8000 Field conninfo strings throughout src/bin/scripts. · s-monk/postgres@a466ea3 · GitHub
[go: up one dir, main page]
Skip to content

Commit a466ea3

Browse files
nmischnmisch
committed
Field conninfo strings throughout src/bin/scripts.
These programs nominally accepted conninfo strings, but they would proceed to use the original dbname parameter as though it were an unadorned database name. This caused "reindexdb dbname=foo" to issue an SQL command that always failed, and other programs printed a conninfo string in error messages that purported to print a database name. Fix both problems by using PQdb() to retrieve actual database names. Continue to print the full conninfo string when reporting a connection failure. It is informative there, and if the database name is the sole problem, the server-side error message will include the name. Beyond those user-visible fixes, this allows a subsequent commit to synthesize and use conninfo strings without that implementation detail leaking into messages. As a side effect, the "vacuuming database" message now appears after, not before, the connection attempt. Back-patch to 9.1 (all supported versions). Reviewed by Michael Paquier and Peter Eisentraut. Security: CVE-2016-5424
1 parent f744e89 commit a466ea3

File tree

5 files changed

+20
-20
lines changed

5 files changed

+20
-20
lines changed

src/bin/scripts/clusterdb.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -196,10 +196,10 @@ cluster_one_database(const char *dbname, bool verbose, const char *table,
196196
{
197197
if (table)
198198
fprintf(stderr, _("%s: clustering of table \"%s\" in database \"%s\" failed: %s"),
199-
progname, table, dbname, PQerrorMessage(conn));
199+
progname, table, PQdb(conn), PQerrorMessage(conn));
200200
else
201201
fprintf(stderr, _("%s: clustering of database \"%s\" failed: %s"),
202-
progname, dbname, PQerrorMessage(conn));
202+
progname, PQdb(conn), PQerrorMessage(conn));
203203
PQfinish(conn);
204204
exit(1);
205205
}

src/bin/scripts/createlang.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -190,10 +190,10 @@ main(int argc, char *argv[])
190190
result = executeQuery(conn, sql.data, progname, echo);
191191
if (PQntuples(result) > 0)
192192
{
193-
PQfinish(conn);
194193
fprintf(stderr,
195194
_("%s: language \"%s\" is already installed in database \"%s\"\n"),
196-
progname, langname, dbname);
195+
progname, langname, PQdb(conn));
196+
PQfinish(conn);
197197
/* separate exit status for "already installed" */
198198
exit(2);
199199
}

src/bin/scripts/droplang.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -197,10 +197,10 @@ main(int argc, char *argv[])
197197
result = executeQuery(conn, sql.data, progname, echo);
198198
if (PQntuples(result) == 0)
199199
{
200-
PQfinish(conn);
201200
fprintf(stderr, _("%s: language \"%s\" is not installed in "
202201
"database \"%s\"\n"),
203-
progname, langname, dbname);
202+
progname, langname, PQdb(conn));
203+
PQfinish(conn);
204204
exit(1);
205205
}
206206
PQclear(result);

src/bin/scripts/reindexdb.c

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -214,7 +214,7 @@ main(int argc, char *argv[])
214214
username, prompt_password, progname, echo);
215215
/* reindex database only if index or table is not specified */
216216
if (index == NULL && table == NULL)
217-
reindex_one_database(dbname, dbname, "DATABASE", host, port,
217+
reindex_one_database(NULL, dbname, "DATABASE", host, port,
218218
username, prompt_password, progname, echo);
219219
}
220220

@@ -230,6 +230,9 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
230230

231231
PGconn *conn;
232232

233+
conn = connectDatabase(dbname, host, port, username, prompt_password,
234+
progname, false);
235+
233236
initPQExpBuffer(&sql);
234237

235238
appendPQExpBuffer(&sql, "REINDEX");
@@ -238,23 +241,20 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
238241
else if (strcmp(type, "INDEX") == 0)
239242
appendPQExpBuffer(&sql, " INDEX %s", name);
240243
else if (strcmp(type, "DATABASE") == 0)
241-
appendPQExpBuffer(&sql, " DATABASE %s", fmtId(name));
244+
appendPQExpBuffer(&sql, " DATABASE %s", fmtId(PQdb(conn)));
242245
appendPQExpBuffer(&sql, ";\n");
243246

244-
conn = connectDatabase(dbname, host, port, username, prompt_password,
245-
progname, false);
246-
247247
if (!executeMaintenanceCommand(conn, sql.data, echo))
248248
{
249249
if (strcmp(type, "TABLE") == 0)
250250
fprintf(stderr, _("%s: reindexing of table \"%s\" in database \"%s\" failed: %s"),
251-
progname, name, dbname, PQerrorMessage(conn));
251+
progname, name, PQdb(conn), PQerrorMessage(conn));
252252
if (strcmp(type, "INDEX") == 0)
253253
fprintf(stderr, _("%s: reindexing of index \"%s\" in database \"%s\" failed: %s"),
254-
progname, name, dbname, PQerrorMessage(conn));
254+
progname, name, PQdb(conn), PQerrorMessage(conn));
255255
else
256256
fprintf(stderr, _("%s: reindexing of database \"%s\" failed: %s"),
257-
progname, dbname, PQerrorMessage(conn));
257+
progname, PQdb(conn), PQerrorMessage(conn));
258258
PQfinish(conn);
259259
exit(1);
260260
}
@@ -300,16 +300,16 @@ reindex_system_catalogs(const char *dbname, const char *host, const char *port,
300300
const char *username, enum trivalue prompt_password,
301301
const char *progname, bool echo)
302302
{
303+
PGconn *conn;
303304
PQExpBufferData sql;
304305

305-
PGconn *conn;
306+
conn = connectDatabase(dbname, host, port, username, prompt_password,
307+
progname, false);
306308

307309
initPQExpBuffer(&sql);
308310

309-
appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;\n", dbname);
311+
appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;\n", PQdb(conn));
310312

311-
conn = connectDatabase(dbname, host, port, username, prompt_password,
312-
progname, false);
313313
if (!executeMaintenanceCommand(conn, sql.data, echo))
314314
{
315315
fprintf(stderr, _("%s: reindexing of system catalogs 9E59 failed: %s"),

src/bin/scripts/vacuumdb.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -288,10 +288,10 @@ vacuum_one_database(const char *dbname, bool full, bool verbose, bool and_analyz
288288
{
289289
if (table)
290290
fprintf(stderr, _("%s: vacuuming of table \"%s\" in database \"%s\" failed: %s"),
291-
progname, table, dbname, PQerrorMessage(conn));
291+
progname, table, PQdb(conn), PQerrorMessage(conn));
292292
else
293293
fprintf(stderr, _("%s: vacuuming of database \"%s\" failed: %s"),
294-
progname, dbname, PQerrorMessage(conn));
294+
progname, PQdb(conn), PQerrorMessage(conn));
295295
PQfinish(conn);
296296
exit(1);
297297
}

0 commit comments

Comments
 (0)
0