database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-12-21 05:21:08 +03:00
Code Activity
Files
67a2fbb8f9e9f75df08208e75da412c43a814688
postgres/doc/src/sgml
History
Nathan Bossart 67a2fbb8f9 Restrict psql meta-commands in plain-text dumps. 
A malicious server could inject psql meta-commands into plain-text
dump output (i.e., scripts created with pg_dump --format=plain,
pg_dumpall, or pg_restore --file) that are run at restore time on
the machine running psql.  To fix, introduce a new "restricted"
mode in psql that blocks all meta-commands (except for \unrestrict
to exit the mode), and teach pg_dump, pg_dumpall, and pg_restore to
use this mode in plain-text dumps.

While at it, encourage users to only restore dumps generated from
trusted servers or to inspect it beforehand, since restoring causes
the destination to execute arbitrary code of the source superusers'
choice.  However, the client running the dump and restore needn't
trust the source or destination superusers.

Reported-by: Martin Rakhmanov
Reported-by: Matthieu Denais <litezeraw@gmail.com>
Reported-by: RyotaK <ryotak.mail@gmail.com>
Suggested-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Noah Misch <noah@leadboat.com>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Security: CVE-2025-8714
Backpatch-through: 13
2025-08-11 09:00:00 -05:00
..
images
Fix commit 641a5b7a14 for "nbsp" output in SVG files
2024-11-26 13:08:13 -05:00
keywords
doc: Update SQL keywords list to SQL:2023
2023-04-05 07:55:28 +02:00
ref
Restrict psql meta-commands in plain-text dumps.
2025-08-11 09:00:00 -05:00
.gitignore
Stop generating plain-text INSTALL instructions.
2023-12-22 13:32:15 -05:00
acronyms.sgml
docs: Add acronym and glossary entries for I/O and AIO
2025-04-01 13:30:33 -04:00
advanced.sgml
Doc: simplify the tutorial's window-function examples.
2025-01-21 14:43:21 -05:00
amcheck.sgml
doc: Fix typos in documentation
2025-04-15 21:32:18 +02:00
appendix-obsolete-default-roles.sgml
appendix-obsolete-pgreceivexlog.sgml
appendix-obsolete-pgresetxlog.sgml
appendix-obsolete-pgxlogdump.sgml
appendix-obsolete-recovery-config.sgml
Remove promote_trigger_file.
2022-11-29 12:08:38 +13:00
appendix-obsolete.sgml
Revert "Rename contrib module basic_archive to basic_wal_module"
2023-01-26 09:13:39 +09:00
arch-dev.sgml
Doc: Miscellaneous doc updates for MERGE.
2023-02-26 09:06:04 +00:00
archive-modules.sgml
Add built-in ERROR handling for archive callbacks.
2024-04-02 22:28:11 -05:00
array.sgml
Improve readability and error detection of array_in().
2023-11-13 13:01:51 -05:00
auth-delay.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
auto-explain.sgml
EXPLAIN: Always use two fractional digits for row counts.
2025-02-27 11:27:16 -05:00
backup-manifest.sgml
doc: Standardize use of dashes in references to CRC and SHA.
2024-08-09 13:16:33 -05:00
backup.sgml
Doc: recommend "psql -X" for restoring pg_dump scripts.
2025-01-25 12:42:22 -05:00
basebackup-to-shell.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
basic-archive.sgml
Revert "Rename contrib module basic_archive to basic_wal_module"
2023-01-26 09:13:39 +09:00
bgworker.sgml
Add option to bgworkers to allow the bypass of role login check
2023-10-12 09:24:17 +09:00
biblio.sgml
doc: Add links to olsen93 and ong90 in bibliography
2025-02-21 11:28:42 +01:00
bki.sgml
Catalog changes preparing for builtin collation provider.
2024-03-09 14:48:18 -08:00
bloom.sgml
Show index search count in EXPLAIN ANALYZE, take 2.
2025-03-11 09:20:50 -04:00
brin.sgml
docs: Merge separate chapters on built-in index AMs into one.
2024-04-05 10:34:04 -04:00
btree-gin.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
btree-gist.sgml
Add support for sorted gist index builds to btree_gist
2025-04-03 13:46:35 +03:00
btree.sgml
Add nbtree skip scan optimization.
2025-04-04 12:27:04 -04:00
catalogs.sgml
doc: Remove notes about "unencrypted" passwords.
2025-06-04 09:47:25 -05:00
charset.sgml
docs: EUC_TW can be up to four bytes wide, not three
2025-02-10 10:03:37 -05:00
citext.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
client-auth.sgml
Doc: clarify description of regexp fields in pg_ident.conf.
2025-07-15 18:53:00 -04:00
color.sgml
config.sgml
doc: Clarify meaning of "idle" in idle_replication_slot_timeout.
2025-07-11 08:45:56 +09:00
contrib-spi.sgml
Move contrib/spi testing from core regression tests to contrib/spi.
2025-04-08 19:12:03 -04:00
contrib.sgml
pg_overexplain: Additional EXPLAIN options for debugging.
2025-03-26 13:52:21 -04:00
cube.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
custom-rmgr.sgml
docs: Consolidate into new "WAL for Extensions" chapter.
2024-04-15 15:57:13 -04:00
custom-scan.sgml
Doc: Improve documentation for creating custom scan paths.
2023-08-30 17:45:00 +09:00
datatype.sgml
doc: add float as an alias for double precision.
2025-08-07 18:04:55 -04:00
datetime.sgml
Seek zone abbreviations in the IANA data before timezone_abbreviations.
2025-01-16 14:11:19 -05:00
dblink.sgml
dblink: SCRAM authentication pass-through
2025-03-26 10:49:23 +01:00
ddl.sgml
Restrict virtual columns to use built-in functions and types
2025-06-25 09:56:49 +02:00
dfunc.sgml
Remove AIX support
2024-02-28 15:17:23 +04:00
dict-int.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
dict-xsyn.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
dml.sgml
Add OLD/NEW support to RETURNING in DML queries.
2025-01-16 14:57:35 +00:00
docguide.sgml
doc: Remove dead link to NewbieDoc Docbook Guide
2025-06-24 11:49:37 +02:00
earthdistance.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
ecpg.sgml
Fix assorted bugs in ecpg's macro mechanism.
2024-04-16 12:31:42 -04:00
errcodes.sgml
event-trigger.sgml
doc: Remove event trigger firing matrix
2024-11-06 13:43:17 +01:00
extend.sgml
Make "directory" setting work with extension_control_path
2025-05-02 16:35:48 +02:00
external-projects.sgml
doc: Replace list of drivers and PLs with wiki link
2023-08-23 14:13:07 +02:00
fdwhandler.sgml
doc: Mention AttributeRelationId in FDW validator function description
2023-12-28 20:09:12 +09:00
features.sgml
Add XMLText function (SQL/XML X038)
2023-11-06 09:38:29 +01:00
file-fdw.sgml
file_fdw: Add REJECT_LIMIT option to file_fdw.
2024-11-20 23:53:19 +09:00
filelist.sgml
pg_overexplain: Additional EXPLAIN options for debugging.
2025-03-26 13:52:21 -04:00
func.sgml
Revert "Clarify documentation for the initcap function"
2025-08-07 14:11:49 +03:00
fuzzystrmatch.sgml
Add support for Daitch-Mokotoff Soundex in contrib/fuzzystrmatch.
2023-04-07 17:32:26 -04:00
generate-errcodes-table.pl
Update copyright for 2025
2025-01-01 11:21:55 -05:00
generate-keywords-table.pl
Update copyright for 2025
2025-01-01 11:21:55 -05:00
generate-targets-meson.pl
Update copyright for 2025
2025-01-01 11:21:55 -05:00
generic-wal.sgml
docs: Consolidate into new "WAL for Extensions" chapter.
2024-04-15 15:57:13 -04:00
geqo.sgml
Doc: add XML ID attributes to <sectN> and <varlistentry> tags.
2023-01-09 15:08:24 -05:00
gin.sgml
docs: Merge separate chapters on built-in index AMs into one.
2024-04-05 10:34:04 -04:00
gist.sgml
Rename gist stratnum support function
2025-06-02 08:41:27 +02:00
glossary.sgml
docs: Add acronym and glossary entries for I/O and AIO
2025-04-01 13:30:33 -04:00
hash.sgml
docs: Merge separate chapters on built-in index AMs into one.
2024-04-05 10:34:04 -04:00
high-availability.sgml
Improve error message when standby does accept connections.
2025-04-02 15:13:01 +09:00
history.sgml
doc: Clarify project naming
2025-04-07 00:03:18 +02:00
hstore.sgml
Use @extschema:name@ notation in contrib transform modules.
2025-01-09 15:16:56 -05:00
indexam.sgml
doc: Inform about aminsertcleanup optional NULLness
2025-07-22 14:34:19 +09:00
indextypes.sgml
docs: Merge separate chapters on built-in index AMs into one.
2024-04-05 10:34:04 -04:00
indices.sgml
Add nbtree skip scan optimization.
2025-04-04 12:27:04 -04:00
info.sgml
information_schema.sgml
Add support for NOT ENFORCED in CHECK constraints
2025-01-11 10:52:30 +01:00
install-binaries.sgml
installation.sgml
Doc: correct spelling of meson switch.
2025-05-02 15:12:49 -04:00
intagg.sgml
doc, intagg: fix one-to-many mention to many-to-many
2023-12-07 19:36:52 -05:00
intarray.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
intro.sgml
doc: add links to Postgres features intro
2023-10-28 14:02:46 -04:00
isn.sgml
contrib/isn: Make weak mode a GUC setting, and fix related functions.
2025-03-16 13:45:48 -04:00
jit.sgml
EXPLAIN: Always use two fractional digits for row counts.
2025-02-27 11:27:16 -05:00
json.sgml
Document strange jsonb sort order for empty top level arrays
2025-01-03 10:36:30 -05:00
keywords.sgml
legal.sgml
Align organization wording in copyright statement
2025-05-16 11:20:07 -04:00
libpq.sgml
libpq: Remove PQservice()
2025-07-09 12:46:18 +09:00
limits.sgml
Document limit on the number of out-of-line values per table
2024-08-20 13:36:33 +07:00
lo.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
lobj.sgml
libpq: Deprecate pg_int64.
2025-03-25 21:40:00 +13:00
logical-replication.sgml
Doc: Fix logical replication examples.
2025-07-22 05:56:22 +00:00
logicaldecoding.sgml
doc: Formatting improvements
2025-08-07 14:07:19 +02:00
ltree.sgml
Use @extschema:name@ notation in contrib transform modules.
2025-01-09 15:16:56 -05:00
maintenance.sgml
Document pg_get_multixact_members().
2025-07-01 13:54:38 -05:00
Makefile
PDF docs build: avoid spurious "warn" in build logs.
2025-02-07 22:12:38 -05:00
manage-ag.sgml
doc: improve tablespace example query and link to helper funcs.
2024-11-01 15:54:16 -04:00
meson.build
Update copyright for 2025
2025-01-01 11:21:55 -05:00
mk_feature_tables.pl
Make all Perl warnings fatal
2023-12-29 18:20:00 +01:00
monitoring.sgml
doc: Clarify that total_vacuum_time excludes VACUUM FULL.
2025-07-16 08:06:17 +09:00
mvcc.sgml
doc: fix typo in mvcc clarification in commit 2fa255ce9b
2024-11-04 09:24:58 -05:00
nls.sgml
doc: Fix some typos and grammar
2023-10-25 09:40:55 +09:00
notation.sgml
oauth-validators.sgml
oauth: Improve validator docs on interruptibility
2025-03-19 16:58:06 +13:00
oid2name.sgml
|--- gitweb subject length limit ----------------|-email limit-|
2023-10-27 11:06:10 -04:00
pageinspect.sgml
doc: clarify default checksum behavior in non-master branches
2025-02-21 13:03:29 -05:00
parallel.sgml
Doc: InitPlans aren't parallel-restricted any more.
2024-09-26 10:37:51 -04:00
passwordcheck.sgml
Add passwordcheck.min_password_length.
2025-01-07 15:06:40 -06:00
perform.sgml
Add nbtree skip scan optimization.
2025-04-04 12:27:04 -04:00
pgbuffercache.sgml
doc: Add missing index entries and fix title formatting in pg_buffercache docs.
2025-07-24 11:44:22 +09:00
pgcrypto.sgml
Doc: fix PDF "contents ... exceed the available area" warnings.
2025-04-06 16:27:39 -04:00
pgfreespacemap.sgml
doc: Correct description of values used in FSM for indexes
2025-03-27 10:20:41 +09:00
pglogicalinspect.sgml
Add contrib/pg_logicalinspect.
2024-10-14 17:22:02 -07:00
pgoverexplain.sgml
doc: Add note about how to use pg_overexplain.
2025-07-17 10:25:59 -05:00
pgprewarm.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
pgrowlocks.sgml
pgrowlocks: change lock mode output labels for consistency
2023-09-26 17:41:48 -04:00
pgstatstatements.sgml
Remove the query_id_squash_values GUC
2025-03-27 13:33:37 +01:00
pgstattuple.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
pgsurgery.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
pgtrgm.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
pgvisibility.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
pgwalinspect.sgml
doc: Fix some typos and grammar
2023-10-25 09:40:55 +09:00
planstats.sgml
EXPLAIN: Always use two fractional digits for row counts.
2025-02-27 11:27:16 -05:00
plhandler.sgml
plperl.sgml
Block environment variable mutations from trusted PL/Perl.
2024-11-11 06:23:43 -08:00
plpgsql.sgml
Allow => syntax for named cursor arguments in plpgsql.
2025-03-03 18:00:13 -05:00
plpython.sgml
doc: add xreflabel text for libpq and PL/Python
2025-06-19 11:51:12 -04:00
pltcl.sgml
Improve PL/Tcl's method for choosing Tcl names of procedures.
2024-07-05 14:14:42 -04:00
postgres-fdw.sgml
Revert "postgres_fdw: Inherit the local transaction's access/deferrable modes."
2025-06-08 17:30:00 +09:00
postgres.sgml
Add support for OAUTHBEARER SASL mechanism
2025-02-20 16:25:17 +01:00
problems.sgml
doc: use more accurate URL for bug reporting
2024-11-04 15:08:01 -05:00
protocol.sgml
libpq: Complain about missing BackendKeyData later with PGgetCancel()
2025-08-01 18:27:47 +03:00
queries.sgml
Doc: improve description of window function processing.
2025-03-10 10:22:08 -04:00
query.sgml
doc: Add example file for COPY
2025-07-17 00:21:18 +02:00
rangetypes.sgml
README.links
README.non-ASCII
doc: update guidelines on non-ASCII characters in docs
2025-05-03 14:45:26 -04:00
reference.sgml
pg_createsubscriber: creates a new logical replica from a standby server
2024-03-25 12:42:47 +01:00
regress.sgml
Put PG_TEST_EXTRA doc items back in alphabetical order
2025-08-05 20:22:32 +02:00
release-18.sgml
fix apparent typo in release notes
2025-08-04 15:37:00 -04:00
release.sgml
doc: improve build for non-Latin1 characters
2024-11-01 12:46:51 -04:00
replication-origins.sgml
rowtypes.sgml
Add RETURNING support to MERGE.
2024-03-17 13:58:59 +00:00
rules.sgml
Show index search count in EXPLAIN ANALYZE, take 2.
2025-03-11 09:20:50 -04:00
runtime.sgml
Give up on running with NetBSD/OpenBSD's default semaphore settings.
2025-04-29 17:27:52 -04:00
seg.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
sepgsql.sgml
Convert sepgsql tests to TAP
2025-01-24 12:39:47 +01:00
sourcerepo.sgml
Remove distprep
2023-11-06 15:18:04 +01:00
sources.sgml
Revise GUC names quoting in messages again
2024-05-17 11:44:26 +02:00
spgist.sgml
docs: Merge separate chapters on built-in index AMs into one.
2024-04-05 10:34:04 -04:00
spi.sgml
Don't bother checking the result of SPI_connect[_ext] anymore.
2024-09-09 12:18:34 -04:00
sslinfo.sgml
Revert "Add notBefore and notAfter to SSL cert info display"
2024-03-22 22:58:41 +01:00
start.sgml
doc: clarify create database in start docs uses command line
2024-08-19 19:22:10 -04:00
storage.sgml
docs: Make claims about the benefits of HOT updates more precise.
2024-03-21 12:54:58 -04:00
stylesheet-common.xsl
Fix documentation build with older docbook-xsl
2024-02-08 11:38:46 +01:00
stylesheet-fo.xsl
doc PG relnotes: remove warning about commit links in PDF build
2024-09-19 18:05:22 -04:00
stylesheet-html-common.xsl
Fix documentation build with older docbook-xsl
2024-02-08 11:38:46 +01:00
stylesheet-html-nochunk.xsl
docs: html: load stylesheet via custom.css.source
2023-04-04 21:29:45 -07:00
stylesheet-man.xsl
Now that we have non-Latin1 SGML detection, restore Latin1 chars
2024-12-03 17:09:49 -05:00
stylesheet-speedup-common.xsl
stylesheet-speedup-xhtml.xsl
stylesheet-text.xsl
stylesheet.css
doc: Make HTML ids discoverable
2023-04-13 10:16:33 +02:00
stylesheet.css.xml
docs: html: load stylesheet via custom.css.source
2023-04-04 21:29:45 -07:00
stylesheet.xsl
docs: html: load stylesheet via custom.css.source
2023-04-04 21:29:45 -07:00
syntax.sgml
doc: Missing markup, punctuation and wordsmithing
2024-10-02 14:50:56 +02:00
system-views.sgml
doc: Clarify meaning of "idle" in idle_replication_slot_timeout.
2025-07-11 08:45:56 +09:00
tableam.sgml
doc: Add minimal C and SQL example to add a custom table AM handler
2024-10-07 15:47:40 +09:00
tablefunc.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
tablesample-method.sgml
targets-meson.txt
Update copyright for 2025
2025-01-01 11:21:55 -05:00
tcn.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
test-decoding.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
textsearch.sgml
doc: Clean up title case use
2025-06-16 11:43:52 +02:00
trigger.sgml
Doc: improve description of which role runs a trigger.
2025-06-05 15:24:15 -04:00
tsm-system-rows.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
tsm-system-time.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
typeconv.sgml
unaccent.sgml
unaccent: Add support for quoted translated characters
2023-09-20 12:29:36 +09:00
user-manag.sgml
doc: Missing markup, punctuation and wordsmithing
2024-10-02 14:50:56 +02:00
uuid-ossp.sgml
Doc: Update ulinks to RFC documents to avoid redirect
2024-04-10 13:53:25 +02:00
vacuumlo.sgml
version.sgml.in
meson: Add initial version of meson based build system
2022-09-21 22:37:17 -07:00
wal-for-extensions.sgml
docs: Consolidate into new "WAL for Extensions" chapter.
2024-04-15 15:57:13 -04:00
wal.sgml
Re-add GUC track_wal_io_timing
2025-02-26 09:49:59 +09:00
xact.sgml
Replace BackendIds with 0-based ProcNumbers
2024-03-03 19:38:22 +02:00
xaggr.sgml
xfunc.sgml
Add support for runtime arguments in injection points
2025-05-10 06:56:26 +09:00
xindex.sgml
Rename gist stratnum support function
2025-06-02 08:41:27 +02:00
xml2.sgml
Describe each contrib module in its SGML section title
2023-01-20 20:01:59 +01:00
xmltools_dep_wrapper
meson: docs: Add xml{lint,proc} wrapper to collect dependencies
2022-10-05 09:56:05 -07:00
xoper.sgml
Extend ALTER OPERATOR to allow setting more optimization attributes.
2023-10-20 12:28:46 -04:00
xplang.sgml
xtypes.sgml

README.non-ASCII 

<!-- doc/src/sgml/README.non-ASCII -->

Representation of non-ASCII characters
--------------------------------------

Find non-ASCII characters using:

        grep --recursive --color='auto' -P '[\x80-\xFF]' .

Convert to HTML4 named entity (&) escapes
-----------------------------------------

We support several output formats:

*  html (supports all Unicode characters)
*  man (supports all Unicode characters)
*  pdf (supports only Latin-1 characters)
*  info

While some output formatting tools support all Unicode characters,
others only support Latin-1 characters.  Specifically, the PDF rendering
engine can only display Latin-1 characters;  non-Latin-1 Unicode
characters are displayed as "###".

Therefore, in the SGML files, we can only use Latin-1 characters.  We
can use UTF8 representations of Latin-1 characters, or HTML entities of
Latin-1 characters, e.g., &Aacute;lvaro.

Do not use UTF numeric character escapes (&#nnn;).

When building the PDF docs, problem characters will appear as warnings.

HTML entities
        official:      http://www.w3.org/TR/html4/sgml/entities.html
        one page:      http://www.zipcon.net/~swhite/docs/computers/browsers/entities_page.html
        other lists:   http://www.zipcon.net/~swhite/docs/computers/browsers/entities.html
                       http://www.zipcon.net/~swhite/docs/computers/browsers/entities_page.html
                       https://en.wikipedia.org/wiki/List_of_XML_and_HTML_character_entity_references
View Git Blame Copy Permalink