From c564a8ef5095d26b1d7f2ebab4dc3c3516bc0c7b Mon Sep 17 00:00:00 2001
From: Jakub Vrana <jakub@vrana.cz>
Date: Tue, 26 Jun 2018 08:53:12 +0200
Subject: [PATCH] MySQL: Disallow LOAD DATA LOCAL INFILE

---
 adminer/drivers/mysql.inc.php | 11 ++++++++---
 adminer/include/pdo.inc.php   |  3 +++
 adminer/lang/cs.inc.php       |  2 ++
 adminer/lang/xx.inc.php       |  2 ++
 changes.txt                   |  1 +
 5 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php
index 9e4fe570..c54ade0f 100644
--- a/adminer/drivers/mysql.inc.php
+++ b/adminer/drivers/mysql.inc.php
@@ -30,6 +30,7 @@ if (!defined("DRIVER")) {
 					(!is_numeric($port) ? $port : $socket),
 					($ssl ? 64 : 0) // 64 - MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT (not available before PHP 5.6.16)
 				);
+				$this->options(MYSQLI_OPT_LOCAL_INFILE, false);
 				return $return;
 			}
 
@@ -56,7 +57,7 @@ if (!defined("DRIVER")) {
 			}
 		}
 
-	} elseif (extension_loaded("mysql") && !(ini_get("sql.safe_mode") && extension_loaded("pdo_mysql"))) {
+	} elseif (extension_loaded("mysql") && !((ini_bool("sql.safe_mode") || ini_bool("mysql.allow_local_infile")) && extension_loaded("pdo_mysql"))) {
 		class Min_DB {
 			var
 				$extension = "MySQL", ///< @var string extension name
@@ -74,6 +75,10 @@ if (!defined("DRIVER")) {
 			* @return bool
 			*/
 			function connect($server, $username, $password) {
+				if (ini_bool("mysql.allow_local_infile")) {
+					$this->error = lang('Disable %s or enable %s or %s extensions.', "'mysql.allow_local_infile'", "MySQLi", "PDO_MySQL");
+					return false;
+				}
 				$this->_link = @mysql_connect(
 					($server != "" ? $server : ini_get("mysql.default_host")),
 					("$server$username" != "" ? $username : ini_get("mysql.default_user")),
@@ -230,10 +235,10 @@ if (!defined("DRIVER")) {
 
 			function connect($server, $username, $password) {
 				global $adminer;
-				$options = array();
+				$options = array(PDO::MYSQL_ATTR_LOCAL_INFILE => false);
 				$ssl = $adminer->connectSsl();
 				if ($ssl) {
-					$options = array(
+					$options += array(
 						PDO::MYSQL_ATTR_SSL_KEY => $ssl['key'],
 						PDO::MYSQL_ATTR_SSL_CERT => $ssl['cert'],
 						PDO::MYSQL_ATTR_SSL_CA => $ssl['ca'],
diff --git a/adminer/include/pdo.inc.php b/adminer/include/pdo.inc.php
index f5d2d34e..14fb91ce 100644
--- a/adminer/include/pdo.inc.php
+++ b/adminer/include/pdo.inc.php
@@ -29,6 +29,9 @@ if (extension_loaded('pdo')) {
 			$this->error = "";
 			if (!$result) {
 				list(, $this->errno, $this->error) = $this->errorInfo();
+				if (!$this->error) {
+					$this->error = lang('Unknown error.');
+				}
 				return false;
 			}
 			$this->store_result($result);
diff --git a/adminer/lang/cs.inc.php b/adminer/lang/cs.inc.php
index ca0d59c7..baa3de9d 100644
--- a/adminer/lang/cs.inc.php
+++ b/adminer/lang/cs.inc.php
@@ -22,6 +22,7 @@ $translations = array(
 	'No extension' => 'Žádné rozšíření',
 	'None of the supported PHP extensions (%s) are available.' => 'Není dostupné žádné z podporovaných PHP rozšíření (%s).',
 	'Connecting to privileged ports is not allowed.' => 'Připojování k privilegovaným portům není povoleno.',
+	'Disable %s or enable %s or %s extensions.' => 'Zakažte %s nebo povolte extenze %s nebo %s.',
 	'Session support must be enabled.' => 'Session proměnné musí být povolené.',
 	'Session expired, please login again.' => 'Session vypršela, přihlašte se prosím znovu.',
 	'The action will be performed after successful login with the same credentials.' => 'Akce bude provedena po úspěšném přihlášení se stejnými přihlašovacími údaji.',
@@ -54,6 +55,7 @@ $translations = array(
 	'Query executed OK, %d row(s) affected.' => array('Příkaz proběhl v pořádku, byl změněn %d záznam.', 'Příkaz proběhl v pořádku, byly změněny %d záznamy.', 'Příkaz proběhl v pořádku, bylo změněno %d záznamů.'),
 	'No commands to execute.' => 'Žádné příkazy k vykonání.',
 	'Error in query' => 'Chyba v dotazu',
+	'Unknown error.' => 'Neznámá chyba.',
 	'Warnings' => 'Varování',
 	'ATTACH queries are not supported.' => 'Dotazy ATTACH nejsou podporované.',
 	'Execute' => 'Provést',
diff --git a/adminer/lang/xx.inc.php b/adminer/lang/xx.inc.php
index 2c3babc5..73b9ed2d 100644
--- a/adminer/lang/xx.inc.php
+++ b/adminer/lang/xx.inc.php
@@ -22,6 +22,7 @@ $translations = array(
 	'No extension' => 'Xx',
 	'None of the supported PHP extensions (%s) are available.' => 'Xx (%s).',
 	'Connecting to privileged ports is not allowed.' => 'Xx.',
+	'Disable %s or enable %s or %s extensions.' => 'Xx %s xx %s xx %s xx.',
 	'Session support must be enabled.' => 'Xx.',
 	'Session expired, please login again.' => 'Xx.',
 	'The action will be performed after successful login with the same credentials.' => 'Xx.',
@@ -54,6 +55,7 @@ $translations = array(
 	'Query executed OK, %d row(s) affected.' => array('Xx, %d.', 'Xx, %d.'),
 	'No commands to execute.' => 'Xx.',
 	'Error in query' => 'Xx',
+	'Unknown error.' => 'Xx.',
 	'Warnings' => 'Xx',
 	'ATTACH queries are not supported.' => 'Xx.',
 	'Execute' => 'Xx',
diff --git a/changes.txt b/changes.txt
index 0c6cd0de..e4a49547 100644
--- a/changes.txt
+++ b/changes.txt
@@ -7,6 +7,7 @@ Decrease timeout for running slow queries from 5 seconds to 2 seconds
 Fix displaying info about non-alphabetical objects (bug #599)
 Use secure cookies on HTTP if session.cookie_secure is set
 PDO: Support binary fields download
+MySQL: Disallow LOAD DATA LOCAL INFILE
 MySQL: Use CONVERT() only when searching for non-ASCII (bug #603)
 MySQL: Order database names in MySQL 8 (bug #613)
 PostgreSQL: Add SQL operator to search