Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit05abd3b

Browse files
committed
Field conninfo strings throughout src/bin/scripts.
These programs nominally accepted conninfo strings, but they wouldproceed to use the original dbname parameter as though it were anunadorned database name. This caused "reindexdb dbname=foo" to issue anSQL command that always failed, and other programs printed a conninfostring in error messages that purported to print a database name. Fixboth problems by using PQdb() to retrieve actual database names.Continue to print the full conninfo string when reporting a connectionfailure. It is informative there, and if the database name is the soleproblem, the server-side error message will include the name. Beyondthose user-visible fixes, this allows a subsequent commit to synthesizeand use conninfo strings without that implementation detail leaking intomessages. As a side effect, the "vacuuming database" message nowappears after, not before, the connection attempt. Back-patch to 9.1(all supported versions).Reviewed by Michael Paquier and Peter Eisentraut.Security:CVE-2016-5424
1 parentdfb2d80 commit05abd3b

File tree

5 files changed

+20
-20
lines changed

5 files changed

+20
-20
lines changed

‎src/bin/scripts/clusterdb.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -209,10 +209,10 @@ cluster_one_database(const char *dbname, bool verbose, const char *table,
209209
{
210210
if (table)
211211
fprintf(stderr,_("%s: clustering of table \"%s\" in database \"%s\" failed: %s"),
212-
progname,table,dbname,PQerrorMessage(conn));
212+
progname,table,PQdb(conn),PQerrorMessage(conn));
213213
else
214214
fprintf(stderr,_("%s: clustering of database \"%s\" failed: %s"),
215-
progname,dbname,PQerrorMessage(conn));
215+
progname,PQdb(conn),PQerrorMessage(conn));
216216
PQfinish(conn);
217217
exit(1);
218218
}

‎src/bin/scripts/createlang.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -190,10 +190,10 @@ main(int argc, char *argv[])
190190
result=executeQuery(conn,sql.data,progname,echo);
191191
if (PQntuples(result)>0)
192192
{
193-
PQfinish(conn);
194193
fprintf(stderr,
195194
_("%s: language \"%s\" is already installed in database \"%s\"\n"),
196-
progname,langname,dbname);
195+
progname,langname,PQdb(conn));
196+
PQfinish(conn);
197197
/* separate exit status for "already installed" */
198198
exit(2);
199199
}

‎src/bin/scripts/droplang.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -197,10 +197,10 @@ main(int argc, char *argv[])
197197
result=executeQuery(conn,sql.data,progname,echo);
198198
if (PQntuples(result)==0)
199199
{
200-
PQfinish(conn);
201200
fprintf(stderr,_("%s: language \"%s\" is not installed in "
202201
"database \"%s\"\n"),
203-
progname,langname,dbname);
202+
progname,langname,PQdb(conn));
203+
PQfinish(conn);
204204
exit(1);
205205
}
206206
PQclear(result);

‎src/bin/scripts/reindexdb.c

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -228,7 +228,7 @@ main(int argc, char *argv[])
228228
}
229229
/* reindex database only if neither index nor table is specified */
230230
if (indexes.head==NULL&&tables.head==NULL)
231-
reindex_one_database(dbname,dbname,"DATABASE",host,port,
231+
reindex_one_database(NULL,dbname,"DATABASE",host,port,
232232
username,prompt_password,progname,echo);
233233
}
234234

@@ -244,6 +244,9 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
244244

245245
PGconn*conn;
246246

247+
conn=connectDatabase(dbname,host,port,username,prompt_password,
248+
progname, false);
249+
247250
initPQExpBuffer(&sql);
248251

249252
appendPQExpBuffer(&sql,"REINDEX");
@@ -252,23 +255,20 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
252255
elseif (strcmp(type,"INDEX")==0)
253256
appendPQExpBuffer(&sql," INDEX %s",name);
254257
elseif (strcmp(type,"DATABASE")==0)
255-
appendPQExpBuffer(&sql," DATABASE %s",fmtId(name));
258+
appendPQExpBuffer(&sql," DATABASE %s",fmtId(PQdb(conn)));
256259
appendPQExpBuffer(&sql,";\n");
257260

258-
conn=connectDatabase(dbname,host,port,username,prompt_password,
259-
progname, false);
260-
261261
if (!executeMaintenanceCommand(conn,sql.data,echo))
262262
{
263263
if (strcmp(type,"TABLE")==0)
264264
fprintf(stderr,_("%s: reindexing of table \"%s\" in database \"%s\" failed: %s"),
265-
progname,name,dbname,PQerrorMessage(conn));
265+
progname,name,PQdb(conn),PQerrorMessage(conn));
266266
if (strcmp(type,"INDEX")==0)
267267
fprintf(stderr,_("%s: reindexing of index \"%s\" in database \"%s\" failed: %s"),
268-
progname,name,dbname,PQerrorMessage(conn));
268+
progname,name,PQdb(conn),PQerrorMessage(conn));
269269
else
270270
fprintf(stderr,_("%s: reindexing of database \"%s\" failed: %s"),
271-
progname,dbname,PQerrorMessage(conn));
271+
progname,PQdb(conn),PQerrorMessage(conn));
272272
PQfinish(conn);
273273
exit(1);
274274
}
@@ -314,16 +314,16 @@ reindex_system_catalogs(const char *dbname, const char *host, const char *port,
314314
constchar*username,enumtrivalueprompt_password,
315315
constchar*progname,boolecho)
316316
{
317+
PGconn*conn;
317318
PQExpBufferDatasql;
318319

319-
PGconn*conn;
320+
conn=connectDatabase(dbname,host,port,username,prompt_password,
321+
progname, false);
320322

321323
initPQExpBuffer(&sql);
322324

323-
appendPQExpBuffer(&sql,"REINDEX SYSTEM %s;\n",dbname);
325+
appendPQExpBuffer(&sql,"REINDEX SYSTEM %s;\n",PQdb(conn));
324326

325-
conn=connectDatabase(dbname,host,port,username,prompt_password,
326-
progname, false);
327327
if (!executeMaintenanceCommand(conn,sql.data,echo))
328328
{
329329
fprintf(stderr,_("%s: reindexing of system catalogs failed: %s"),

‎src/bin/scripts/vacuumdb.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -304,10 +304,10 @@ vacuum_one_database(const char *dbname, bool full, bool verbose, bool and_analyz
304304
{
305305
if (table)
306306
fprintf(stderr,_("%s: vacuuming of table \"%s\" in database \"%s\" failed: %s"),
307-
progname,table,dbname,PQerrorMessage(conn));
307+
progname,table,PQdb(conn),PQerrorMessage(conn));
308308
else
309309
fprintf(stderr,_("%s: vacuuming of database \"%s\" failed: %s"),
310-
progname,dbname,PQerrorMessage(conn));
310+
progname,PQdb(conn),PQerrorMessage(conn));
311311
PQfinish(conn);
312312
exit(1);
313313
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp