database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-27 23:21:58 +03:00
Code Activity

Fix pg_dumpall to cope with dangling OIDs in pg_auth_members.

Browse Source 
There is a race condition between "GRANT role" and "DROP ROLE",
which allows GRANT to install pg_auth_members entries that refer to
dropped roles.  (Commit 6566133c5 prevented that for the grantor
field, but not for the granted or grantee roles.)  We'll soon fix
that, at least in HEAD, but pg_dumpall needs to cope with the
situation in case of pre-existing inconsistency.  As pg_dumpall
stands, it will emit invalid commands like 'GRANT foo TO ""',
which causes pg_upgrade to fail.  Fix it to emit warnings and skip
those GRANTs, instead.

There was some discussion of removing the problem by changing
dumpRoleMembership's query to use JOIN not LEFT JOIN, but that
would result in silently ignoring such entries.  It seems better
to produce a warning.

Pre-v16 branches already coped with dangling grantor OIDs by simply
omitting the GRANTED BY clause.  I left that behavior as-is, although
it's somewhat inconsistent with the behavior of later branches.

Reported-by: Virender Singla <virender.cse@gmail.com>
Discussion: https://postgr.es/m/CAM6Zo8woa62ZFHtMKox6a4jb8qQ=w87R2L0K8347iE-juQL2EA@mail.gmail.com
Backpatch-through: 13
This commit is contained in:
Tom Lane
2025-02-21 13:37:12 -05:00
parent b91326f372
commit ce1475acd5
1 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/bin/pg_dump/pg_dumpall.c
View File

@ -1008,10 +1008,12 @@ dumpRoleMembership(PGconn *conn)
PGresult *res; PGresult *res;
int i; int i;
printfPQExpBuffer(buf, "SELECT ur.rolname AS roleid, " printfPQExpBuffer(buf, "SELECT ur.rolname AS role, "
"um.rolname AS member, " "um.rolname AS member, "
"a.admin_option, " "a.admin_option, "
"ug.rolname AS grantor " "ug.rolname AS grantor, "
"a.roleid AS roleid, "
"a.member AS memberid "
"FROM pg_auth_members a " "FROM pg_auth_members a "
"LEFT JOIN %s ur on ur.oid = a.roleid " "LEFT JOIN %s ur on ur.oid = a.roleid "
"LEFT JOIN %s um on um.oid = a.member " "LEFT JOIN %s um on um.oid = a.member "
@ -1025,13 +1027,33 @@ dumpRoleMembership(PGconn *conn)
for (i = 0; i < PQntuples(res); i++) for (i = 0; i < PQntuples(res); i++)
{ {
char *roleid = PQgetvalue(res, i, 0); char *role = PQgetvalue(res, i, 0);
char *member = PQgetvalue(res, i, 1); char *member = PQgetvalue(res, i, 1);
char *option = PQgetvalue(res, i, 2); char *admin_option = PQgetvalue(res, i, 2);
fprintf(OPF, "GRANT %s", fmtId(roleid)); /*
* Due to race conditions, the role and/or member could have been
* dropped. If we find such cases, print a warning and skip the
* entry.
*/
if (PQgetisnull(res, i, 0))
{
/* translator: %s represents a numeric role OID */
pg_log_warning("found orphaned pg_auth_members entry for role %s",
PQgetvalue(res, i, 4));
continue;
}
if (PQgetisnull(res, i, 1))
{
/* translator: %s represents a numeric role OID */
pg_log_warning("found orphaned pg_auth_members entry for role %s",
PQgetvalue(res, i, 5));
continue;
}
fprintf(OPF, "GRANT %s", fmtId(role));
fprintf(OPF, " TO %s", fmtId(member)); fprintf(OPF, " TO %s", fmtId(member));
if (*option == 't') if (*admin_option == 't')
fprintf(OPF, " WITH ADMIN OPTION"); fprintf(OPF, " WITH ADMIN OPTION");
/* /*