Commita973296

committed

Properly escape usernames in initdb, so names with single-quotes are

supported. Also add assert to catch future breakage.Also, improve documentation that "double"-quotes must be used inpg_hba.conf (not single quotes).

1 parenteb919e8 commita973296Copy full SHA for a973296

File tree

-5

lines changed

-5

lines changed

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@`
`80`	`80`	`Records cannot be continued across lines.`
`81`	`81`	`A record is made`
`82`	`82`	`up of a number of fields which are separated by spaces and/or tabs.`
`83`		`- Fields can contain white space if the field value is quoted.`
	`83`	`+ Fields can contain white space if the field value isdouble-quoted.`
`84`	`84`	`Quoting one of the keywords in a database, user, or address field (e.g.,`
`85`	`85`	`<literal>all</> or <literal>replication</>) makes the word lose its special`
`86`	`86`	`character, and just match a database, user, or host with that name.`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -56,6 +56,8 @@ scanstr(const char *s)`
`56`	`56`	`* appear in pairs, so there should be another character.`
`57`	`57`	`*/`
`58`	`58`	`i++;`
	`59`	`+/* The bootstrap parser is not as smart, so check here. */`
	`60`	`+Assert(s[i]=='\'');`
`59`	`61`	`newStr[j]=s[i];`
`60`	`62`	`}`
`61`	`63`	`elseif (s[i]=='\\')`

Lines changed: 3 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1395,7 +1395,7 @@ bootstrap_template1(void)`
`1395`	`1395`	`bki_lines=replace_token(bki_lines,"FLOAT8PASSBYVAL",`
`1396`	`1396`	`FLOAT8PASSBYVAL ?"true" :"false");`
`1397`	`1397`
`1398`		`-bki_lines=replace_token(bki_lines,"POSTGRES",username);`
	`1398`	`+bki_lines=replace_token(bki_lines,"POSTGRES",escape_quotes(username));`
`1399`	`1399`
`1400`	`1400`	`bki_lines=replace_token(bki_lines,"ENCODING",encodingid);`
`1401`	`1401`
`@@ -2043,8 +2043,8 @@ setup_privileges(void)`
`2043`	`2043`
`2044`	`2044`	`PG_CMD_OPEN;`
`2045`	`2045`
`2046`		`-priv_lines=replace_token(privileges_setup,`
`2047`		`-"$POSTGRES_SUPERUSERNAME",username);`
	`2046`	`+priv_lines=replace_token(privileges_setup,"$POSTGRES_SUPERUSERNAME",`
	`2047`	`+escape_quotes(username));`
`2048`	`2048`	`for (line=priv_lines;*line!=NULL;line++)`
`2049`	`2049`	`PG_CMD_PUTS(*line);`
`2050`	`2050`
`@@ -3056,7 +3056,6 @@ main(int argc, char *argv[])`
`3056`	`3056`	`canonicalize_path(pg_data);`
`3057`	`3057`
`3058`	`3058`	`#ifdefWIN32`
`3059`		`-`
`3060`	`3059`	`/*`
`3061`	`3060`	`* Before we execute another program, make sure that we are running with a`
`3062`	`3061`	`* restricted token. If not, re-execute ourselves with one.`

Comments

(0)