diff options
| author | Noah Misch <noah@leadboat.com> | 2016-08-08 10:07:53 -0400 |
|---|---|---|
| committer | Noah Misch <noah@leadboat.com> | 2016-08-08 10:07:54 -0400 |
| commit | c761c9fee082623777466e6a5841056960fc006c (patch) | |
| tree | facd3a045d75a0cb060545d510caeebb4dd257fa | |
| parent | 2d69f5b12e5a99eea7bc175fa30e612384bf9e52 (diff) | |
| download | postgresql-c761c9fee082623777466e6a5841056960fc006c.tar.gz postgresql-c761c9fee082623777466e6a5841056960fc006c.zip | |
Back-patch "Only quote libpq connection string values that need quoting."
Back-patch commit 2953cd6d17210935098c803c52c6df5b12a725b9 and certain
runPgDump() bits of 3dee636e0404885d07885d41c0d70e50c784f324 to 9.2 and
9.1. This synchronizes their doConnStrQuoting() implementations with
later releases. Subsequent security patches will modify that function.
Security: CVE-2016-5424
| -rw-r--r-- | src/bin/pg_dump/pg_dumpall.c | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/src/bin/pg_dump/pg_dumpall.c b/src/bin/pg_dump/pg_dumpall.c index ec7e65e3130..76702c68b87 100644 --- a/src/bin/pg_dump/pg_dumpall.c +++ b/src/bin/pg_dump/pg_dumpall.c @@ -1620,7 +1620,7 @@ dumpDatabases(PGconn *conn) static int runPgDump(const char *dbname) { - PQExpBuffer connstr = createPQExpBuffer(); + PQExpBuffer connstrbuf = createPQExpBuffer(); PQExpBuffer cmd = createPQExpBuffer(); int ret; @@ -1642,11 +1642,10 @@ runPgDump(const char *dbname) * database name as is, but if it contains any = characters, it would * incorrectly treat it as a connection string. */ - appendPQExpBuffer(connstr, "dbname='"); - doConnStrQuoting(connstr, dbname); - appendPQExpBuffer(connstr, "'"); + appendPQExpBufferStr(connstrbuf, "dbname="); + doConnStrQuoting(connstrbuf, dbname); - doShellQuoting(cmd, connstr->data); + doShellQuoting(cmd, connstrbuf->data); appendPQExpBuffer(cmd, "%s", SYSTEMQUOTE); @@ -1659,7 +1658,7 @@ runPgDump(const char *dbname) ret = system(cmd->data); destroyPQExpBuffer(cmd); - destroyPQExpBuffer(connstr); + destroyPQExpBuffer(connstrbuf); return ret; } @@ -1891,15 +1890,40 @@ dumpTimestamp(char *msg) static void doConnStrQuoting(PQExpBuffer buf, const char *str) { - while (*str) + const char *s; + bool needquotes; + + /* + * If the string consists entirely of plain ASCII characters, no need to + * quote it. This is quite conservative, but better safe than sorry. + */ + needquotes = false; + for (s = str; *s; s++) + { + if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') || + (*s >= '0' && *s <= '9') || *s == '_' || *s == '.')) + { + needquotes = true; + break; + } + } + + if (needquotes) { - /* ' and \ must be escaped by to \' and \\ */ - if (*str == '\'' || *str == '\\') - appendPQExpBufferChar(buf, '\\'); + appendPQExpBufferChar(buf, '\''); + while (*str) + { + /* ' and \ must be escaped by to \' and \\ */ + if (*str == '\'' || *str == '\\') + appendPQExpBufferChar(buf, '\\'); - appendPQExpBufferChar(buf, *str); - str++; + appendPQExpBufferChar(buf, *str); + str++; + } + appendPQExpBufferChar(buf, '\''); } + else + appendPQExpBufferStr(buf, str); } /* |