8000 Disallow arrays in key provider options · percona/postgres@fe50a21 · GitHub
[go: up one dir, main page]
Skip to content

Commit fe50a21

Browse files
AndersAstrandAndersAstrand
committed
Disallow arrays in key provider options
These are never valid values anyways, so just disallow them completely.
1 parent dc90962 commit fe50a21

File tree

3 files changed

+32
-1
lines changed

3 files changed

+32
-1
lines changed

contrib/pg_tde/expected/key_provider.out

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -208,6 +208,13 @@ SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "
208208
ERROR: external remote value must contain "url" in field "path"
209209
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
210210
ERROR: external file value must contain "path" in field "path"
211+
-- Creating key providers fails if values are array instead of scalar
212+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
213+
ERROR: unexpected array in field "path"
214+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
215+
ERROR: unexpected array in field "path"
216+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
217+
ERROR: unexpected array in field "path"
211218
-- Modifying key providers fails if any required parameter is NULL
212219
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
213220
ERROR: provider type cannot be null
@@ -242,6 +249,13 @@ SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"
242249
ERROR: external remote value must contain "url" in field "path"
243250
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
244251
ERROR: external file value must contain "path" in field "path"
252+
-- Modifying key providers fails if values are array instead of scalar
253+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
254+
ERROR: unexpected array in field "path"
255+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
256+
ERROR: unexpected array in field "path"
257+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
258+
ERROR: unexpected array in field "path"
245259
-- Deleting key providers fails if key name is NULL
246260
SELECT pg_tde_delete_database_key_provider(NULL);
247261
ERROR: provider_name cannot be null

contrib/pg_tde/sql/key_provider.sql

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,11 @@ SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {}}');
8686
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote"}}');
8787
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
8888

89+
-- Creating key providers fails if values are array instead of scalar
90+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
91+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
92+
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
93+
8994
-- Modifying key providers fails if any required parameter is NULL
9095
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
9196
SELECT pg_tde_change_database_key_provider('file', NULL, '{}');
@@ -108,6 +113,12 @@ SELECT pg_tde_change_database_key_provider('file', 'file-provider', 'null');
108113
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {}}');
109114
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "remote"}}');
110115
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
116+
117+
-- Modifying key providers fails if values are array instead of scalar
118+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
119+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
120+
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
121+
111122
-- Deleting key providers fails if key name is NULL
112123
SELECT pg_tde_delete_database_key_provider(NULL);
113124
SELECT pg_tde_delete_global_key_provider(NULL);

contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -209,9 +209,15 @@ json_kring_array_start(void *state)
209209
break;
210210
case JK_EXPECT_TOP_FIELD:
211211
case JK_EXPECT_EXTERN_VAL:
212+
ereport(ERROR,
213+
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
214+
errmsg("unexpected array in field \"%s\"", JK_FIELD_NAMES[parse->top_level_field]));
215+
break;
212216
}
213217

214-
return JSON_SUCCESS;
218+
/* Never reached */
219+
Assert(0);
220+
return JSON_SEM_ACTION_FAILED;
215221
}
216222

217223
/*

0 commit comments

Comments
 (0)
0