Page MenuHomePhabricator

Set MYSQLI_OPT_LOCAL_INFILE (which appears to have no effect) and raise unusual query errors more clearly
ClosedPublic

Authored by epriestley on Jan 18 2019, 4:37 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 23, 9:22 PM
Unknown Object (File)
Thu, Jan 23, 9:22 PM
Unknown Object (File)
Thu, Jan 23, 9:22 PM
Unknown Object (File)
Thu, Jan 23, 9:22 PM
Unknown Object (File)
Thu, Jan 23, 9:22 PM
Unknown Object (File)
Wed, Jan 22, 11:59 AM
Unknown Object (File)
Sun, Jan 12, 9:14 AM
Unknown Object (File)
Mon, Dec 30, 5:46 AM
Subscribers
None

Details

Summary

Ref T13238. See PHI1014. To attempt to defuse attacks based on "LOAD DATA INFILE LOCAL", set MYSQLI_OPT_LOCAL_INFILE. This option is documented as disabling local file loads.

This doesn't actually work for me: I can still "LOAD DATA INFILE LOCAL" with this option set. However, it probably can't hurt? I'll dig into this a bit more before I land this change, I suspect this option must work sometimes and maybe it's just detecting that my client and server are both the same host or something. (Some amount of digging at least suggests this might be a simple bug where mysqli. allow_local_infile is overwriting the options() call.)

Separately, capture and raise errors from mysqli->query() which do not set the connection error code more accurately. Before this change, trying "LOAD DATA INFILE LOCAL" with "mysqli.allow_local_infile = 0" raised Error #0: .

Now, it raises EXCEPTION: (AphrontQueryException) #777777: mysqli::query(): LOAD DATA LOCAL INFILE forbidden.

Test Plan
  • Tried to "LOAD DATA INFILE LOCAL" with and without this option set.
    • Both of them worked fine. This isn't great.
  • Hit "forbidden" error before and after change, got much clearer guidance after change.

Diff Detail

Event Timeline

  • I don't think MYSQLI_OPT_LOCAL_INFILE ever does anything, anywhere, ever.
  • Since I think I have a plausible explanation that this is a simple bug (value gets overwritten by config value) with at least a tiny bit of supporting evidence, and it's reasonable to imagine it may be fixed in some future version of PHP/MySQLi, leave the call in anyway.
  • Just document what's going on here more clearly.
  • Wordsmithing, the query is "LOCAL INFILE", not "INFILE LOCAL".
This revision is now accepted and ready to land.Jan 19 2019, 12:58 AM