Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit771e127

Browse files
committed
Reject empty names and recursion in config-file include directives.
An empty file name or subdirectory name leads join_path_components() tojust produce the parent directory name, which leads to weird failures orrecursive inclusions. Let's throw a specific error for that. It takesonly slightly more code to detect all-blank names, so do so.Also, detect direct recursion, ie a file calling itself. As codedthis will also detect recursion via "include_dir '.'", which isperhaps more likely than explicitly including the file itself.Detecting indirect recursion would require API changes for guc-file.lfunctions, which seems not worth it since extensions might call them.The nesting depth limit will catch such cases eventually, just notwith such an on-point error message.In passing, adjust the example usages in postgresql.conf.sampleto perhaps eliminate the problem at the source: there's no reasonfor the examples to suggest that an empty value is valid.Per a trouble report from Brent Bates. Back-patch to 9.5; theissue is old, but the code in 9.4 is enough different that thepatch doesn't apply easily, and it doesn't seem worth the troubleto fix there.Ian Barwick and Tom LaneDiscussion:https://postgr.es/m/8c8bcbca-3bd9-dc6e-8986-04a5abdef142@2ndquadrant.com
1 parentc900960 commit771e127

File tree

2 files changed

+63
-4
lines changed

2 files changed

+63
-4
lines changed

‎src/backend/utils/misc/guc-file.l

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -565,6 +565,22 @@ ParseConfigFile(const char *config_file, bool strict,
565565
boolOK =true;
566566
FILE *fp;
567567

568+
/*
569+
* Reject file name that is all-blank (including empty), as that leads to
570+
* confusion --- we'd try to read the containing directory as a file.
571+
*/
572+
if (strspn(config_file,"\t\r\n") ==strlen(config_file))
573+
{
574+
ereport(elevel,
575+
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
576+
errmsg("empty configuration file name:\"%s\"",
577+
config_file)));
578+
record_config_file_error("empty configuration file name",
579+
calling_file, calling_lineno,
580+
head_p, tail_p);
581+
returnfalse;
582+
}
583+
568584
/*
569585
* Reject too-deep include nesting depth. This is just a safety check to
570586
* avoid dumping core due to stack overflow if an include file loops back
@@ -583,6 +599,26 @@ ParseConfigFile(const char *config_file, bool strict,
583599
}
584600

585601
abs_path =AbsoluteConfigLocation(config_file, calling_file);
602+
603+
/*
604+
* Reject direct recursion. Indirect recursion is also possible, but it's
605+
* harder to detect and so doesn't seem worth the trouble. (We test at
606+
* this step because the canonicalization done by AbsoluteConfigLocation
607+
* makes it more likely that a simple strcmp comparison will match.)
608+
*/
609+
if (calling_file &&strcmp(abs_path, calling_file) ==0)
610+
{
611+
ereport(elevel,
612+
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
613+
errmsg("configuration file recursion in\"%s\"",
614+
calling_file)));
615+
record_config_file_error("configuration file recursion",
616+
calling_file, calling_lineno,
617+
head_p, tail_p);
618+
pfree(abs_path);
619+
returnfalse;
620+
}
621+
586622
fp =AllocateFile(abs_path,"r");
587623
if (!fp)
588624
{
@@ -931,6 +967,28 @@ ParseConfigDirectory(const char *includedir,
931967
intsize_filenames;
932968
boolstatus;
933969

970+
/*
971+
* Reject directory name that is all-blank (including empty), as that
972+
* leads to confusion --- we'd read the containing directory, typically
973+
* resulting in recursive inclusion of the same file(s).
974+
*/
975+
if (strspn(includedir,"\t\r\n") ==strlen(includedir))
976+
{
977+
ereport(elevel,
978+
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
979+
errmsg("empty configuration directory name:\"%s\"",
980+
includedir)));
981+
record_config_file_error("empty configuration directory name",
982+
calling_file, calling_lineno,
983+
head_p, tail_p);
984+
returnfalse;
985+
}
986+
987+
/*
988+
* We don't check for recursion or too-deep nesting depth here; the
989+
* subsequent calls to ParseConfigFile will take care of that.
990+
*/
991+
934992
directory =AbsoluteConfigLocation(includedir, calling_file);
935993
d =AllocateDir(directory);
936994
if (d ==NULL)

‎src/backend/utils/misc/postgresql.conf.sample

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -645,12 +645,13 @@
645645
#------------------------------------------------------------------------------
646646

647647
# These options allow settings to be loaded from files other than the
648-
# default postgresql.conf.
648+
# default postgresql.conf. Note that these are directives, not variable
649+
# assignments, so they can usefully be given more than once.
649650

650-
#include_dir = ''# include files ending in '.conf' from
651+
#include_dir = '...'# include files ending in '.conf' from
651652
# a directory, e.g., 'conf.d'
652-
#include_if_exists = ''# include file only if it exists
653-
#include = ''# include file
653+
#include_if_exists = '...'# include file only if it exists
654+
#include = '...'# include file
654655

655656

656657
#------------------------------------------------------------------------------

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp