Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit35379e9

Browse files
committed
Modify canonicalize_path() so if we would return a trailing "..", throw
an error instead.
1 parenta43ea12 commit35379e9

File tree

3 files changed

+59
-21
lines changed

3 files changed

+59
-21
lines changed

‎src/backend/postmaster/postmaster.c

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@
3737
*
3838
*
3939
* IDENTIFICATION
40-
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.464 2005/08/1218:23:53 tgl Exp $
40+
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.465 2005/08/1219:42:44 momjian Exp $
4141
*
4242
* NOTES
4343
*
@@ -377,8 +377,11 @@ PostmasterMain(int argc, char *argv[])
377377
char*userDoption=NULL;
378378
inti;
379379

380-
/* This will call exit() if strdup() fails. */
381-
progname=get_progname(argv[0]);
380+
if ((progname=get_progname(argv[0]))==NULL)
381+
{
382+
printf(_("unable to allocate memory for program name \"%s\".\n"),progname);
383+
ExitPostmaster(0);
384+
}
382385

383386
MyProcPid=PostmasterPid=getpid();
384387

‎src/port/Makefile

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
#for use only by the backend binaries
1616
#
1717
# IDENTIFICATION
18-
# $PostgreSQL: pgsql/src/port/Makefile,v 1.25 2005/03/20 03:53:39 momjian Exp $
18+
# $PostgreSQL: pgsql/src/port/Makefile,v 1.26 2005/08/12 19:42:45 momjian Exp $
1919
#
2020
#-------------------------------------------------------------------------
2121

@@ -31,6 +31,7 @@ LIBOBJS_SRV := $(LIBOBJS)
3131
LIBOBJS_SRV :=$(patsubst dirmod.o,dirmod_srv.o,$(LIBOBJS_SRV))
3232
LIBOBJS_SRV :=$(patsubst exec.o,exec_srv.o,$(LIBOBJS_SRV))
3333
LIBOBJS_SRV :=$(patsubst getaddrinfo.o,getaddrinfo_srv.o,$(LIBOBJS_SRV))
34+
LIBOBJS_SRV :=$(patsubst path.o,path_srv.o,$(LIBOBJS_SRV))
3435
LIBOBJS_SRV :=$(patsubst thread.o,thread_srv.o,$(LIBOBJS_SRV))
3536

3637
all: libpgport.a libpgport_srv.a
@@ -66,7 +67,7 @@ exec_srv.o: exec.c
6667
getaddrinfo_srv.o: getaddrinfo.c
6768
$(CC)$(CFLAGS)$(subst -DFRONTEND,,$(CPPFLAGS)) -c$< -o$@
6869

69-
snprintf_srv.o:snprintf.c
70+
path_srv.o:path.c
7071
$(CC)$(CFLAGS)$(subst -DFRONTEND,,$(CPPFLAGS)) -c$< -o$@
7172

7273
# No thread flags for server version

‎src/port/path.c

Lines changed: 50 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,16 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/port/path.c,v 1.54 2005/08/1203:07:45 momjian Exp $
11+
* $PostgreSQL: pgsql/src/port/path.c,v 1.55 2005/08/1219:42:45 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
1515

16-
#include"c.h"
16+
#ifndefFRONTEND
17+
#include"postgres.h"
18+
#else
19+
#include"postgres_fe.h"
20+
#endif
1721

1822
#include<ctype.h>
1923
#include<sys/stat.h>
@@ -226,6 +230,7 @@ canonicalize_path(char *path)
226230
{
227231
char*p,*to_p;
228232
boolwas_sep= false;
233+
intpending_strips=0;
229234

230235
#ifdefWIN32
231236
/*
@@ -284,19 +289,38 @@ canonicalize_path(char *path)
284289

285290
if (len>2&&strcmp(path+len-2,"/.")==0)
286291
trim_directory(path);
287-
/*
288-
*Process only a single trailing "..", and only if ".." does
289-
*not preceed it.
290-
*So, we only deal with "/usr/local/..", not with "/usr/local/../..".
291-
*We don't handle the even more complex cases, like
292-
*"usr/local/../../..".
293-
*/
294-
elseif (len>3&&strcmp(path+len-3,"/..")==0&&
295-
(len!=5||strcmp(path,"../..")!=0)&&
296-
(len<6||strcmp(path+len-6,"/../..")!=0))
292+
elseif (len>3&&strcmp(path+len-3,"/..")==0)
297293
{
298294
trim_directory(path);
299-
trim_directory(path);/* remove directory above */
295+
pending_strips++;
296+
}
297+
elseif (pending_strips>0)
298+
{
299+
/*If path is not "", we can keep trimming. Even if path is
300+
*"/", we can keep trimming because trim_directory never removes
301+
*the leading separator, and the parent directory of "/" is "/".
302+
*/
303+
if (*path!='\0')
304+
{
305+
trim_directory(path);
306+
pending_strips--;
307+
}
308+
else
309+
{
310+
/*
311+
*If we still have pending_strips, it means the supplied path
312+
*was exhausted and we still have more directories to move up.
313+
*This means that the resulting path is only parents, like
314+
*".." or "../..". If so, callers can not handle trailing "..",
315+
*so we exit.
316+
*/
317+
#ifndefFRONTEND
318+
elog(ERROR,"relative paths (\"..\") not supported");
319+
#else
320+
fprintf(stderr,_("relative paths (\"..\") not supported\n"));
321+
exit(1);
322+
#endif
323+
}
300324
}
301325
else
302326
break;
@@ -305,8 +329,10 @@ canonicalize_path(char *path)
305329

306330

307331
/*
308-
* Extracts the actual name of the program as called -
309-
* stripped of .exe suffix if any
332+
*Extracts the actual name of the program as called -
333+
*stripped of .exe suffix if any.
334+
* The server calling this must check for NULL return
335+
*and report the error.
310336
*/
311337
constchar*
312338
get_progname(constchar*argv0)
@@ -329,8 +355,16 @@ get_progname(const char *argv0)
329355
progname=strdup(nodir_name);
330356
if (progname==NULL)
331357
{
358+
#ifndefFRONTEND
359+
/*
360+
*No elog() support in postmaster at this stage,
361+
*so return NULL and print error at the call.
362+
*/
363+
returnNULL;
364+
#else
332365
fprintf(stderr,"%s: out of memory\n",nodir_name);
333-
exit(1);/* This could exit the postmaster */
366+
exit(1);
367+
#endif
334368
}
335369
progname[strlen(progname)- (sizeof(EXE)-1)]='\0';
336370
nodir_name=progname;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp