From 6df8ff49d9ea6ce2386d50deffff85503bc9fcd3 Mon Sep 17 00:00:00 2001 From: Noah Misch Date: Mon, 8 Aug 2016 10:07:46 -0400 Subject: [PATCH] Promote pg_dumpall shell/connstr quoting functions to src/fe_utils. Rename these newly-extern functions with terms more typical of their new neighbors. No functional changes; a subsequent commit will use them in more places. Back-patch to 9.1 (all supported versions). Back branches lack src/fe_utils, so instead rename the functions in place; the subsequent commit will copy them into the other programs using them. Security: CVE-2016-5424 --- src/bin/pg_dump/pg_dumpall.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/src/bin/pg_dump/pg_dumpall.c b/src/bin/pg_dump/pg_dumpall.c index 6defa331ab2..b6dbe0f7377 100644 --- a/src/bin/pg_dump/pg_dumpall.c +++ b/src/bin/pg_dump/pg_dumpall.c @@ -49,8 +49,8 @@ static void makeAlterConfigCommand(PGconn *conn, const char *arrayitem, const char *name2); static void dumpDatabases(PGconn *conn); static void dumpTimestamp(char *msg); -static void doShellQuoting(PQExpBuffer buf, const char *str); -static void doConnStrQuoting(PQExpBuffer buf, const char *str); +static void appendShellString(PQExpBuffer buf, const char *str); +static void appendConnStrVal(PQExpBuffer buf, const char *str); static int runPgDump(const char *dbname); static void buildShSecLabels(PGconn *conn, const char *catalog_name, @@ -215,7 +215,7 @@ main(int argc, char *argv[]) case 'f': filename = pg_strdup(optarg); appendPQExpBufferStr(pgdumpopts, " -f "); - doShellQuoting(pgdumpopts, filename); + appendShellString(pgdumpopts, filename); break; case 'g': @@ -256,7 +256,7 @@ main(int argc, char *argv[]) case 'S': appendPQExpBufferStr(pgdumpopts, " -S "); - doShellQuoting(pgdumpopts, optarg); + appendShellString(pgdumpopts, optarg); break; case 't': @@ -292,13 +292,13 @@ main(int argc, char *argv[]) case 2: appendPQExpBufferStr(pgdumpopts, " --lock-wait-timeout "); - doShellQuoting(pgdumpopts, optarg); + appendShellString(pgdumpopts, optarg); break; case 3: use_role = pg_strdup(optarg); appendPQExpBufferStr(pgdumpopts, " --role "); - doShellQuoting(pgdumpopts, use_role); + appendShellString(pgdumpopts, use_role); break; default: @@ -1713,9 +1713,9 @@ runPgDump(const char *dbname) * string. */ appendPQExpBuffer(connstrbuf, "%s dbname=", connstr); - doConnStrQuoting(connstrbuf, dbname); + appendConnStrVal(connstrbuf, dbname); - doShellQuoting(cmd, connstrbuf->data); + appendShellString(cmd, connstrbuf->data); if (verbose) fprintf(stderr, _("%s: running \"%s\"\n"), progname, cmd->data); @@ -1995,7 +1995,7 @@ constructConnStr(const char **keywords, const char **values) appendPQExpBufferChar(buf, ' '); firstkeyword = false; appendPQExpBuffer(buf, "%s=", keywords[i]); - doConnStrQuoting(buf, values[i]); + appendConnStrVal(buf, values[i]); } connstr = pg_strdup(buf->data); @@ -2088,7 +2088,7 @@ dumpTimestamp(char *msg) * string */ static void -doConnStrQuoting(PQExpBuffer buf, const char *str) +appendConnStrVal(PQExpBuffer buf, const char *str) { const char *s; bool needquotes; @@ -2137,7 +2137,7 @@ doConnStrQuoting(PQExpBuffer buf, const char *str) * there eventually leads to errors here. */ static void -doShellQuoting(PQExpBuffer buf, const char *str) +appendShellString(PQExpBuffer buf, const char *str) { const char *p;