Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit22c9222

Browse files
committed
Fix de-escaping checks so that we will reject \000 as well as other invalidly
encoded sequences. Per discussion of a couple of days ago.
1 parentc1c40e5 commit22c9222

File tree

2 files changed

+28
-26
lines changed

2 files changed

+28
-26
lines changed

‎src/backend/commands/copy.c

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/commands/copy.c,v 1.307 2009/03/31 22:12:46 tgl Exp $
11+
* $PostgreSQL: pgsql/src/backend/commands/copy.c,v 1.308 2009/04/19 21:08:54 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -2718,7 +2718,7 @@ CopyReadAttributesText(CopyState cstate, int maxfields, char **fieldvals)
27182718
char*start_ptr;
27192719
char*end_ptr;
27202720
intinput_len;
2721-
boolsaw_high_bit= false;
2721+
boolsaw_non_ascii= false;
27222722

27232723
/* Make sure space remains in fieldvals[] */
27242724
if (fieldno >=maxfields)
@@ -2783,8 +2783,8 @@ CopyReadAttributesText(CopyState cstate, int maxfields, char **fieldvals)
27832783
}
27842784
}
27852785
c=val&0377;
2786-
if (IS_HIGHBIT_SET(c))
2787-
saw_high_bit= true;
2786+
if (c=='\0'||IS_HIGHBIT_SET(c))
2787+
saw_non_ascii= true;
27882788
}
27892789
break;
27902790
case'x':
@@ -2808,8 +2808,8 @@ CopyReadAttributesText(CopyState cstate, int maxfields, char **fieldvals)
28082808
}
28092809
}
28102810
c=val&0xff;
2811-
if (IS_HIGHBIT_SET(c))
2812-
saw_high_bit= true;
2811+
if (c=='\0'||IS_HIGHBIT_SET(c))
2812+
saw_non_ascii= true;
28132813
}
28142814
}
28152815
break;
@@ -2847,11 +2847,11 @@ CopyReadAttributesText(CopyState cstate, int maxfields, char **fieldvals)
28472847
*output_ptr++='\0';
28482848

28492849
/*
2850-
* If we de-escaped achar with the highbit set, make sure we still
2850+
* If we de-escaped anon-7-bit-ASCII char, make sure we still
28512851
* have valid data for the db encoding. Avoid calling strlen here for
28522852
* the sake of efficiency.
28532853
*/
2854-
if (saw_high_bit)
2854+
if (saw_non_ascii)
28552855
{
28562856
char*fld=fieldvals[fieldno];
28572857

‎src/backend/parser/scan.l

Lines changed: 20 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@
2424
* Portions Copyright (c) 1994, Regents of the University of California
2525
*
2626
* IDENTIFICATION
27-
* $PostgreSQL: pgsql/src/backend/parser/scan.l,v 1.150 2009/04/14 22:18:47 tgl Exp $
27+
* $PostgreSQL: pgsql/src/backend/parser/scan.l,v 1.151 2009/04/19 21:08:54 tgl Exp $
2828
*
2929
*-------------------------------------------------------------------------
3030
*/
@@ -60,7 +60,7 @@ boolescape_string_warning = true;
6060
boolstandard_conforming_strings =false;
6161

6262
staticboolwarn_on_first_escape;
63-
staticbool saw_high_bit =false;
63+
staticboolsaw_non_ascii =false;
6464

6565
/*
6666
* literalbuf is used to accumulate literal values when multiple rules
@@ -453,7 +453,7 @@ other.
453453

454454
{xqstart}{
455455
warn_on_first_escape =true;
456-
saw_high_bit =false;
456+
saw_non_ascii =false;
457457
SET_YYLLOC();
458458
if (standard_conforming_strings)
459459
BEGIN(xq);
@@ -463,7 +463,7 @@ other.
463463
}
464464
{xestart}{
465465
warn_on_first_escape =false;
466-
saw_high_bit =false;
466+
saw_non_ascii =false;
467467
SET_YYLLOC();
468468
BEGIN(xe);
469469
startlit();
@@ -477,10 +477,11 @@ other.
477477
<xq,xe>{quotefail} {
478478
yyless(1);
479479
BEGIN(INITIAL);
480-
/* check that the data remains valid if it might have been
480+
/*
481+
* check that the data remains valid if it might have been
481482
* made invalid by unescaping any chars.
482483
*/
483-
if (saw_high_bit)
484+
if (saw_non_ascii)
484485
pg_verifymbstr(literalbuf, literallen,false);
485486
yylval.str =litbufdup();
486487
return SCONST;
@@ -526,16 +527,16 @@ other.
526527

527528
check_escape_warning();
528529
addlitchar(c);
529-
if (IS_HIGHBIT_SET(c))
530-
saw_high_bit =true;
530+
if (c =='\0' ||IS_HIGHBIT_SET(c))
531+
saw_non_ascii =true;
531532
}
532533
<xe>{xehexesc} {
533534
unsignedchar c =strtoul(yytext+2,NULL,16);
534535

535536
check_escape_warning();
536537
addlitchar(c);
537-
if (IS_HIGHBIT_SET(c))
538-
saw_high_bit =true;
538+
if (c =='\0' ||IS_HIGHBIT_SET(c))
539+
saw_non_ascii =true;
539540
}
540541
<xq,xe,xus>{quotecontinue} {
541542
/* ignore */
@@ -1083,21 +1084,18 @@ litbuf_udeescape(unsigned char escape)
10831084
}
10841085

10851086
*out ='\0';
1087+
/*
1088+
* We could skip pg_verifymbstr if we didn't process any non-7-bit-ASCII
1089+
* codes; but it's probably not worth the trouble, since this isn't
1090+
* likely to be a performance-critical path.
1091+
*/
10861092
pg_verifymbstr(new, out -new,false);
10871093
returnnew;
10881094
}
10891095

10901096
staticunsignedchar
10911097
unescape_single_char(unsignedchar c)
10921098
{
1093-
/* Normally we wouldn't expect to see \n where n has its high bit set
1094-
* but we set the flag to check the string if we do get it, so
1095-
* that this doesn't become a way of getting around the coding validity
1096-
* checks.
1097-
*/
1098-
if (IS_HIGHBIT_SET(c))
1099-
saw_high_bit =true;
1100-
11011099
switch (c)
11021100
{
11031101
case'b':
@@ -1111,6 +1109,10 @@ unescape_single_char(unsigned char c)
11111109
case't':
11121110
return'\t';
11131111
default:
1112+
/* check for backslash followed by non-7-bit-ASCII */
1113+
if (c =='\0' ||IS_HIGHBIT_SET(c))
1114+
saw_non_ascii =true;
1115+
11141116
return c;
11151117
}
11161118
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp