Closed lizhenhuan closed 2 years ago
Unfortunately, this seems to also be a security problem.
The cause of this bug is that the integration test script constructs a mysql client command line to execute each mysql commands in test file, e.g. os.popen("mysql -u root -P 4000 -h 127.0.0.1 -e "insert into test.t values ('$$')"")
.
Then a sh subprocess will execute mysql client with arguments, but before that, sh subprocess will first expand '$$' to be current process's id...
And finally, the command executed by tidb turns to be insert into test.t values (current_process_id)
...
As for your case, sh subprocess treats $NG
as an env variable, which is actually unset and only passes PI
to the tidb. So in the execution result only PI
is left.
/assign
Bug Report
Please answer these questions before submitting your issue. Thanks!
1. Minimal reproduce step (Required)
cd tests ./run-test.sh fullstack-test/expr/upper.test This test will success. vi fullstack-test/expr/upper.test 1.add "insert into test.t values('pi$ng');" after origin insert sql 2.add "PI$NG" in excepted result at last
run test again, this test is failed
This may because the integration tests framework doesn't support $ . It may delete $ and the letter followed by $
2. What did you expect to see? (Required)
after add $ in upper.test ,this test case still success
3. What did you see instead (Required)
after add $ in upper.test ,this test case will fail
4. What is your TiFlash version? (Required)
TiFlash master branch