diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2018-09-06 10:49:45 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2018-09-06 10:49:45 -0400 |
| commit | c79b39fb1c5bbb5a8e2f86a2187b31b2c3b3ae96 (patch) | |
| tree | c0a62c476437cec8241f864f853cf870cc7b6746 | |
| parent | ccd9a4dbc8806806e82e764e91263383741a782a (diff) | |
| download | postgresql-c79b39fb1c5bbb5a8e2f86a2187b31b2c3b3ae96.tar.gz postgresql-c79b39fb1c5bbb5a8e2f86a2187b31b2c3b3ae96.zip | |
Make contrib/unaccent's unaccent() function work when not in search path.
Since the fixes for CVE-2018-1058, we've advised people to schema-qualify
function references in order to fix failures in code that executes under
a minimal search_path setting. However, that's insufficient to make the
single-argument form of unaccent() work, because it looks up the "unaccent"
text search dictionary using the search path.
The most expedient answer seems to be to remove the search_path dependency
by making it look in the same schema that the unaccent() function itself
is declared in. This will definitely work for the normal usage of this
function with the unaccent dictionary provided by the extension.
It's barely possible that there are people who were relying on the
search-path-dependent behavior to select other dictionaries with the same
name; but if there are any such people at all, they can still get that
behavior by writing unaccent('unaccent', ...), or possibly
unaccent('unaccent'::text::regdictionary, ...) if the lookup has to be
postponed to runtime.
Per complaint from Gunnlaugur Thor Briem. Back-patch to all supported
branches.
Discussion: https://postgr.es/m/CAPs+M8LCex6d=DeneofdsoJVijaG59m9V0ggbb3pOH7hZO4+cQ@mail.gmail.com
| -rw-r--r-- | contrib/unaccent/unaccent.c | 18 | ||||
| -rw-r--r-- | doc/src/sgml/unaccent.sgml | 8 |
2 files changed, 22 insertions, 4 deletions
diff --git a/contrib/unaccent/unaccent.c b/contrib/unaccent/unaccent.c index eafb4107b0d..b9ec9d3315a 100644 --- a/contrib/unaccent/unaccent.c +++ b/contrib/unaccent/unaccent.c @@ -20,6 +20,8 @@ #include "tsearch/ts_locale.h" #include "tsearch/ts_public.h" #include "utils/builtins.h" +#include "utils/lsyscache.h" +#include "utils/syscache.h" PG_MODULE_MAGIC; @@ -375,7 +377,21 @@ unaccent_dict(PG_FUNCTION_ARGS) if (PG_NARGS() == 1) { - dictOid = get_ts_dict_oid(stringToQualifiedNameList("unaccent"), false); + /* + * Use the "unaccent" dictionary that is in the same schema that this + * function is in. + */ + Oid procnspid = get_func_namespace(fcinfo->flinfo->fn_oid); + const char *dictname = "unaccent"; + + dictOid = GetSysCacheOid2(TSDICTNAMENSP, + PointerGetDatum(dictname), + ObjectIdGetDatum(procnspid)); + if (!OidIsValid(dictOid)) + ereport(ERROR, + (errcode(ERRCODE_UNDEFINED_OBJECT), + errmsg("text search dictionary \"%s.%s\" does not exist", + get_namespace_name(procnspid), dictname))); strArg = 0; } else diff --git a/doc/src/sgml/unaccent.sgml b/doc/src/sgml/unaccent.sgml index 1382fafc5ec..d6c12fd5a78 100644 --- a/doc/src/sgml/unaccent.sgml +++ b/doc/src/sgml/unaccent.sgml @@ -171,12 +171,14 @@ mydb=# select ts_headline('fr','Hôtel de la Mer',to_tsquery('fr','Hotels') </indexterm> <synopsis> -unaccent(<optional><replaceable class="PARAMETER">dictionary</replaceable>, </optional> <replaceable class="PARAMETER">string</replaceable>) returns <type>text</type> +unaccent(<optional><replaceable class="parameter">dictionary</replaceable> <type>regdictionary</type>, </optional> <replaceable class="parameter">string</replaceable> <type>text</type>) returns <type>text</type> </synopsis> <para> - If the <replaceable class="PARAMETER">dictionary</replaceable> argument is - omitted, <literal>unaccent</> is assumed. + If the <replaceable class="parameter">dictionary</replaceable> argument is + omitted, the text search dictionary named <literal>unaccent</literal> and + appearing in the same schema as the <function>unaccent()</function> + function itself is used. </para> <para> |