NotificationsYou must be signed in to change notification settings
Fork91
Star762

Commit7418c0b

committed

Merge branch 'master' into issue_413

2 parents23397f4 +002d7b5 commit7418c0bCopy full SHA for 7418c0b

File tree

25 files changed

+393

-100

lines changed

.travis.yml
src
- backup.c
- checkdb.c
- ptrack.c
- util.c
- utils
  - pgut.c
tests
travis

25 files changed

+393

-100

lines changed

`‎.travis.yml‎`

Lines changed: 5 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,7 @@ notifications:`
`26`	`26`
`27`	`27`	`# Default MODE is basic, i.e. all tests with PG_PROBACKUP_TEST_BASIC=ON`
`28`	`28`	`env:`
	`29`	`+ -PG_VERSION=14 PG_BRANCH=REL_14_STABLE`
`29`	`30`	`-PG_VERSION=13 PG_BRANCH=REL_13_STABLE`
`30`	`31`	`-PG_VERSION=12 PG_BRANCH=REL_12_STABLE`
`31`	`32`	`-PG_VERSION=11 PG_BRANCH=REL_11_STABLE`
`@@ -42,9 +43,11 @@ env:`
`42`	`43`	`# - PG_VERSION=12 PG_BRANCH=REL_12_STABLE MODE=replica`
`43`	`44`	`# - PG_VERSION=12 PG_BRANCH=REL_12_STABLE MODE=retention`
`44`	`45`	`# - PG_VERSION=12 PG_BRANCH=REL_12_STABLE MODE=restore`
	`46`	`+ -PG_VERSION=15 PG_BRANCH=master`
`45`	`47`
`46`		`-#jobs:`
`47`		`-# allow_failures:`
	`48`	`+jobs:`
	`49`	`+allow_failures:`
	`50`	`+ -if:env(PG_BRANCH) = master`
`48`	`51`	`# - if: env(MODE) IN (archive, backup, delta, locking, merge, replica, retention, restore)`
`49`	`52`
`50`	`53`	`# Only run CI for master branch commits to limit our travis usage`

`‎src/backup.c‎`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -928,7 +928,7 @@ check_server_version(PGconn conn, PGNodeInfo nodeInfo)`
`928`	`928`	`nodeInfo->server_version_str,"9.6");`
`929`	`929`
`930`	`930`	`if (nodeInfo->pgpro_support)`
`931`		`-res=pgut_execute(conn,"SELECT pgpro_edition()",0,NULL);`
	`931`	`+res=pgut_execute(conn,"SELECTpg_catalog.pgpro_edition()",0,NULL);`
`932`	`932`
`933`	`933`	`/*`
`934`	`934`	`* Check major version of connected PostgreSQL and major version of`
`@@ -1120,7 +1120,7 @@ pgpro_support(PGconn *conn)`
`1120`	`1120`	`PGresult*res;`
`1121`	`1121`
`1122`	`1122`	`res=pgut_execute(conn,`
`1123`		`-"SELECT proname FROM pg_proc WHERE proname='pgpro_edition'",`
	`1123`	`+"SELECT proname FROMpg_catalog.pg_proc WHERE proname='pgpro_edition'::name AND pronamespace='pg_catalog'::regnamespace::oid",`
`1124`	`1124`	`0,NULL);`
`1125`	`1125`
`1126`	`1126`	`if (PQresultStatus(res)==PGRES_TUPLES_OK&&`
`@@ -1159,7 +1159,7 @@ get_database_map(PGconn *conn)`
`1159`	`1159`	`*/`
`1160`	`1160`	`res=pgut_execute_extended(conn,`
`1161`	`1161`	`"SELECT oid, datname FROM pg_catalog.pg_database "`
`1162`		`-"WHERE datname NOT IN ('template1', 'template0')",`
	`1162`	`+"WHERE datname NOT IN ('template1'::name, 'template0'::name)",`
`1163`	`1163`	`0,NULL, true, true);`
`1164`	`1164`
`1165`	`1165`	`/* Don't error out, simply return NULL. See comment above. */`

`‎src/checkdb.c‎`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -357,10 +357,10 @@ get_index_list(const char *dbname, bool first_db_with_amcheck,`
`357`	`357`
`358`	`358`	`res=pgut_execute(db_conn,"SELECT "`
`359`	`359`	`"extname, nspname, extversion "`
`360`		`-"FROM pg_namespace n "`
`361`		`-"JOIN pg_extension e "`
	`360`	`+"FROMpg_catalog.pg_namespace n "`
	`361`	`+"JOINpg_catalog.pg_extension e "`
`362`	`362`	`"ON n.oid=e.extnamespace "`
`363`		`-"WHERE e.extname IN ('amcheck', 'amcheck_next') "`
	`363`	`+"WHERE e.extname IN ('amcheck'::name, 'amcheck_next'::name) "`
`364`	`364`	`"ORDER BY extversion DESC "`
`365`	`365`	`"LIMIT 1",`
`366`	`366`	`0,NULL);`
`@@ -556,8 +556,8 @@ do_amcheck(ConnectionOptions conn_opt, PGconn *conn)`
`556`	`556`
`557`	`557`	`res_db=pgut_execute(conn,`
`558`	`558`	`"SELECT datname, oid, dattablespace "`
`559`		`-"FROM pg_database "`
`560`		`-"WHERE datname NOT IN ('template0', 'template1')",`
	`559`	`+"FROMpg_catalog.pg_database "`
	`560`	`+"WHERE datname NOT IN ('template0'::name, 'template1'::name)",`
`561`	`561`	`0,NULL);`
`562`	`562`
`563`	`563`	`/* we don't need this connection anymore */`

`‎src/ptrack.c‎`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -169,7 +169,7 @@ get_ptrack_version(PGconn backup_conn, PGNodeInfo nodeInfo)`
`169`	`169`
`170`	`170`	`res_db=pgut_execute(backup_conn,`
`171`	`171`	`"SELECT extnamespace::regnamespace, extversion "`
`172`		`-"FROM pg_catalog.pg_extension WHERE extname = 'ptrack'",`
	`172`	`+"FROM pg_catalog.pg_extension WHERE extname = 'ptrack'::name",`
`173`	`173`	`0,NULL);`
`174`	`174`
`175`	`175`	`if (PQntuples(res_db)>0)`
`@@ -187,7 +187,7 @@ get_ptrack_version(PGconn backup_conn, PGNodeInfo nodeInfo)`
`187`	`187`	`/* ptrack 1.x is supported, save version */`
`188`	`188`	`PQclear(res_db);`
`189`	`189`	`res_db=pgut_execute(backup_conn,`
`190`		`-"SELECT proname FROM pg_proc WHERE proname='ptrack_version'",`
	`190`	`+"SELECT proname FROMpg_catalog.pg_proc WHERE proname='ptrack_version'::name",`
`191`	`191`	`0,NULL);`
`192`	`192`
`193`	`193`	`if (PQntuples(res_db)==0)`
`@@ -285,7 +285,7 @@ pg_ptrack_clear(PGconn *backup_conn, int ptrack_version_num)`
`285`	`285`
`286`	`286`	`params[0]=palloc(64);`
`287`	`287`	`params[1]=palloc(64);`
`288`		`-res_db=pgut_execute(backup_conn,"SELECT datname, oid, dattablespace FROM pg_database",`
	`288`	`+res_db=pgut_execute(backup_conn,"SELECT datname, oid, dattablespace FROMpg_catalog.pg_database",`
`289`	`289`	`0,NULL);`
`290`	`290`
`291`	`291`	`for(i=0;i<PQntuples(res_db);i++)`
`@@ -335,7 +335,7 @@ pg_ptrack_get_and_clear_db(Oid dbOid, Oid tblspcOid, PGconn *backup_conn)`
`335`	`335`
`336`	`336`	`sprintf(params[0],"%i",dbOid);`
`337`	`337`	`res_db=pgut_execute(backup_conn,`
`338`		`-"SELECT datname FROM pg_database WHERE oid=$1",`
	`338`	`+"SELECT datname FROMpg_catalog.pg_database WHERE oid=$1",`
`339`	`339`	`1, (constchar**)params);`
`340`	`340`	`/*`
`341`	`341`	`* If database is not found, it's not an error.`

`‎src/util.c‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -169,7 +169,7 @@ get_current_timeline(PGconn *conn)`
`169`	`169`	`char*val;`
`170`	`170`
`171`	`171`	`res=pgut_execute_extended(conn,`
`172`		`-"SELECT timeline_id FROM pg_control_checkpoint()",0,NULL, true, true);`
	`172`	`+"SELECT timeline_id FROMpg_catalog.pg_control_checkpoint()",0,NULL, true, true);`
`173`	`173`
`174`	`174`	`if (PQresultStatus(res)==PGRES_TUPLES_OK)`
`175`	`175`	`val=PQgetvalue(res,0,0);`

`‎src/utils/pgut.c‎`

Lines changed: 29 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,12 @@`
`20`	`20`	`#include"common/string.h"`
`21`	`21`	`#endif`
`22`	`22`
	`23`	`+#ifPG_VERSION_NUM >=100000`
	`24`	`+#include"common/connect.h"`
	`25`	`+#else`
	`26`	`+#include"fe_utils/connect.h"`
	`27`	`+#endif`
	`28`	`+`
`23`	`29`	`#include<time.h>`
`24`	`30`
`25`	`31`	`#include"pgut.h"`
`@@ -257,7 +263,7 @@ pgut_connect(const char host, const char port,`
`257`	`263`	`pthread_lock(&atexit_callback_disconnect_mutex);`
`258`	`264`	`pgut_atexit_push(pgut_disconnect_callback,conn);`
`259`	`265`	`pthread_mutex_unlock(&atexit_callback_disconnect_mutex);`
`260`		`-returnconn;`
	`266`	`+break;`
`261`	`267`	`}`
`262`	`268`
`263`	`269`	`if (conn&&PQconnectionNeedsPassword(conn)&&prompt_password)`
`@@ -279,6 +285,28 @@ pgut_connect(const char host, const char port,`
`279`	`285`	`PQfinish(conn);`
`280`	`286`	`returnNULL;`
`281`	`287`	`}`
	`288`	`+`
	`289`	`+/*`
	`290`	`+ * Fix for CVE-2018-1058. This code was taken with small modification from`
	`291`	`+ * src/bin/pg_basebackup/streamutil.c:GetConnection()`
	`292`	`+ */`
	`293`	`+if (dbname!=NULL)`
	`294`	`+{`
	`295`	`+PGresult*res;`
	`296`	`+`
	`297`	`+res=PQexec(conn,ALWAYS_SECURE_SEARCH_PATH_SQL);`
	`298`	`+if (PQresultStatus(res)!=PGRES_TUPLES_OK)`
	`299`	`+{`
	`300`	`+elog(ERROR,"could not clear search_path: %s",`
	`301`	`+PQerrorMessage(conn));`
	`302`	`+PQclear(res);`
	`303`	`+PQfinish(conn);`
	`304`	`+returnNULL;`
	`305`	`+}`
	`306`	`+PQclear(res);`
	`307`	`+}`
	`308`	`+`
	`309`	`+returnconn;`
`282`	`310`	`}`
`283`	`311`
`284`	`312`	`PGconn*`

`‎tests/CVE_2018_1058.py‎`

Lines changed: 143 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,143 @@`
	`1`	`+importos`
	`2`	`+importunittest`
	`3`	`+from .helpers.ptrack_helpersimportProbackupTest,ProbackupException`
	`4`	`+`
	`5`	`+module_name='CVE-2018-1058'`
	`6`	`+`
	`7`	`+classCVE_2018_1058(ProbackupTest,unittest.TestCase):`
	`8`	`+`
	`9`	`+# @unittest.skip("skip")`
	`10`	`+deftest_basic_default_search_path(self):`
	`11`	`+""""""`
	`12`	`+fname=self.id().split('.')[3]`
	`13`	`+backup_dir=os.path.join(self.tmp_path,module_name,fname,'backup')`
	`14`	`+node=self.make_simple_node(`
	`15`	`+base_dir=os.path.join(module_name,fname,'node'),`
	`16`	`+set_replication=True)`
	`17`	`+`
	`18`	`+self.init_pb(backup_dir)`
	`19`	`+self.add_instance(backup_dir,'node',node)`
	`20`	`+node.slow_start()`
	`21`	`+`
	`22`	`+node.safe_psql(`
	`23`	`+'postgres',`
	`24`	`+"CREATE FUNCTION public.pgpro_edition() "`
	`25`	`+"RETURNS text "`
	`26`	`+"AS $$ "`
	`27`	`+"BEGIN "`
	`28`	`+" RAISE 'pg_probackup vulnerable!'; "`
	`29`	`+"END "`
	`30`	`+"$$ LANGUAGE plpgsql")`
	`31`	`+`
	`32`	`+self.backup_node(backup_dir,'node',node,backup_type='full',options=['--stream'])`
	`33`	`+`
	`34`	`+# Clean after yourself`
	`35`	`+self.del_test_dir(module_name,fname)`
	`36`	`+`
	`37`	`+# @unittest.skip("skip")`
	`38`	`+deftest_basic_backup_modified_search_path(self):`
	`39`	`+""""""`
	`40`	`+fname=self.id().split('.')[3]`
	`41`	`+backup_dir=os.path.join(self.tmp_path,module_name,fname,'backup')`
	`42`	`+node=self.make_simple_node(`
	`43`	`+base_dir=os.path.join(module_name,fname,'node'),`
	`44`	`+set_replication=True)`
	`45`	`+self.set_auto_conf(node,options={'search_path':'public,pg_catalog'})`
	`46`	`+`
	`47`	`+self.init_pb(backup_dir)`
	`48`	`+self.add_instance(backup_dir,'node',node)`
	`49`	`+node.slow_start()`
	`50`	`+`
	`51`	`+node.safe_psql(`
	`52`	`+'postgres',`
	`53`	`+"CREATE FUNCTION public.pg_control_checkpoint(OUT timeline_id integer, OUT dummy integer) "`
	`54`	`+"RETURNS record "`
	`55`	`+"AS $$ "`
	`56`	`+"BEGIN "`
	`57`	`+" RAISE '% vulnerable!', 'pg_probackup'; "`
	`58`	`+"END "`
	`59`	`+"$$ LANGUAGE plpgsql")`
	`60`	`+`
	`61`	`+node.safe_psql(`
	`62`	`+'postgres',`
	`63`	`+"CREATE FUNCTION public.pg_proc(OUT proname name, OUT dummy integer) "`
	`64`	`+"RETURNS record "`
	`65`	`+"AS $$ "`
	`66`	`+"BEGIN "`
	`67`	`+" RAISE '% vulnerable!', 'pg_probackup'; "`
	`68`	`+"END "`
	`69`	`+"$$ LANGUAGE plpgsql; "`
	`70`	`+"CREATE VIEW public.pg_proc AS SELECT proname FROM public.pg_proc()")`
	`71`	`+`
	`72`	`+self.backup_node(backup_dir,'node',node,backup_type='full',options=['--stream'])`
	`73`	`+`
	`74`	`+log_file=os.path.join(node.logs_dir,'postgresql.log')`
	`75`	`+withopen(log_file,'r')asf:`
	`76`	`+log_content=f.read()`
	`77`	`+self.assertFalse(`
	`78`	`+'pg_probackup vulnerable!'inlog_content)`
	`79`	`+`
	`80`	`+# Clean after yourself`
	`81`	`+self.del_test_dir(module_name,fname)`
	`82`	`+`
	`83`	`+# @unittest.skip("skip")`
	`84`	`+deftest_basic_checkdb_modified_search_path(self):`
	`85`	`+""""""`
	`86`	`+fname=self.id().split('.')[3]`
	`87`	`+node=self.make_simple_node(`
	`88`	`+base_dir=os.path.join(module_name,fname,'node'),`
	`89`	`+initdb_params=['--data-checksums'])`
	`90`	`+self.set_auto_conf(node,options={'search_path':'public,pg_catalog'})`
	`91`	`+node.slow_start()`
	`92`	`+`
	`93`	`+node.safe_psql(`
	`94`	`+'postgres',`
	`95`	`+"CREATE FUNCTION public.pg_database(OUT datname name, OUT oid oid, OUT dattablespace oid) "`
	`96`	`+"RETURNS record "`
	`97`	`+"AS $$ "`
	`98`	`+"BEGIN "`
	`99`	`+" RAISE 'pg_probackup vulnerable!'; "`
	`100`	`+"END "`
	`101`	`+"$$ LANGUAGE plpgsql; "`
	`102`	`+"CREATE VIEW public.pg_database AS SELECT * FROM public.pg_database()")`
	`103`	`+`
	`104`	`+node.safe_psql(`
	`105`	`+'postgres',`
	`106`	`+"CREATE FUNCTION public.pg_extension(OUT extname name, OUT extnamespace oid, OUT extversion text) "`
	`107`	`+"RETURNS record "`
	`108`	`+"AS $$ "`
	`109`	`+"BEGIN "`
	`110`	`+" RAISE 'pg_probackup vulnerable!'; "`
	`111`	`+"END "`
	`112`	`+"$$ LANGUAGE plpgsql; "`
	`113`	`+"CREATE FUNCTION public.pg_namespace(OUT oid oid, OUT nspname name) "`
	`114`	`+"RETURNS record "`
	`115`	`+"AS $$ "`
	`116`	`+"BEGIN "`
	`117`	`+" RAISE 'pg_probackup vulnerable!'; "`
	`118`	`+"END "`
	`119`	`+"$$ LANGUAGE plpgsql; "`
	`120`	`+"CREATE VIEW public.pg_extension AS SELECT * FROM public.pg_extension();"`
	`121`	`+"CREATE VIEW public.pg_namespace AS SELECT * FROM public.pg_namespace();"`
	`122`	`+ )`
	`123`	`+`
	`124`	`+try:`
	`125`	`+self.checkdb_node(`
	`126`	`+options=[`
	`127`	`+'--amcheck',`
	`128`	`+'--skip-block-validation',`
	`129`	`+'-d','postgres','-p',str(node.port)])`
	`130`	`+self.assertEqual(`
	`131`	`+1,0,`
	`132`	`+"Expecting Error because amcheck{,_next} not installed\n"`
	`133`	`+" Output: {0}\n CMD: {1}".format(`
	`134`	`+repr(self.output),self.cmd))`
	`135`	`+exceptProbackupExceptionase:`
	`136`	`+self.assertIn(`
	`137`	`+"WARNING: Extension 'amcheck' or 'amcheck_next' are not installed in database postgres",`
	`138`	`+e.message,`
	`139`	`+"\n Unexpected Error Message: {0}\n CMD: {1}".format(`
	`140`	`+repr(e.message),self.cmd))`
	`141`	`+`
	`142`	`+# Clean after yourself`
	`143`	`+self.del_test_dir(module_name,fname)`

`‎tests/Readme.md‎`

Lines changed: 5 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,11 @@ Specify path to pg_probackup binary file. By default tests use <Path to Git repo`
`30`	`30`	`Remote backup depends on key authentication to local machine via ssh as current user.`
`31`	`31`	`export PGPROBACKUP_SSH_REMOTE=ON`
`32`	`32`
	`33`	`+Run tests that are relied on advanced debugging features. For this mode, pg_probackup should be compiled without optimizations. For example:`
	`34`	`+CFLAGS="-O0" ./configure --prefix=/path/to/prefix --enable-debug --enable-cassert --enable-depend --enable-tap-tests`
	`35`	`+`
	`36`	`+ export PGPROBACKUP_GDB=ON`
	`37`	`+`
`33`	`38`	`Run suit of basic simple tests:`
`34`	`39`	`export PG_PROBACKUP_TEST_BASIC=ON`
`35`	`40`

`‎tests/init.py‎`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,8 @@`
`6`	`6`	`retention,pgpro560,pgpro589,pgpro2068,false_positive,replica, \`
`7`	`7`	`compression,page,ptrack,archive,exclude,cfs_backup,cfs_restore, \`
`8`	`8`	`cfs_validate_backup,auth_test,time_stamp,snapfs,logging, \`
`9`		`-locking,remote,external,config,checkdb,set_backup,incr_restore`
	`9`	`+locking,remote,external,config,checkdb,set_backup,incr_restore, \`
	`10`	`+CVE_2018_1058`
`10`	`11`
`11`	`12`
`12`	`13`	`defload_tests(loader,tests,pattern):`
`@@ -55,6 +56,7 @@ def load_tests(loader, tests, pattern):`
`55`	`56`	`suite.addTests(loader.loadTestsFromModule(snapfs))`
`56`	`57`	`suite.addTests(loader.loadTestsFromModule(time_stamp))`
`57`	`58`	`suite.addTests(loader.loadTestsFromModule(validate))`
	`59`	`+suite.addTests(loader.loadTestsFromModule(CVE_2018_1058))`
`58`	`60`
`59`	`61`	`returnsuite`
`60`	`62`

`‎tests/archive.py‎`

Lines changed: 7 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1547,8 +1547,8 @@ def test_archive_catalog_1(self):`
`1547`	`1547`	`double segment - compressed and not`
`1548`	`1548`	`"""`
`1549`	`1549`	`ifnotself.archive_compress:`
`1550`		`-returnself.fail(`
`1551`		`-'You need to enable ARCHIVE_COMPRESSIONfor this test to run')`
	`1550`	`+self.skipTest('You need to enable ARCHIVE_COMPRESSION '`
	`1551`	`+'for this test to run')`
`1552`	`1552`
`1553`	`1553`	`fname=self.id().split('.')[3]`
`1554`	`1554`	`backup_dir=os.path.join(self.tmp_path,module_name,fname,'backup')`
`@@ -1602,8 +1602,8 @@ def test_archive_catalog_2(self):`
`1602`	`1602`	`double segment - compressed and not`
`1603`	`1603`	`"""`
`1604`	`1604`	`ifnotself.archive_compress:`
`1605`		`-returnself.fail(`
`1606`		`-'You need to enable ARCHIVE_COMPRESSIONfor this test to run')`
	`1605`	`+self.skipTest('You need to enable ARCHIVE_COMPRESSION '`
	`1606`	`+'for this test to run')`
`1607`	`1607`
`1608`	`1608`	`fname=self.id().split('.')[3]`
`1609`	`1609`	`backup_dir=os.path.join(self.tmp_path,module_name,fname,'backup')`
`@@ -1659,6 +1659,9 @@ def test_archive_options(self):`
`1659`	`1659`	`check that '--archive-host', '--archive-user', '--archiver-port'`
`1660`	`1660`	`and '--restore-command' are working as expected.`
`1661`	`1661`	`"""`
	`1662`	`+ifnotself.remote:`
	`1663`	`+self.skipTest("You must enable PGPROBACKUP_SSH_REMOTE"`
	`1664`	`+" for run this test")`
`1662`	`1665`	`fname=self.id().split('.')[3]`
`1663`	`1666`	`backup_dir=os.path.join(self.tmp_path,module_name,fname,'backup')`
`1664`	`1667`	`node=self.make_simple_node(`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit7418c0b

File tree

25 files changed

25 files changed

`‎.travis.yml‎`

`‎src/backup.c‎`

`‎src/checkdb.c‎`

`‎src/ptrack.c‎`

`‎src/util.c‎`

`‎src/utils/pgut.c‎`

`‎tests/CVE_2018_1058.py‎`

`‎tests/Readme.md‎`

`‎tests/init.py‎`

`‎tests/archive.py‎`

0 commit comments