mirror of
https://github.com/postgres/postgres.git
synced 2025-04-25 21:42:33 +03:00
a2385cac13
Due to simplistic quoting and confusion of database names with conninfo strings, roles with the CREATEDB or CREATEROLE option could escalate to superuser privileges when a superuser next ran certain maintenance commands. The new coding rule for PQconnectdbParams() calls, documented at conninfo_array_parse(), is to pass expand_dbname=true and wrap literal database names in a trivial connection string. Escape zero-length values in appendConnStrVal(). Back-patch to 9.1 (all supported versions). Nathan Bossart, Michael Paquier, and Noah Misch. Reviewed by Peter Eisentraut. Reported by Nathan Bossart. Security: CVE-2016-5424
98 lines
2.5 KiB
C
98 lines
2.5 KiB
C
/*
|
|
* version.c
|
|
*
|
|
* Postgres-version-specific routines
|
|
*
|
|
* Copyright (c) 2010-2011, PostgreSQL Global Development Group
|
|
* contrib/pg_upgrade/version.c
|
|
*/
|
|
|
|
#include "pg_upgrade.h"
|
|
|
|
#include "access/transam.h"
|
|
|
|
|
|
/*
|
|
* new_9_0_populate_pg_largeobject_metadata()
|
|
* new >= 9.0, old <= 8.4
|
|
* 9.0 has a new pg_largeobject permission table
|
|
*/
|
|
void
|
|
new_9_0_populate_pg_largeobject_metadata(ClusterInfo *cluster, bool check_mode)
|
|
{
|
|
int dbnum;
|
|
FILE *script = NULL;
|
|
bool found = false;
|
|
char output_path[MAXPGPATH];
|
|
|
|
prep_status("Checking for large objects");
|
|
|
|
snprintf(output_path, sizeof(output_path), "%s/pg_largeobject.sql",
|
|
os_info.cwd);
|
|
|
|
for (dbnum = 0; dbnum < cluster->dbarr.ndbs; dbnum++)
|
|
{
|
|
PGresult *res;
|
|
int i_count;
|
|
DbInfo *active_db = &cluster->dbarr.dbs[dbnum];
|
|
PGconn *conn = connectToServer(cluster, active_db->db_name);
|
|
|
|
/* find if there are any large objects */
|
|
res = executeQueryOrDie(conn,
|
|
"SELECT count(*) "
|
|
"FROM pg_catalog.pg_largeobject ");
|
|
|
|
i_count = PQfnumber(res, "count");
|
|
if (atoi(PQgetvalue(res, 0, i_count)) != 0)
|
|
{
|
|
found = true;
|
|
if (!check_mode)
|
|
{
|
|
PQExpBufferData connectbuf;
|
|
|
|
if (script == NULL && (script = fopen(output_path, "w")) == NULL)
|
|
pg_log(PG_FATAL, "could not create necessary file: %s\n", output_path);
|
|
|
|
initPQExpBuffer(&connectbuf);
|
|
appendPsqlMetaConnect(&connectbuf, active_db->db_name);
|
|
fputs(connectbuf.data, script);
|
|
termPQExpBuffer(&connectbuf);
|
|
|
|
fprintf(script,
|
|
"SELECT pg_catalog.lo_create(t.loid)\n"
|
|
"FROM (SELECT DISTINCT loid FROM pg_catalog.pg_largeobject) AS t;\n");
|
|
}
|
|
}
|
|
|
|
PQclear(res);
|
|
PQfinish(conn);
|
|
}
|
|
|
|
if (script)
|
|
fclose(script);
|
|
|
|
if (found)
|
|
{
|
|
report_status(PG_WARNING, "warning");
|
|
if (check_mode)
|
|
pg_log(PG_WARNING, "\n"
|
|
"| Your installation contains large objects.\n"
|
|
"| The new database has an additional large object\n"
|
|
"| permission table. After upgrading, you will be\n"
|
|
"| given a command to populate the pg_largeobject\n"
|
|
"| permission table with default permissions.\n\n");
|
|
else
|
|
pg_log(PG_WARNING, "\n"
|
|
"| Your installation contains large objects.\n"
|
|
"| The new database has an additional large object\n"
|
|
"| permission table so default permissions must be\n"
|
|
"| defined for all large objects. The file:\n"
|
|
"| \t%s\n"
|
|
"| when executed by psql by the database super-user\n"
|
|
"| will define the default permissions.\n\n",
|
|
output_path);
|
|
}
|
|
else
|
|
check_ok();
|
|
}
|