8000 Specify the encoding of input to fmtId() · postgrespro/postgres@3e98c8c · GitHub
[go: up one dir, main page]

Skip to content

Commit 3e98c8c

Browse files
committed
Specify the encoding of input to fmtId()
This commit adds fmtIdEnc() and fmtQualifiedIdEnc(), which allow to specify the encoding as an explicit argument. Additionally setFmtEncoding() is provided, which defines the encoding when no explicit encoding is provided, to avoid breaking all code using fmtId(). All users of fmtId()/fmtQualifiedId() are either converted to the explicit version or a call to setFmtEncoding() has been added. This commit does not yet utilize the now well-defined encoding, that will happen in a subsequent commit. Reviewed-by: Noah Misch <noah@leadboat.com> Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> Backpatch-through: 13 Security: CVE-2025-1094
1 parent 4dc2896 commit 3e98c8c

File tree

13 files changed

+115
-24
lines changed

13 files changed

+115
-24
lines changed

src/bin/pg_dump/pg_backup_archiver.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2822,6 +2822,7 @@ processEncodingEntry(ArchiveHandle *AH, TocEntry *te)
28222822
pg_fatal("unrecognized encoding \"%s\"",
28232823
ptr1);
28242824
AH->public.encoding = encoding;
2825+
setFmtEncoding(encoding);
28252826
}
28262827
else
28272828
pg_fatal("invalid ENCODING item: %s",

src/bin/pg_dump/pg_dump.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1281,6 +1281,7 @@ setup_connection(Archive *AH, const char *dumpencoding,
12811281
* we know how to escape strings.
12821282
*/
12831283
AH->encoding = PQclientEncoding(conn);
1284+
setFmtEncoding(AH->encoding);
12841285

12851286
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
12861287
AH->std_strings = (std_strings && strcmp(std_strings, "on") == 0);

src/bin/pg_dump/pg_dumpall.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -524,6 +524,7 @@ main(int argc, char *argv[])
524524
* we know how to escape strings.
525525
*/
526526
encoding = PQclientEncoding(conn);
527+
setFmtEncoding(encoding);
527528
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
528529
if (!std_strings)
529530
std_strings = "off";

src/bin/psql/command.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1450,6 +1450,7 @@ exec_command_encoding(PsqlScanState scan_state, bool active_branch)
14501450
/* save encoding info into psql internal data */
14511451
pset.encoding = PQclientEncoding(pset.db);
14521452
pset.popt.topt.encoding = pset.encoding;
1453+
setFmtEncoding(pset.encoding);
14531454
SetVariable(pset.vars, "ENCODING",
14541455
pg_encoding_to_char(pset.encoding));
14551456
}
@@ -4135,6 +4136,8 @@ SyncVariables(void)
41354136
pset.popt.topt.encoding = pset.encoding;
41364137
pset.sversion = PQserverVersion(pset.db);
41374138

4139+
setFmtEncoding(pset.encoding);
4140+
41384141
SetVariable(pset.vars, "DBNAME", PQdb(pset.db));
41394142
SetVariable(pset.vars, "SERVICE", PQservice(pset.db));
41404143
SetVariable(pset.vars, "USER", PQuser(pset.db));

src/bin/scripts/common.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -111,8 +111,9 @@ appendQualifiedRelation(PQExpBuffer buf, const char *spec,
111111
exit(1);
112112
}
113113
appendPQExpBufferStr(buf,
114-
fmtQualifiedId(PQgetvalue(res, 0, 1),
115-
PQgetvalue(res, 0, 0)));
114+
fmtQualifiedIdEnc(PQgetvalue(res, 0, 1),
115+
PQgetvalue(res, 0, 0),
116+
PQclientEncoding(conn)));
116117
appendPQExpBufferStr(buf, columns);
117118
PQclear(res);
118119
termPQExpBuffer(&sql);

src/bin/scripts/createdb.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -198,6 +198,8 @@ main(int argc, char *argv[])
198198

199199
conn = connectMaintenanceDatabase(&cparams, progname, echo);
200200

201+
setFmtEncoding(PQclientEncoding(conn));
202+
201203
initPQExpBuffer(&sql);
202204

203205
appendPQExpBuffer(&sql, "CREA 8000 TE DATABASE %s",

src/bin/scripts/createuser.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -292,6 +292,8 @@ main(int argc, char *argv[])
292292

293293
conn = connectMaintenanceDatabase(&cparams, progname, echo);
294294

295+
setFmtEncoding(PQclientEncoding(conn));
296+
295297
initPQExpBuffer(&sql);
296298

297299
printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));

src/bin/scripts/dropdb.c

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -129,13 +129,6 @@ main(int argc, char *argv[])
129129
exit(0);
130130
}
131131

132-
initPQExpBuffer(&sql);
133-
134-
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
135-
(if_exists ? "IF EXISTS " : ""),
136-
fmtId(dbname),
137-
force ? " WITH (FORCE)" : "");
138-
139132
/* Avoid trying to drop postgres db while we are connected to it. */
140133
if (maintenance_db == NULL && strcmp(dbname, "postgres") == 0)
141134
maintenance_db = "template1";
@@ -149,6 +142,12 @@ main(int argc, char *argv[])
149142

150143
conn = connectMaintenanceDatabase(&cparams, progname, echo);
151144

145+
initPQExpBuffer(&sql);
146+
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
147+
(if_exists ? "IF EXISTS " : ""),
148+
fmtIdEnc(dbname, PQclientEncoding(conn)),
149+
force ? " WITH (FORCE)" : "");
150+
152151
if (echo)
153152
printf("%s\n", sql.data);
154153
result = PQexec(conn, sql.data);

src/bin/scripts/dropuser.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,8 @@ main(int argc, char *argv[])
143143

144144
initPQExpBuffer(&sql);
145145
appendPQExpBuffer(&sql, "DROP ROLE %s%s;",
146-
(if_exists ? "IF EXISTS " : ""), fmtId(dropuser));
146+
(if_exists ? "IF EXISTS " : ""),
147+
fmtIdEnc(dropuser, PQclientEncoding(conn)));
147148

148149
if (echo)
149150
printf("%s\n", sql.data);

src/bin/scripts/reindexdb.c

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -511,7 +511,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
511511

512512
if (tablespace)
513513
{
514-
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep, fmtId(tablespace));
514+
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep,
515+
fmtIdEnc(tablespace, PQclientEncoding(conn)));
515516
sep = comma;
516517
}
517518

@@ -551,7 +552,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
551552
{
552553
case REINDEX_DATABASE:
553554
case REINDEX_SYSTEM:
554-
appendPQExpBufferStr(&sql, fmtId(name));
555+
appendPQExpBufferStr(&sql,
556+
fmtIdEnc(name, PQclientEncoding(conn)));
555557
break;
556558
case REINDEX_INDEX:
557559
case REINDEX_TABLE:
@@ -774,8 +776,9 @@ get_parallel_object_list(PGconn *conn, ReindexType type,
774776
for (i = 0; i < ntups; i++)
775777
{
776778
appendPQExpBufferStr(&buf,
777-
fmtQualifiedId(PQgetvalue(res, i, 1),
778-
PQgetvalue(res, i, 0)));
779+
fmtQualifiedIdEnc(PQgetvalue(res, i, 1),
780+
PQgetvalue(res, i, 0),
781+
PQclientEncoding(conn)));
779782

780783
simple_string_list_append(tables, buf.data);
781784
resetPQExpBuffer(&buf);
@@ -787,8 +790,9 @@ get_parallel_object_list(PGconn *conn, ReindexType type,
787790
* the order of tables list.
788791
*/
789792
appendPQExpBufferStr(&buf,
790-
fmtQualifiedId(PQgetvalue(res, i, 1),
791-
PQgetvalue(res, i, 2)));
793+
fmtQualifiedIdEnc(PQgetvalue(res, i, 1),
794+
PQgetvalue(res, i, 2),
795+
PQclientEncoding(conn)));
792796

793797
simple_string_list_append(user_list, buf.data);
794798
resetPQExpBuffer(&buf);

0 commit comments

Comments
 (0)
0