadb/fixed): New variable. Apply patch.
(mariadb)[replacement]: Graft.
---
gnu/local.mk | 1 +
gnu/packages/databases.scm | 8 +
.../patches/mariadb-CVE-2021-27928.patch | 642 ++++++++++++++++++
3 files changed, 651 insertions(+)
create mode 100644 gnu/packages/patches/mariadb-CVE-2021-27928.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 14d228cfa4..40956598db 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1380,6 +1380,7 @@ dist_patch_DATA = \
%D%/packages/patches/lvm2-static-link.patch \
%D%/packages/patches/mailutils-fix-uninitialized-variable.patch \
%D%/packages/patches/make-impure-dirs.patch \
+ %D%/packages/patches/mariadb-CVE-2021-27928.patch \
%D%/packages/patches/mars-install.patch \
%D%/packages/patches/mars-sfml-2.3.patch \
%D%/packages/patches/maxima-defsystem-mkdir.patch \
diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 83b6a13892..20069f9383 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -734,6 +734,7 @@ Language.")
(append (find-files "extra/wolfssl")
(find-files "zlib")))
#t))))
+ (replacement mariadb/fixed)
(build-system cmake-build-system)
(outputs '("out" "lib" "dev"))
(arguments
@@ -969,6 +970,13 @@ Language.")
as a drop-in replacement of MySQL.")
(license license:gpl2)))
+(define mariadb/fixed
+ (package
+ (inherit mariadb)
+ (source (origin
+ (inherit (package-source mariadb))
+ (patches (search-patches "mariadb-CVE-2021-27928.patch"))))))
+
(define-public mariadb-connector-c
(package
(name "mariadb-connector-c")
diff --git a/gnu/packages/patches/mariadb-CVE-2021-27928.patch b/gnu/packages/patches/mariadb-CVE-2021-27928.patch
new file mode 100644
index 0000000000..39a023c159
--- /dev/null
+++ b/gnu/packages/patches/mariadb-CVE-2021-27928.patch
@@ -0,0 +1,642 @@
+From 7580701e6279900fec40822952a3b874732289cf Mon Sep 17 00:00:00 2001
+From: Sergei Golubchik <serg@mariadb.org>
+Date: Thu, 18 Feb 2021 14:20:48 +0100
+Subject: [PATCH] make @@wsrep_provider and @@wsrep_notify_cmd read-only
+
+this should simplify run-time cluster management
+---
+ mysql-test/suite/galera/disabled.def | 2 +
+ .../galera/include/galera_load_provider.inc | 19 --------
+ .../galera/include/galera_unload_provider.inc | 3 +-
+ .../suite/galera/r/galera_ist_rsync.result | 2 +-
+ .../galera/r/galera_sst_mysqldump.result | 2 +-
+ .../suite/galera/r/mysql-wsrep#33.result | 2 +-
+ .../suite/sys_vars/r/sysvars_wsrep.result | 4 +-
+ .../sys_vars/r/wsrep_notify_cmd_basic.result | 47 -------------------
+ .../sys_vars/r/wsrep_provider_basic.result | 40 ----------------
+ .../r/wsrep_provider_options_basic.result | 46 ------------------
+ .../sys_vars/t/wsrep_notify_cmd_basic.test | 43 -----------------
+ .../sys_vars/t/wsrep_provider_basic.test | 39 ---------------
+ .../t/wsrep_provider_options_basic.test | 41 ----------------
+ mysql-test/suite/wsrep/disabled.def | 2 +
+ mysql-test/suite/wsrep/r/variables.result | 12 ++---
+ mysql-test/suite/wsrep/t/variables.test | 32 +++----------
+ sql/sys_vars.cc | 8 ++--
+ 17 files changed, 25 insertions(+), 319 deletions(-)
+ delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result
+ delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_basic.result
+ delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result
+ delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test
+ delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_basic.test
+ delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test
+
+diff --git a/mysql-test/suite/galera/disabled.def b/mysql-test/suite/galera/disabled.def
+index d940c702d54..83f26e81636 100644
+--- a/mysql-test/suite/galera/disabled.def
++++ b/mysql-test/suite/galera/disabled.def
+@@ -49,3 +49,5 @@ partition : MDEV-19958 Galera test failure on galera.partition
+ query_cache: MDEV-15805 Test failure on galera.query_cache
+ sql_log_bin : MDEV-21491 galera.sql_log_bin
+ versioning_trx_id : MDEV-18590 galera.versioning_trx_id
++galera_wsrep_provider_unset_set: wsrep_provider is read-only for security reasons
++pxc-421: wsrep_provider is read-only for security reasons
+diff --git a/mysql-test/suite/galera/include/galera_load_provider.inc b/mysql-test/suite/galera/include/galera_load_provider.inc
+index 0f843597d9c..28010cc5b71 100644
+--- a/mysql-test/suite/galera/include/galera_load_provider.inc
++++ b/mysql-test/suite/galera/include/galera_load_provider.inc
+@@ -1,25 +1,6 @@
+ --echo Loading wsrep provider ...
+
+ --disable_query_log
+---eval SET GLOBAL wsrep_provider = '$wsrep_provider_orig';
+-
+-#
+-# count occurences of successful node starts in error log
+-#
+-perl;
+- use strict;
+- my $test_log=$ENV{'LOG_FILE'} or die "LOG_FILE not set";
+- my $test_log_copy=$test_log . '.copy';
+- if (-e $test_log_copy) {
+- unlink $test_log_copy;
+- }
+-
+-EOF
+---copy_file $LOG_FILE $LOG_FILE.copy
+-
+-#
+-# now join to the cluster
+-#
+ --eval SET GLOBAL wsrep_cluster_address = '$wsrep_cluster_address_orig';
+
+ --enable_query_log
+diff --git a/mysql-test/suite/galera/include/galera_unload_provider.inc b/mysql-test/suite/galera/include/galera_unload_provider.inc
+index cd841f51fbc..ed7e9bc41f0 100644
+--- a/mysql-test/suite/galera/include/galera_unload_provider.inc
++++ b/mysql-test/suite/galera/include/galera_unload_provider.inc
+@@ -1,7 +1,6 @@
+ --echo Unloading wsrep provider ...
+
+ --let $wsrep_cluster_address_orig = `SELECT @@wsrep_cluster_address`
+---let $wsrep_provider_orig = `SELECT @@wsrep_provider`
+ --let $wsrep_provider_options_orig = `SELECT @@wsrep_provider_options`
+ --let $wsrep_error_log_orig = `SELECT @@log_error`
+ if(!$wsrep_log_error_orig)
+@@ -12,4 +11,4 @@ if(!$wsrep_log_error_orig)
+ }
+ --let LOG_FILE= $wsrep_log_error_orig
+
+-SET GLOBAL wsrep_provider = 'none';
++SET GLOBAL wsrep_cluster_address = '';
+diff --git a/mysql-test/suite/galera/r/galera_ist_rsync.result b/mysql-test/suite/galera/r/galera_ist_rsync.result
+index 13f7d898a59..70a87c73df7 100644
+--- a/mysql-test/suite/galera/r/galera_ist_rsync.result
++++ b/mysql-test/suite/galera/r/galera_ist_rsync.result
+@@ -23,7 +23,7 @@ INSERT INTO t1 VALUES ('node2_committed_before');
+ INSERT INTO t1 VALUES ('node2_committed_before');
+ COMMIT;
+ Unloading wsrep provider ...
+-SET GLOBAL wsrep_provider = 'none';
++SET GLOBAL wsrep_cluster_address = '';
+ connection node_1;
+ SET AUTOCOMMIT=OFF;
+ START TRANSACTION;
+diff --git a/mysql-test/suite/galera/r/galera_sst_mysqldump.result b/mysql-test/suite/galera/r/galera_sst_mysqldump.result
+index 4ed679ba477..145b3a94775 100644
+--- a/mysql-test/suite/galera/r/galera_sst_mysqldump.result
++++ b/mysql-test/suite/galera/r/galera_sst_mysqldump.result
+@@ -30,7 +30,7 @@ INSERT INTO t1 VALUES ('node2_committed_before');
+ INSERT INTO t1 VALUES ('node2_committed_before');
+ COMMIT;
+ Unloading wsrep provider ...
+-SET GLOBAL wsrep_provider = 'none';
++SET GLOBAL wsrep_cluster_address = '';
+ connection node_1;
+ SET AUTOCOMMIT=OFF;
+ START TRANSACTION;
+diff --git a/mysql-test/suite/galera/r/mysql-wsrep#33.result b/mysql-test/suite/galera/r/mysql-wsrep#33.result
+index fb0b593cc96..45c6a3f660a 100644
+--- a/mysql-test/suite/galera/r/mysql-wsrep#33.result
++++ b/mysql-test/suite/galera/r/mysql-wsrep#33.result
+@@ -32,7 +32,7 @@ INSERT INTO t1 VALUES ('node2_committed_before');
+ INSERT INTO t1 VALUES ('node2_committed_before');
+ COMMIT;
+ Unloading wsrep provider ...
+-SET GLOBAL wsrep_provider = 'none';
++SET GLOBAL wsrep_cluster_address = '';
+ connection node_1;
+ SET AUTOCOMMIT=OFF;
+ START TRANSACTION;
+diff --git a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result
+index 4b6abf85434..f73bfbd13e7 100644
+--- a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result
++++ b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result
+@@ -403,7 +403,7 @@ NUMERIC_MIN_VALUE NULL
+ NUMERIC_MAX_VALUE NULL
+ NUMERIC_BLOCK_SIZE NULL
+ ENUM_VALUE_LIST NULL
+-READ_ONLY NO
++READ_ONLY YES
+ COMMAND_LINE_ARGUMENT REQUIRED
+ GLOBAL_VALUE_PATH NULL
+ VARIABLE_NAME WSREP_ON
+@@ -463,7 +463,7 @@ NUMERIC_MIN_VALUE NULL
+ NUMERIC_MAX_VALUE NULL
+ NUMERIC_BLOCK_SIZE NULL
+ ENUM_VALUE_LIST NULL
+-READ_ONLY NO
++READ_ONLY YES
+ COMMAND_LINE_ARGUMENT REQUIRED
+ GLOBAL_VALUE_PATH NULL
+ VARIABLE_NAME WSREP_PROVIDER_OPTIONS
+diff --git a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result b/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result
+deleted file mode 100644
+index 056ff8c817b..00000000000
+--- a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result
++++ /dev/null
+@@ -1,47 +0,0 @@
+-#
+-# wsrep_notify_cmd
+-#
+-call mtr.add_suppression("WSREP: Failed to get provider options");
+-# save the initial value
+-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd;
+-# default
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-
+-
+-# scope
+-SELECT @@session.wsrep_notify_cmd;
+-ERROR HY000: Variable 'wsrep_notify_cmd' is a GLOBAL variable
+-SET @@global.wsrep_notify_cmd='notify_cmd';
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-notify_cmd
+-
+-# valid values
+-SET @@global.wsrep_notify_cmd='command';
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-command
+-SET @@global.wsrep_notify_cmd='hyphenated-command';
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-hyphenated-command
+-SET @@global.wsrep_notify_cmd=default;
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-
+-SET @@global.wsrep_notify_cmd=NULL;
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-NULL
+-
+-# invalid values
+-SET @@global.wsrep_notify_cmd=1;
+-ERROR 42000: Incorrect argument type to variable 'wsrep_notify_cmd'
+-SELECT @@global.wsrep_notify_cmd;
+-@@global.wsrep_notify_cmd
+-NULL
+-
+-# restore the initial value
+-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved;
+-# End of test
+diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result
+deleted file mode 100644
+index 3e4ac8ca883..00000000000
+--- a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result
++++ /dev/null
+@@ -1,40 +0,0 @@
+-#
+-# wsrep_provider
+-#
+-# save the initial value
+-SET @wsrep_provider_global_saved = @@global.wsrep_provider;
+-# default
+-SELECT @@global.wsrep_provider;
+-@@global.wsrep_provider
+-none
+-
+-# scope
+-SELECT @@session.wsrep_provider;
+-ERROR HY000: Variable 'wsrep_provider' is a GLOBAL variable
+-SELECT @@global.wsrep_provider;
+-@@global.wsrep_provider
+-none
+-
+-# valid values
+-SET @@global.wsrep_provider=default;
+-SELECT @@global.wsrep_provider;
+-@@global.wsrep_provider
+-none
+-
+-# invalid values
+-SET @@global.wsrep_provider='/invalid/libgalera_smm.so';
+-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of '/invalid/libgalera_smm.so'
+-SET @@global.wsrep_provider=NULL;
+-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of 'NULL'
+-SELECT @@global.wsrep_provider;
+-@@global.wsrep_provider
+-none
+-SET @@global.wsrep_provider=1;
+-ERROR 42000: Incorrect argument type to variable 'wsrep_provider'
+-SELECT @@global.wsrep_provider;
+-@@global.wsrep_provider
+-none
+-
+-# restore the initial value
+-SET @@global.wsrep_provider = @wsrep_provider_global_saved;
+-# End of test
+diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result
+deleted file mode 100644
+index 15949a14e39..00000000000
+--- a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result
++++ /dev/null
+@@ -1,46 +0,0 @@
+-#
+-# wsrep_provider_options
+-#
+-call mtr.add_suppression("WSREP: Failed to get provider options");
+-# default
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-
+-# scope
+-SELECT @@session.wsrep_provider_options;
+-ERROR HY000: Variable 'wsrep_provider_options' is a GLOBAL variable
+-SET @@global.wsrep_provider_options='option1';
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-
+-# valid values
+-SET @@global.wsrep_provider_options='name1=value1;name2=value2';
+-ERROR HY000: WSREP (galera) not started
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-SET @@global.wsrep_provider_options='hyphenated-name:value';
+-ERROR HY000: WSREP (galera) not started
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-SET @@global.wsrep_provider_options=default;
+-ERROR HY000: WSREP (galera) not started
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-
+-# invalid values
+-SET @@global.wsrep_provider_options=1;
+-ERROR 42000: Incorrect argument type to variable 'wsrep_provider_options'
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-SET @@global.wsrep_provider_options=NULL;
+-Got one of the listed errors
+-SELECT @@global.wsrep_provider_options;
+-@@global.wsrep_provider_options
+-
+-# End of test
+diff --git a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test b/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test
+deleted file mode 100644
+index 6d1535ba148..00000000000
+--- a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test
++++ /dev/null
+@@ -1,43 +0,0 @@
+---source include/have_wsrep.inc
+-
+---echo #
+---echo # wsrep_notify_cmd
+---echo #
+-
+-call mtr.add_suppression("WSREP: Failed to get provider options");
+-
+---echo # save the initial value
+-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd;
+-
+---echo # default
+-SELECT @@global.wsrep_notify_cmd;
+-
+---echo
+---echo # scope
+---error ER_INCORRECT_GLOBAL_LOCAL_VAR
+-SELECT @@session.wsrep_notify_cmd;
+-SET @@global.wsrep_notify_cmd='notify_cmd';
+-SELECT @@global.wsrep_notify_cmd;
+-
+---echo
+---echo # valid values
+-SET @@global.wsrep_notify_cmd='command';
+-SELECT @@global.wsrep_notify_cmd;
+-SET @@global.wsrep_notify_cmd='hyphenated-command';
+-SELECT @@global.wsrep_notify_cmd;
+-SET @@global.wsrep_notify_cmd=default;
+-SELECT @@global.wsrep_notify_cmd;
+-SET @@global.wsrep_notify_cmd=NULL;
+-SELECT @@global.wsrep_notify_cmd;
+-
+---echo
+---echo # invalid values
+---error ER_WRONG_TYPE_FOR_VAR
+-SET @@global.wsrep_notify_cmd=1;
+-SELECT @@global.wsrep_notify_cmd;
+-
+---echo
+---echo # restore the initial value
+-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved;
+-
+---echo # End of test
+diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test
+deleted file mode 100644
+index 1190ab41bb0..00000000000
+--- a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test
++++ /dev/null
+@@ -1,39 +0,0 @@
+---source include/have_wsrep.inc
+-
+---echo #
+---echo # wsrep_provider
+---echo #
+-
+---echo # save the initial value
+-SET @wsrep_provider_global_saved = @@global.wsrep_provider;
+-
+---echo # default
+-SELECT @@global.wsrep_provider;
+-
+---echo
+---echo # scope
+---error ER_INCORRECT_GLOBAL_LOCAL_VAR
+-SELECT @@session.wsrep_provider;
+-SELECT @@global.wsrep_provider;
+-
+---echo
+---echo # valid values
+-SET @@global.wsrep_provider=default;
+-SELECT @@global.wsrep_provider;
+-
+---echo
+---echo # invalid values
+---error ER_WRONG_VALUE_FOR_VAR
+-SET @@global.wsrep_provider='/invalid/libgalera_smm.so';
+---error ER_WRONG_VALUE_FOR_VAR
+-SET @@global.wsrep_provider=NULL;
+-SELECT @@global.wsrep_provider;
+---error ER_WRONG_TYPE_FOR_VAR
+-SET @@global.wsrep_provider=1;
+-SELECT @@global.wsrep_provider;
+-
+---echo
+---echo # restore the initial value
+-SET @@global.wsrep_provider = @wsrep_provider_global_saved;
+-
+---echo # End of test
+diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test
+deleted file mode 100644
+index 6eb3a94b6a4..00000000000
+--- a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test
++++ /dev/null
+@@ -1,41 +0,0 @@
+---source include/have_wsrep.inc
+-
+---echo #
+---echo # wsrep_provider_options
+---echo #
+-
+-call mtr.add_suppression("WSREP: Failed to get provider options");
+-
+---echo # default
+-SELECT @@global.wsrep_provider_options;
+-
+---echo
+---echo # scope
+---error ER_INCORRECT_GLOBAL_LOCAL_VAR
+-SELECT @@session.wsrep_provider_options;
+---error 0,ER_WRONG_ARGUMENTS
+-SET @@global.wsrep_provider_options='option1';
+-SELECT @@global.wsrep_provider_options;
+-
+---echo
+---echo # valid values
+---error ER_WRONG_ARGUMENTS
+-SET @@global.wsrep_provider_options='name1=value1;name2=value2';
+-SELECT @@global.wsrep_provider_options;
+---error ER_WRONG_ARGUMENTS
+-SET @@global.wsrep_provider_options='hyphenated-name:value';
+-SELECT @@global.wsrep_provider_options;
+---error ER_WRONG_ARGUMENTS
+-SET @@global.wsrep_provider_options=default;
+-SELECT @@global.wsrep_provider_options;
+-
+---echo
+---echo # invalid values
+---error ER_WRONG_TYPE_FOR_VAR
+-SET @@global.wsrep_provider_options=1;
+-SELECT @@global.wsrep_provider_options;
+---error ER_WRONG_ARGUMENTS,ER_WRONG_ARGUMENTS
+-SET @@global.wsrep_provider_options=NULL;
+-SELECT @@global.wsrep_provider_options;
+-
+---echo # End of test
+diff --git a/mysql-test/suite/wsrep/disabled.def b/mysql-test/suite/wsrep/disabled.def
+index 11577bfe8b0..3d204db6945 100644
+--- a/mysql-test/suite/wsrep/disabled.def
++++ b/mysql-test/suite/wsrep/disabled.def
+@@ -10,3 +10,5 @@
+ #
+ ##############################################################################
+
++
++mdev_6832: wsrep_provider is read-only for security reasons
+diff --git a/mysql-test/suite/wsrep/r/variables.result b/mysql-test/suite/wsrep/r/variables.result
+index a9988fd1628..e57440125ee 100644
+--- a/mysql-test/suite/wsrep/r/variables.result
++++ b/mysql-test/suite/wsrep/r/variables.result
+@@ -14,7 +14,6 @@ SET SESSION wsrep_replicate_myisam= ON;
+ ERROR HY000: Variable 'wsrep_replicate_myisam' is a GLOBAL variable and should be set with SET GLOBAL
+ SET GLOBAL wsrep_replicate_myisam= ON;
+ SET GLOBAL wsrep_replicate_myisam= OFF;
+-SET GLOBAL wsrep_provider=none;
+ #
+ # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of
+ # variables when using "_"
+@@ -151,7 +150,6 @@ wsrep_local_state_comment #
+ # Should show nothing.
+ SHOW STATUS LIKE 'x';
+ Variable_name Value
+-SET GLOBAL wsrep_provider=none;
+
+ SHOW STATUS LIKE 'wsrep_local_state_uuid';
+ Variable_name Value
+@@ -160,7 +158,6 @@ wsrep_local_state_uuid #
+ SHOW STATUS LIKE 'wsrep_last_committed';
+ Variable_name Value
+ wsrep_last_committed #
+-SET GLOBAL wsrep_provider=none;
+
+ #
+ # MDEV#6206: wsrep_slave_threads subtracts from max_connections
+@@ -174,7 +171,7 @@ SELECT @@global.wsrep_slave_threads;
+ 1
+ SELECT @@global.wsrep_cluster_address;
+ @@global.wsrep_cluster_address
+-
++gcomm://
+ SELECT @@global.wsrep_on;
+ @@global.wsrep_on
+ 1
+@@ -183,14 +180,14 @@ Variable_name Value
+ Threads_connected 1
+ SHOW STATUS LIKE 'wsrep_thread_count';
+ Variable_name Value
+-wsrep_thread_count 0
++wsrep_thread_count 2
+
+ SELECT @@global.wsrep_provider;
+ @@global.wsrep_provider
+ libgalera_smm.so
+ SELECT @@global.wsrep_cluster_address;
+ @@global.wsrep_cluster_address
+-
++gcomm://
+ SELECT @@global.wsrep_on;
+ @@global.wsrep_on
+ 1
+@@ -199,11 +196,10 @@ Variable_name Value
+ Threads_connected 1
+ SHOW STATUS LIKE 'wsrep_thread_count';
+ Variable_name Value
+-wsrep_thread_count 0
++wsrep_thread_count 2
+
+ # Setting wsrep_cluster_address triggers the creation of
+ # applier/rollbacker threads.
+-SET GLOBAL wsrep_cluster_address= 'gcomm://';
+ # Wait for applier thread to get created 1.
+ # Wait for applier thread to get created 2.
+ SELECT VARIABLE_VALUE AS EXPECT_1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_applier_thread_count';
+diff --git a/mysql-test/suite/wsrep/t/variables.test b/mysql-test/suite/wsrep/t/variables.test
+index f2c3a0a3b78..fd352b61a3a 100644
+--- a/mysql-test/suite/wsrep/t/variables.test
++++ b/mysql-test/suite/wsrep/t/variables.test
+@@ -23,7 +23,7 @@ SET GLOBAL wsrep_replicate_myisam= ON;
+
+ # Reset it back.
+ SET GLOBAL wsrep_replicate_myisam= OFF;
+-SET GLOBAL wsrep_provider=none;
++#SET GLOBAL wsrep_provider=none;
+
+ --echo #
+ --echo # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of
+@@ -32,9 +32,6 @@ SET GLOBAL wsrep_provider=none;
+
+ CALL mtr.add_suppression("WSREP: Could not open saved state file for reading.*");
+
+---disable_query_log
+-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+---enable_query_log
+
+ --replace_column 2 #
+ SHOW GLOBAL STATUS LIKE 'wsrep%';
+@@ -50,11 +47,9 @@ SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment';
+ SHOW STATUS LIKE 'x';
+
+ # Reset it back.
+-SET GLOBAL wsrep_provider=none;
++#SET GLOBAL wsrep_provider=none;
+
+---disable_query_log
+-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+---enable_query_log
++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+
+ # The following 2 variables are used by mariabackup
+ # SST.
+@@ -66,7 +61,7 @@ SHOW STATUS LIKE 'wsrep_local_state_uuid';
+ SHOW STATUS LIKE 'wsrep_last_committed';
+
+ # Reset it back.
+-SET GLOBAL wsrep_provider=none;
++#SET GLOBAL wsrep_provider=none;
+
+ --echo
+ --echo #
+@@ -74,9 +69,7 @@ SET GLOBAL wsrep_provider=none;
+ --echo #
+ call mtr.add_suppression("WSREP: Failed to get provider options");
+
+---disable_query_log
+-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+---enable_query_log
++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+
+ --replace_regex /.*libgalera_smm.*/libgalera_smm.so/
+ SELECT @@global.wsrep_provider;
+@@ -87,9 +80,7 @@ SHOW STATUS LIKE 'threads_connected';
+ SHOW STATUS LIKE 'wsrep_thread_count';
+ --echo
+
+---disable_query_log
+-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+---enable_query_log
++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+
+ --replace_regex /.*libgalera_smm.*/libgalera_smm.so/
+ SELECT @@global.wsrep_provider;
+@@ -101,7 +92,7 @@ SHOW STATUS LIKE 'wsrep_thread_count';
+
+ --echo # Setting wsrep_cluster_address triggers the creation of
+ --echo # applier/rollbacker threads.
+-SET GLOBAL wsrep_cluster_address= 'gcomm://';
++#SET GLOBAL wsrep_cluster_address= 'gcomm://';
+
+ --echo # Wait for applier thread to get created 1.
+ --let $wait_condition = SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_applier_thread_count';
+@@ -162,15 +153,6 @@ SET @@global.wsrep_sst_auth= NULL;
+ SELECT @@global.wsrep_sst_auth;
+ SET @@global.wsrep_sst_auth= @wsrep_sst_auth_saved;
+
+-# Reset (for mtr internal checks)
+-
+---disable_query_log
+-SET GLOBAL wsrep_slave_threads= @wsrep_slave_threads_saved;
+-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
+-SET GLOBAL wsrep_cluster_address= @wsrep_cluster_address_saved;
+-SET GLOBAL wsrep_provider_options= @wsrep_provider_options_saved;
+---enable_query_log
+-
+ --source include/galera_wait_ready.inc
+
+ --echo # End of test.
+diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
+index 64040243df0..8c67a4d432a 100644
+--- a/sql/sys_vars.cc
++++ b/sql/sys_vars.cc
+@@ -5669,8 +5669,8 @@ static Sys_var_tz Sys_time_zone(
+
+ static Sys_var_charptr_fscs Sys_wsrep_provider(
+ "wsrep_provider", "Path to replication provider library",
+- PREALLOCATED GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG),
+- DEFAULT(WSREP_NONE),
++ PREALLOCATED READ_ONLY GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG),
++ DEFAULT(WSREP_NONE),
+ NO_MUTEX_GUARD, NOT_IN_BINLOG,
+ ON_CHECK(wsrep_provider_check), ON_UPDATE(wsrep_provider_update));
+
+@@ -5886,8 +5886,8 @@ static Sys_var_ulong Sys_wsrep_max_ws_rows (
+
+ static Sys_var_charptr Sys_wsrep_notify_cmd(
+ "wsrep_notify_cmd", "",
+- GLOBAL_VAR(wsrep_notify_cmd),CMD_LINE(REQUIRED_ARG),
+- DEFAULT(""));
++ READ_ONLY GLOBAL_VAR(wsrep_notify_cmd), CMD_LINE(REQUIRED_ARG),
++ DEFAULT(""));
+
+ static Sys_var_mybool Sys_wsrep_certify_nonPK(
+ "wsrep_certify_nonPK", "Certify tables with no primary key",
+--
+2.31.0
+
--
2.31.0
next prev parent reply other threads:[~2021-03-25 12:40 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-19 10:25 bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Léo Le Bouter via Bug reports for GNU Guix
2021-03-19 11:15 ` Julien Lepiller
2021-03-19 11:35 ` zimoun
2021-03-25 11:28 ` Léo Le Bouter via Bug reports for GNU Guix
2021-03-29 21:34 ` zimoun
2021-03-30 0:26 ` Léo Le Bouter via Bug reports for GNU Guix
2021-03-30 8:29 ` zimoun
2021-03-19 11:35 ` bug#47257: [PATCH 0/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928] Léo Le Bouter via Bug reports for GNU Guix
2021-03-19 11:35 ` bug#47257: [PATCH 1/1] " Léo Le Bouter via Bug reports for GNU Guix
2021-03-20 0:28 ` Mark H Weaver
2021-03-20 0:42 ` Mark H Weaver
2021-03-25 10:58 ` bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928 Léo Le Bouter via Bug reports for GNU Guix
2021-03-25 11:06 ` Julien Lepiller
2021-03-25 12:39 ` Léo Le Bouter via Bug reports for GNU Guix [this message]
2021-03-25 12:48 ` bug#47257: [PATCH v3] " Léo Le Bouter via Bug reports for GNU Guix
2021-03-26 1:16 ` Mark H Weaver
2021-03-26 1:23 ` Léo Le Bouter via Bug reports for GNU Guix
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210325123921.9800-1-lle-bout@zaclys.net \
--to=bug-guix@gnu.org \
--cc=47257@debbugs.gnu.org \
--cc=lle-bout@zaclys.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).