+# Exercise backslashes adjacent to double quotes, a Windows special case.
+dbname2=`awk 'BEGIN { for (i = 46; i < 91; i++) printf "%c", i }'
+dbname3=`awk 'BEGIN { for (i = 91; i < 128; i++) printf "%c", i }'
+createdb "$dbname1" || createdb_status=$?
+createdb "$dbname2" || createdb_status=$?
+createdb "$dbname3" || createdb_status=$?
+
if "$MAKE" -C "$oldsrc" installcheck; then
pg_dumpall -f "$temp_root"/dump1.sql || pg_dumpall1_status=$?
if [ "$newsrc" != "$oldsrc" ]; then
make_installcheck_status=$?
fi
$oldbindir/pg_ctl -m fast stop
+if [ -n "$createdb_status" ]; then
+ exit 1
+fi
if [ -n "$make_installcheck_status" ]; then
exit 1
fi
}
+/*
+ * Append the given string to the shell command being built in the buffer,
+ * with suitable shell-style quoting to create exactly one argument.
+ *
+ * Forbid LF or CR characters, which have scant practical use beyond designing
+ * security breaches. The Windows command shell is unusable as a conduit for
+ * arguments containing LF or CR characters. A future major release should
+ * reject those characters in CREATE ROLE and CREATE DATABASE, because use
+ * there eventually leads to errors here.
+ */
+void
+appendShellString(PQExpBuffer buf, const char *str)
+{
+ const char *p;
+
+#ifndef WIN32
+ appendPQExpBufferChar(buf, '\'');
+ for (p = str; *p; p++)
+ {
+ if (*p == '\n' || *p == '\r')
+ {
+ fprintf(stderr,
+ _("shell command argument contains a newline or carriage return: \"%s\"\n"),
+ str);
+ exit(EXIT_FAILURE);
+ }
+
+ if (*p == '\'')
+ appendPQExpBufferStr(buf, "'\"'\"'");
+ else
+ appendPQExpBufferChar(buf, *p);
+ }
+ appendPQExpBufferChar(buf, '\'');
+#else /* WIN32 */
+ int backslash_run_length = 0;
+
+ /*
+ * A Windows system() argument experiences two layers of interpretation.
+ * First, cmd.exe interprets the string. Its behavior is undocumented,
+ * but a caret escapes any byte except LF or CR that would otherwise have
+ * special meaning. Handling of a caret before LF or CR differs between
+ * "cmd.exe /c" and other modes, and it is unusable here.
+ *
+ * Second, the new process parses its command line to construct argv (see
+ * https://msdn.microsoft.com/en-us/library/17w5ykft.aspx). This treats
+ * backslash-double quote sequences specially.
+ */
+ appendPQExpBufferStr(buf, "^\"");
+ for (p = str; *p; p++)
+ {
+ if (*p == '\n' || *p == '\r')
+ {
+ fprintf(stderr,
+ _("shell command argument contains a newline or carriage return: \"%s\"\n"),
+ str);
+ exit(EXIT_FAILURE);
+ }
+
+ /* Change N backslashes before a double quote to 2N+1 backslashes. */
+ if (*p == '"')
+ {
+ while (backslash_run_length)
+ {
+ appendPQExpBufferStr(buf, "^\\");
+ backslash_run_length--;
+ }
+ appendPQExpBufferStr(buf, "^\\");
+ }
+ else if (*p == '\\')
+ backslash_run_length++;
+ else
+ backslash_run_length = 0;
+
+ /*
+ * Decline to caret-escape the most mundane characters, to ease
+ * debugging and lest we approach the command length limit.
+ */
+ if (!((*p >= 'a' && *p <= 'z') ||
+ (*p >= 'A' && *p <= 'Z') ||
+ (*p >= '0' && *p <= '9')))
+ appendPQExpBufferChar(buf, '^');
+ appendPQExpBufferChar(buf, *p);
+ }
+
+ /*
+ * Change N backslashes at end of argument to 2N backslashes, because they
+ * precede the double quote that terminates the argument.
+ */
+ while (backslash_run_length)
+ {
+ appendPQExpBufferStr(buf, "^\\");
+ backslash_run_length--;
+ }
+ appendPQExpBufferStr(buf, "^\"");
+#endif /* WIN32 */
+}
+
+
+/*
+ * Append the given string to the buffer, with suitable quoting for passing
+ * the string as a value, in a keyword/pair value in a libpq connection
+ * string
+ */
+void
+appendConnStrVal(PQExpBuffer buf, const char *str)
+{
+ const char *s;
+ bool needquotes;
+
+ /*
+ * If the string is one or more plain ASCII characters, no need to quote
+ * it. This is quite conservative, but better safe than sorry.
+ */
+ needquotes = true;
+ for (s = str; *s; s++)
+ {
+ if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') ||
+ (*s >= '0' && *s <= '9') || *s == '_' || *s == '.'))
+ {
+ needquotes = true;
+ break;
+ }
+ needquotes = false;
+ }
+
+ if (needquotes)
+ {
+ appendPQExpBufferChar(buf, '\'');
+ while (*str)
+ {
+ /* ' and \ must be escaped by to \' and \\ */
+ if (*str == '\'' || *str == '\\')
+ appendPQExpBufferChar(buf, '\\');
+
+ appendPQExpBufferChar(buf, *str);
+ str++;
+ }
+ appendPQExpBufferChar(buf, '\'');
+ }
+ else
+ appendPQExpBufferStr(buf, str);
+}
+
+
+/*
+ * Append a psql meta-command that connects to the given database with the
+ * then-current connection's user, host and port.
+ */
+void
+appendPsqlMetaConnect(PQExpBuffer buf, const char *dbname)
+{
+ const char *s;
+ bool complex;
+
+ /*
+ * If the name is plain ASCII characters, emit a trivial "\connect "foo"".
+ * For other names, even many not technically requiring it, skip to the
+ * general case. No database has a zero-length name.
+ */
+ complex = false;
+ for (s = dbname; *s; s++)
+ {
+ if (*s == '\n' || *s == '\r')
+ {
+ fprintf(stderr,
+ _("database name contains a newline or carriage return: \"%s\"\n"),
+ dbname);
+ exit(EXIT_FAILURE);
+ }
+
+ if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') ||
+ (*s >= '0' && *s <= '9') || *s == '_' || *s == '.'))
+ {
+ complex = true;
+ }
+ }
+
+ appendPQExpBufferStr(buf, "\\connect ");
+ if (complex)
+ {
+ PQExpBufferData connstr;
+
+ initPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, dbname);
+
+ appendPQExpBuffer(buf, "-reuse-previous=on ");
+
+ /*
+ * As long as the name does not contain a newline, SQL identifier
+ * quoting satisfies the psql meta-command parser. Prefer not to
+ * involve psql-interpreted single quotes, which behaved differently
+ * before PostgreSQL 9.2.
+ */
+ appendPQExpBufferStr(buf, quote_identifier(connstr.data));
+
+ termPQExpBuffer(&connstr);
+ }
+ else
+ appendPQExpBufferStr(buf, quote_identifier(dbname));
+ appendPQExpBufferChar(buf, '\n');
+}
+
+
/*
* get_user_info()
*/
found = true;
if (!check_mode)
{
+ PQExpBufferData connectbuf;
+
if (script == NULL && (script = fopen_priv(output_path, "w")) == NULL)
pg_fatal("could not open file \"%s\": %s\n", output_path, getErrorText());
- fprintf(script, "\\connect %s\n",
- quote_identifier(active_db->db_name));
+
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, active_db->db_name);
+ fputs(connectbuf.data, script);
+ termPQExpBuffer(&connectbuf);
+
fprintf(script,
"SELECT pg_catalog.lo_create(t.loid)\n"
"FROM (SELECT DISTINCT loid FROM pg_catalog.pg_largeobject) AS t;\n");
pg_fatal("could not open file \"%s\": %s\n", output_path, getErrorText());
if (!db_used)
{
- fprintf(script, "\\connect %s\n\n",
- quote_identifier(active_db->db_name));
+ PQExpBufferData connectbuf;
+
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, active_db->db_name);
+ appendPQExpBufferChar(&connectbuf, '\n');
+ fputs(connectbuf.data, script);
+ termPQExpBuffer(&connectbuf);
db_used = true;
}
pg_fatal("could not open file \"%s\": %s\n", output_path, getErrorText());
if (!db_used)
{
- fprintf(script, "\\connect %s\n",
- quote_identifier(active_db->db_name));
+ PQExpBufferData connectbuf;
+
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, active_db->db_name);
+ fputs(connectbuf.data, script);
+ termPQExpBuffer(&connectbuf);
db_used = true;
}
fprintf(script, "REINDEX INDEX %s.%s;\n",
pg_fatal("could not open file \"%s\": %s\n", output_path, getErrorText());
if (!db_used)
{
- fprintf(script, "\\connect %s\n",
- quote_identifier(active_db->db_name));
+ PQExpBufferData connectbuf;
+
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, active_db->db_name);
+ fputs(connectbuf.data, script);
+ termPQExpBuffer(&connectbuf);
db_used = true;
}
fprintf(script, "REINDEX INDEX %s.%s;\n",
pg_fatal("could not open file \"%s\": %s\n", output_path, getErrorText());
if (!db_used)
{
- fprintf(script, "\\connect %s\n\n",
- quote_identifier(active_db->db_name));
+ PQExpBufferData connectbuf;
+
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, active_db->db_name);
+ appendPQExpBufferChar(&connectbuf, '\n');
+ fputs(connectbuf.data, script);
+ termPQExpBuffer(&connectbuf);
db_used = true;
}
PQconninfoOption *conn_opt;
char *err_msg = NULL;
+ /* pg_recvlogical uses dbname only; others use connection_string only. */
+ Assert(dbname == NULL || connection_string == NULL);
+
/*
* Merge the connection info inputs given in form of connection string,
* options and default values (dbname=replication, replication=true, etc.)
+ * Explicitly discard any dbname value in the connection string;
+ * otherwise, PQconnectdbParams() would interpret that value as being
+ * itself a connection string.
*/
i = 0;
if (connection_string)
for (conn_opt = conn_opts; conn_opt->keyword != NULL; conn_opt++)
{
- if (conn_opt->val != NULL && conn_opt->val[0] != '\0')
+ if (conn_opt->val != NULL && conn_opt->val[0] != '\0' &&
+ strcmp(conn_opt->keyword, "dbname") != 0)
argcount++;
}
for (conn_opt = conn_opts; conn_opt->keyword != NULL; conn_opt++)
{
- if (conn_opt->val != NULL && conn_opt->val[0] != '\0')
+ if (conn_opt->val != NULL && conn_opt->val[0] != '\0' &&
+ strcmp(conn_opt->keyword, "dbname") != 0)
{
keywords[i] = conn_opt->keyword;
values[i] = conn_opt->val;
}
+/*
+ * Append the given string to the shell command being built in the buffer,
+ * with suitable shell-style quoting to create exactly one argument.
+ *
+ * Forbid LF or CR characters, which have scant practical use beyond designing
+ * security breaches. The Windows command shell is unusable as a conduit for
+ * arguments containing LF or CR characters. A future major release should
+ * reject those characters in CREATE ROLE and CREATE DATABASE, because use
+ * there eventually leads to errors here.
+ */
+void
+appendShellString(PQExpBuffer buf, const char *str)
+{
+ const char *p;
+
+#ifndef WIN32
+ appendPQExpBufferChar(buf, '\'');
+ for (p = str; *p; p++)
+ {
+ if (*p == '\n' || *p == '\r')
+ {
+ fprintf(stderr,
+ _("shell command argument contains a newline or carriage return: \"%s\"\n"),
+ str);
+ exit(EXIT_FAILURE);
+ }
+
+ if (*p == '\'')
+ appendPQExpBufferStr(buf, "'\"'\"'");
+ else
+ appendPQExpBufferChar(buf, *p);
+ }
+ appendPQExpBufferChar(buf, '\'');
+#else /* WIN32 */
+ int backslash_run_length = 0;
+
+ /*
+ * A Windows system() argument experiences two layers of interpretation.
+ * First, cmd.exe interprets the string. Its behavior is undocumented,
+ * but a caret escapes any byte except LF or CR that would otherwise have
+ * special meaning. Handling of a caret before LF or CR differs between
+ * "cmd.exe /c" and other modes, and it is unusable here.
+ *
+ * Second, the new process parses its command line to construct argv (see
+ * https://msdn.microsoft.com/en-us/library/17w5ykft.aspx). This treats
+ * backslash-double quote sequences specially.
+ */
+ appendPQExpBufferStr(buf, "^\"");
+ for (p = str; *p; p++)
+ {
+ if (*p == '\n' || *p == '\r')
+ {
+ fprintf(stderr,
+ _("shell command argument contains a newline or carriage return: \"%s\"\n"),
+ str);
+ exit(EXIT_FAILURE);
+ }
+
+ /* Change N backslashes before a double quote to 2N+1 backslashes. */
+ if (*p == '"')
+ {
+ while (backslash_run_length)
+ {
+ appendPQExpBufferStr(buf, "^\\");
+ backslash_run_length--;
+ }
+ appendPQExpBufferStr(buf, "^\\");
+ }
+ else if (*p == '\\')
+ backslash_run_length++;
+ else
+ backslash_run_length = 0;
+
+ /*
+ * Decline to caret-escape the most mundane characters, to ease
+ * debugging and lest we approach the command length limit.
+ */
+ if (!((*p >= 'a' && *p <= 'z') ||
+ (*p >= 'A' && *p <= 'Z') ||
+ (*p >= '0' && *p <= '9')))
+ appendPQExpBufferChar(buf, '^');
+ appendPQExpBufferChar(buf, *p);
+ }
+
+ /*
+ * Change N backslashes at end of argument to 2N backslashes, because they
+ * precede the double quote that terminates the argument.
+ */
+ while (backslash_run_length)
+ {
+ appendPQExpBufferStr(buf, "^\\");
+ backslash_run_length--;
+ }
+ appendPQExpBufferStr(buf, "^\"");
+#endif /* WIN32 */
+}
+
+
+/*
+ * Append the given string to the buffer, with suitable quoting for passing
+ * the string as a value, in a keyword/pair value in a libpq connection
+ * string
+ */
+void
+appendConnStrVal(PQExpBuffer buf, const char *str)
+{
+ const char *s;
+ bool needquotes;
+
+ /*
+ * If the string is one or more plain ASCII characters, no need to quote
+ * it. This is quite conservative, but better safe than sorry.
+ */
+ needquotes = true;
+ for (s = str; *s; s++)
+ {
+ if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') ||
+ (*s >= '0' && *s <= '9') || *s == '_' || *s == '.'))
+ {
+ needquotes = true;
+ break;
+ }
+ needquotes = false;
+ }
+
+ if (needquotes)
+ {
+ appendPQExpBufferChar(buf, '\'');
+ while (*str)
+ {
+ /* ' and \ must be escaped by to \' and \\ */
+ if (*str == '\'' || *str == '\\')
+ appendPQExpBufferChar(buf, '\\');
+
+ appendPQExpBufferChar(buf, *str);
+ str++;
+ }
+ appendPQExpBufferChar(buf, '\'');
+ }
+ else
+ appendPQExpBufferStr(buf, str);
+}
+
+
+/*
+ * Append a psql meta-command that connects to the given database with the
+ * then-current connection's user, host and port.
+ */
+void
+appendPsqlMetaConnect(PQExpBuffer buf, const char *dbname)
+{
+ const char *s;
+ bool complex;
+
+ /*
+ * If the name is plain ASCII characters, emit a trivial "\connect "foo"".
+ * For other names, even many not technically requiring it, skip to the
+ * general case. No database has a zero-length name.
+ */
+ complex = false;
+ for (s = dbname; *s; s++)
+ {
+ if (*s == '\n' || *s == '\r')
+ {
+ fprintf(stderr,
+ _("database name contains a newline or carriage return: \"%s\"\n"),
+ dbname);
+ exit(EXIT_FAILURE);
+ }
+
+ if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') ||
+ (*s >= '0' && *s <= '9') || *s == '_' || *s == '.'))
+ {
+ complex = true;
+ }
+ }
+
+ appendPQExpBufferStr(buf, "\\connect ");
+ if (complex)
+ {
+ PQExpBufferData connstr;
+
+ initPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, dbname);
+
+ appendPQExpBuffer(buf, "-reuse-previous=on ");
+
+ /*
+ * As long as the name does not contain a newline, SQL identifier
+ * quoting satisfies the psql meta-command parser. Prefer not to
+ * involve psql-interpreted single quotes, which behaved differently
+ * before PostgreSQL 9.2.
+ */
+ appendPQExpBufferStr(buf, fmtId(connstr.data));
+
+ termPQExpBuffer(&connstr);
+ }
+ else
+ appendPQExpBufferStr(buf, fmtId(dbname));
+ appendPQExpBufferChar(buf, '\n');
+}
+
+
/*
* Convert a bytea value (presented as raw bytes) to an SQL string literal
* and append it to the given buffer. We assume the specified
extern void appendByteaLiteral(PQExpBuffer buf,
const unsigned char *str, size_t length,
bool std_strings);
+extern void appendShellString(PQExpBuffer buf, const char *str);
+extern void appendConnStrVal(PQExpBuffer buf, const char *str);
+extern void appendPsqlMetaConnect(PQExpBuffer buf, const char *dbname);
extern bool parsePGArray(const char *atext, char ***itemarray, int *nitems);
extern bool buildACLCommands(const char *name, const char *subname,
const char *type, const char *acls, const char *owner,
SimpleStringList tableNames;
int useDB;
- char *dbname;
+ char *dbname; /* subject to expand_dbname */
char *pgport;
char *pghost;
char *username;
/* If we created a DB, connect to it... */
if (strcmp(te->desc, "DATABASE") == 0)
{
+ PQExpBufferData connstr;
+
+ initPQExpBuffer(&connstr);
+ appendPQExpBufferStr(&connstr, "dbname=");
+ appendConnStrVal(&connstr, te->tag);
+ /* Abandon struct, but keep its buffer until process exit. */
+
ahlog(AH, 1, "connecting to new database \"%s\"\n", te->tag);
_reconnectToDB(AH, te->tag);
- ropt->dbname = pg_strdup(te->tag);
+ ropt->dbname = connstr.data;
}
}
ReconnectToServer(AH, dbname, NULL);
else
{
- PQExpBuffer qry = createPQExpBuffer();
+ if (dbname)
+ {
+ PQExpBufferData connectbuf;
- appendPQExpBuffer(qry, "\\connect %s\n\n",
- dbname ? fmtId(dbname) : "-");
- ahprintf(AH, "%s", qry->data);
- destroyPQExpBuffer(qry);
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, dbname);
+ ahprintf(AH, "%s\n", connectbuf.data);
+ termPQExpBuffer(&connectbuf);
+ }
+ else
+ ahprintf(AH, "%s\n", "\\connect -\n");
}
/*
}
else
{
- char *dbname;
+ PQExpBufferData connstr;
char *pghost;
char *pgport;
char *username;
* because all just return a pointer and do not actually send/receive
* any data to/from the database.
*/
- dbname = PQdb(AH->connection);
+ initPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, PQdb(AH->connection));
pghost = PQhost(AH->connection);
pgport = PQport(AH->connection);
username = PQuser(AH->connection);
/* this also sets clone->connection */
- ConnectDatabase((Archive *) clone, dbname, pghost, pgport, username, TRI_NO);
+ ConnectDatabase((Archive *) clone, connstr.data,
+ pghost, pgport, username, TRI_NO);
+ termPQExpBuffer(&connstr);
/* setupDumpWorker will fix up connection state */
}
static PGconn *
_connectDB(ArchiveHandle *AH, const char *reqdb, const char *requser)
{
+ PQExpBufferData connstr;
PGconn *newConn;
const char *newdb;
const char *newuser;
exit_horribly(modulename, "out of memory\n");
}
+ initPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, newdb);
+
do
{
const char *keywords[7];
keywords[3] = "password";
values[3] = password;
keywords[4] = "dbname";
- values[4] = newdb;
+ values[4] = connstr.data;
keywords[5] = "fallback_application_name";
values[5] = progname;
keywords[6] = NULL;
if (password)
free(password);
+ termPQExpBuffer(&connstr);
+
/* check for version mismatch */
_check_database_version(AH);
const char *name2);
static void dumpDatabases(PGconn *conn);
static void dumpTimestamp(char *msg);
-static void appendShellString(PQExpBuffer buf, const char *str);
-static void appendConnStrVal(PQExpBuffer buf, const char *str);
static int runPgDump(const char *dbname);
static void buildShSecLabels(PGconn *conn, const char *catalog_name,
fdbname, fmtId(dbtablespace));
/* connect to original database */
- appendPQExpBuffer(buf, "\\connect %s\n", fdbname);
+ appendPsqlMetaConnect(buf, dbname);
}
if (binary_upgrade)
int ret;
char *dbname = PQgetvalue(res, i, 0);
+ PQExpBufferData connectbuf;
if (verbose)
fprintf(stderr, _("%s: dumping database \"%s\"...\n"), progname, dbname);
- fprintf(OPF, "\\connect %s\n\n", fmtId(dbname));
+ initPQExpBuffer(&connectbuf);
+ appendPsqlMetaConnect(&connectbuf, dbname);
+ fprintf(OPF, "%s\n", connectbuf.data);
+ termPQExpBuffer(&connectbuf);
/*
* Restore will need to write to the target cluster. This connection
/*
* Merge the connection info inputs given in form of connection string
- * and other options.
+ * and other options. Explicitly discard any dbname value in the
+ * connection string; otherwise, PQconnectdbParams() would interpret
+ * that value as being itself a connection string.
*/
if (connection_string)
{
for (conn_opt = conn_opts; conn_opt->keyword != NULL; conn_opt++)
{
- if (conn_opt->val != NULL && conn_opt->val[0] != '\0')
+ if (conn_opt->val != NULL && conn_opt->val[0] != '\0' &&
+ strcmp(conn_opt->keyword, "dbname") != 0)
argcount++;
}
for (conn_opt = conn_opts; conn_opt->keyword != NULL; conn_opt++)
{
- if (conn_opt->val != NULL && conn_opt->val[0] != '\0')
+ if (conn_opt->val != NULL && conn_opt->val[0] != '\0' &&
+ strcmp(conn_opt->keyword, "dbname") != 0)
{
keywords[i] = conn_opt->keyword;
values[i] = conn_opt->val;
localtime(&now)) != 0)
fprintf(OPF, "-- %s %s\n\n", msg, buf);
}
-
-
-/*
- * Append the given string to the buffer, with suitable quoting for passing
- * the string as a value, in a keyword/pair value in a libpq connection
- * string
- */
-static void
-appendConnStrVal(PQExpBuffer buf, const char *str)
-{
- const char *s;
- bool needquotes;
-
- /*
- * If the string consists entirely of plain ASCII characters, no need to
- * quote it. This is quite conservative, but better safe than sorry.
- */
- needquotes = false;
- for (s = str; *s; s++)
- {
- if (!((*s >= 'a' && *s <= 'z') || (*s >= 'A' && *s <= 'Z') ||
- (*s >= '0' && *s <= '9') || *s == '_' || *s == '.'))
- {
- needquotes = true;
- break;
- }
- }
-
- if (needquotes)
- {
- appendPQExpBufferChar(buf, '\'');
- while (*str)
- {
- /* ' and \ must be escaped by to \' and \\ */
- if (*str == '\'' || *str == '\\')
- appendPQExpBufferChar(buf, '\\');
-
- appendPQExpBufferChar(buf, *str);
- str++;
- }
- appendPQExpBufferChar(buf, '\'');
- }
- else
- appendPQExpBufferStr(buf, str);
-}
-
-/*
- * Append the given string to the shell command being built in the buffer,
- * with suitable shell-style quoting to create exactly one argument.
- *
- * Forbid LF or CR characters, which have scant practical use beyond designing
- * security breaches. The Windows command shell is unusable as a conduit for
- * arguments containing LF or CR characters. A future major release should
- * reject those characters in CREATE ROLE and CREATE DATABASE, because use
- * there eventually leads to errors here.
- */
-static void
-appendShellString(PQExpBuffer buf, const char *str)
-{
- const char *p;
-
-#ifndef WIN32
- appendPQExpBufferChar(buf, '\'');
- for (p = str; *p; p++)
- {
- if (*p == '\n' || *p == '\r')
- {
- fprintf(stderr,
- _("shell command argument contains a newline or carriage return: \"%s\"\n"),
- str);
- exit(EXIT_FAILURE);
- }
-
- if (*p == '\'')
- appendPQExpBufferStr(buf, "'\"'\"'");
- else
- appendPQExpBufferChar(buf, *p);
- }
- appendPQExpBufferChar(buf, '\'');
-#else /* WIN32 */
- int backslash_run_length = 0;
-
- /*
- * A Windows system() argument experiences two layers of interpretation.
- * First, cmd.exe interprets the string. Its behavior is undocumented,
- * but a caret escapes any byte except LF or CR that would otherwise have
- * special meaning. Handling of a caret before LF or CR differs between
- * "cmd.exe /c" and other modes, and it is unusable here.
- *
- * Second, the new process parses its command line to construct argv (see
- * https://msdn.microsoft.com/en-us/library/17w5ykft.aspx). This treats
- * backslash-double quote sequences specially.
- */
- appendPQExpBufferStr(buf, "^\"");
- for (p = str; *p; p++)
- {
- if (*p == '\n' || *p == '\r')
- {
- fprintf(stderr,
- _("shell command argument contains a newline or carriage return: \"%s\"\n"),
- str);
- exit(EXIT_FAILURE);
- }
-
- /* Change N backslashes before a double quote to 2N+1 backslashes. */
- if (*p == '"')
- {
- while (backslash_run_length)
- {
- appendPQExpBufferStr(buf, "^\\");
- backslash_run_length--;
- }
- appendPQExpBufferStr(buf, "^\\");
- }
- else if (*p == '\\')
- backslash_run_length++;
- else
- backslash_run_length = 0;
-
- /*
- * Decline to caret-escape the most mundane characters, to ease
- * debugging and lest we approach the command length limit.
- */
- if (!((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9')))
- appendPQExpBufferChar(buf, '^');
- appendPQExpBufferChar(buf, *p);
- }
-
- /*
- * Change N backslashes at end of argument to 2N backslashes, because they
- * precede the double quote that terminates the argument.
- */
- while (backslash_run_length)
- {
- appendPQExpBufferStr(buf, "^\\");
- backslash_run_length--;
- }
- appendPQExpBufferStr(buf, "^\"");
-#endif /* WIN32 */
-}
bool keep_password;
bool has_connection_string;
bool reuse_previous;
+ PQExpBufferData connstr;
if (!o_conn && (!dbname || !user || !host || !port))
{
* changes: passwords aren't (usually) database-specific.
*/
if (!dbname && reuse_previous)
- dbname = PQdb(o_conn);
+ {
+ initPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, PQdb(o_conn));
+ dbname = connstr.data;
+ /* has_connection_string=true would be a dead store */
+ }
+ else
+ connstr.data = NULL;
/*
* If the user asked to be prompted for a password, ask for one now. If
}
PQfinish(n_conn);
+ if (connstr.data)
+ termPQExpBuffer(&connstr);
return false;
}
+ if (connstr.data)
+ termPQExpBuffer(&connstr);
/*
* Replace the old connection with the new one, and update
{
PGconn *conn;
PGresult *result;
+ PQExpBufferData connstr;
int i;
conn = connectMaintenanceDatabase(maintenance_db, host, port, username,
result = executeQuery(conn, "SELECT datname FROM pg_database WHERE datallowconn ORDER BY 1;", progname, echo);
PQfinish(conn);
+ initPQExpBuffer(&connstr);
for (i = 0; i < PQntuples(result); i++)
{
char *dbname = PQgetvalue(result, i, 0);
fflush(stdout);
}
- cluster_one_database(dbname, verbose, NULL,
+ resetPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, dbname);
+
+ cluster_one_database(connstr.data, verbose, NULL,
host, port, username, prompt_password,
progname, echo);
}
+ termPQExpBuffer(&connstr);
PQclear(result);
}
{
PGconn *conn;
PGresult *result;
+ PQExpBufferData connstr;
int i;
conn = connectMaintenanceDatabase(maintenance_db, host, port, username,
result = executeQuery(conn, "SELECT datname FROM pg_database WHERE datallowconn ORDER BY 1;", progname, echo);
PQfinish(conn);
+ initPQExpBuffer(&connstr);
for (i = 0; i < PQntuples(result); i++)
{
char *dbname = PQgetvalue(result, i, 0);
fflush(stdout);
}
- reindex_one_database(dbname, dbname, "DATABASE", host, port, username,
- prompt_password, progname, echo);
+ resetPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, dbname);
+
+ reindex_one_database(NULL, connstr.data, "DATABASE", host,
+ port, username, prompt_password,
+ progname, echo);
}
+ termPQExpBuffer(&connstr);
PQclear(result);
}
initPQExpBuffer(&sql);
- appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;", PQdb(conn));
+ appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;", fmtId(PQdb(conn)));
if (!executeMaintenanceCommand(conn, sql.data, echo))
{
{
PGconn *conn;
PGresult *result;
+ PQExpBufferData connstr;
int stage;
conn = connectMaintenanceDatabase(maintenance_db, host, port,
result = executeQuery(conn, "SELECT datname FROM pg_database WHERE datallowconn ORDER BY 1;", progname, echo);
PQfinish(conn);
+ initPQExpBuffer(&connstr);
+
/* If analyzing in stages, then run through all stages. Otherwise just
* run once, passing -1 as the stage. */
for (stage = (analyze_in_stages ? 0 : -1);
fflush(stdout);
}
- vacuum_one_database(dbname, full, verbose, and_analyze, analyze_only,
- analyze_in_stages, stage,
+ resetPQExpBuffer(&connstr);
+ appendPQExpBuffer(&connstr, "dbname=");
+ appendConnStrVal(&connstr, PQgetvalue(result, i, 0));
+
+ vacuum_one_database(connstr.data, full, verbose, and_analyze,
+ analyze_only, analyze_in_stages, stage,
freeze, NULL, host, port, username, prompt_password,
progname, echo, quiet);
}
}
+ termPQExpBuffer(&connstr);
PQclear(result);
}
* of "dbname" keyword is a connection string (as indicated by
* recognized_connection_string) then parse and process it, overriding any
* previously processed conflicting keywords. Subsequent keywords will take
- * precedence, however.
+ * precedence, however. In-tree programs generally specify expand_dbname=true,
+ * so command-line arguments naming a database can use a connection string.
+ * Some code acquires arbitrary database names from known-literal sources like
+ * PQdb(), PQconninfoParse() and pg_database.datname. When connecting to such
+ * a database, in-tree code first wraps the name in a connection string.
*/
static PQconninfoOption *
conninfo_array_parse(const char *const * keywords, const char *const * values,
$ENV{PGDATA}) == 0);
}
+# This is similar to appendShellString(). Perl system(@args) bypasses
+# cmd.exe, so omit the caret escape layer.
+sub quote_system_arg
+{
+ my $arg = shift;
+
+ # Change N >= 0 backslashes before a double quote to 2N+1 backslashes.
+ $arg =~ s/(\\*)"/${\($1 . $1)}\\"/gs;
+
+ # Change N >= 1 backslashes at end of argument to 2N backslashes.
+ $arg =~ s/(\\+)$/${\($1 . $1)}/gs;
+
+ # Wrap the whole thing in unescaped double quotes.
+ return "\"$arg\"";
+}
+
+# Generate a database with a name made of a range of ASCII characters, useful
+# for testing pg_upgrade.
+sub generate_db
+{
+ my ($prefix, $from_char, $to_char, $suffix) = @_;
+
+ my $dbname = $prefix;
+ for my $i ($from_char .. $to_char)
+ {
+ next if $i == 7 || $i == 10 || $i == 13; # skip BEL, LF, and CR
+ $dbname = $dbname . sprintf('%c', $i);
+ }
+ $dbname .= $suffix;
+
+ system('createdb', quote_system_arg($dbname));
+ my $status = $? >> 8;
+ exit $status if $status;
+}
+
sub upgradecheck
{
my $status;
print "\nStarting old cluster\n\n";
my @args = ('pg_ctl', 'start', '-l', "$logdir/postmaster1.log", '-w');
system(@args) == 0 or exit 1;
+
+ print "\nCreating databases with names covering most ASCII bytes\n\n";
+ generate_db("\\\"\\", 1, 45, "\\\\\"\\\\\\");
+ generate_db('', 46, 90, '');
+ generate_db('', 91, 127, '');
+
print "\nSetting up data for upgrading\n\n";
installcheck();
projects / postgresql.git / commitdiff