Skip to content

Commit 2ae54ae

Browse files
anarazelanarazel
committed
Specify the encoding of input to fmtId()
This commit adds fmtIdEnc() and fmtQualifiedIdEnc(), which allow to specify the encoding as an explicit argument. Additionally setFmtEncoding() is provided, which defines the encoding when no explicit encoding is provided, to avoid breaking all code using fmtId(). All users of fmtId()/fmtQualifiedId() are either converted to the explicit version or a call to setFmtEncoding() has been added. This commit does not yet utilize the now well-defined encoding, that will happen in a subsequent commit. Reviewed-by: Noah Misch <noah@leadboat.com> Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> Backpatch-through: 13 Security: CVE-2025-1094
1 parent 5bc33cb commit 2ae54ae

File tree

13 files changed

+112
-22
lines changed

13 files changed

+112
-22
lines changed

src/bin/pg_dump/pg_backup_archiver.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2716,6 +2716,7 @@ processEncodingEntry(ArchiveHandle *AH, TocEntry *te)
27162716
fatal("unrecognized encoding \"%s\"",
27172717
ptr1);
27182718
AH->public.encoding = encoding;
2719+
setFmtEncoding(encoding);
27192720
}
27202721
else
27212722
fatal("invalid ENCODING item: %s",

src/bin/pg_dump/pg_dump.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1126,6 +1126,7 @@ setup_connection(Archive *AH, const char *dumpencoding,
11261126
* we know how to escape strings.
11271127
*/
11281128
AH->encoding = PQclientEncoding(conn);
1129+
setFmtEncoding(AH->encoding);
11291130

11301131
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
11311132
AH->std_strings = (std_strings && strcmp(std_strings, "on") == 0);

src/bin/pg_dump/pg_dumpall.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -512,6 +512,7 @@ main(int argc, char *argv[])
512512
* we know how to escape strings.
513513
*/
514514
encoding = PQclientEncoding(conn);
515+
setFmtEncoding(encoding);
515516
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
516517
if (!std_strings)
517518
std_strings = "off";

src/bin/psql/command.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1280,6 +1280,7 @@ exec_command_encoding(PsqlScanState scan_state, bool active_branch)
12801280
/* save encoding info into psql internal data */
12811281
pset.encoding = PQclientEncoding(pset.db);
12821282
pset.popt.topt.encoding = pset.encoding;
1283+
setFmtEncoding(pset.encoding);
12831284
SetVariable(pset.vars, "ENCODING",
12841285
pg_encoding_to_char(pset.encoding));
12851286
}
@@ -3669,6 +3670,8 @@ SyncVariables(void)
36693670
pset.popt.topt.encoding = pset.encoding;
36703671
pset.sversion = PQserverVersion(pset.db);
36713672

3673+
setFmtEncoding(pset.encoding);
3674+
36723675
SetVariable(pset.vars, "DBNAME", PQdb(pset.db));
36733676
SetVariable(pset.vars, "USER", PQuser(pset.db));
36743677
SetVariable(pset.vars, "HOST", PQhost(pset.db));

src/bin/scripts/common.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -112,8 +112,9 @@ appendQualifiedRelation(PQExpBuffer buf, const char *spec,
112112
exit(1);
113113
}
114114
appendPQExpBufferStr(buf,
115-
fmtQualifiedId(PQgetvalue(res, 0, 1),
116-
PQgetvalue(res, 0, 0)));
115+
fmtQualifiedIdEnc(PQgetvalue(res, 0, 1),
116+
PQgetvalue(res, 0, 0),
117+
PQclientEncoding(conn)));
117118
appendPQExpBufferStr(buf, columns);
118119
PQclear(res);
119120
termPQExpBuffer(&sql);

src/bin/scripts/createdb.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -191,6 +191,8 @@ main(int argc, char *argv[])
191191

192192
conn = connectMaintenanceDatabase(&cparams, progname, echo);
193193

194+
setFmtEncoding(PQclientEncoding(conn));
195+
194196
initPQExpBuffer(&sql);
195197

196198
appendPQExpBuffer(&sql, "CREATE DATABASE %s",

src/bin/scripts/createuser.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -263,6 +263,8 @@ main(int argc, char *argv[])
263263

264264
conn = connectMaintenanceDatabase(&cparams, progname, echo);
265265

266+
setFmtEncoding(PQclientEncoding(conn));
267+
266268
initPQExpBuffer(&sql);
267269

268270
printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));

src/bin/scripts/dropdb.c

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -128,13 +128,6 @@ main(int argc, char *argv[])
128128
exit(0);
129129
}
130130

131-
initPQExpBuffer(&sql);
132-
133-
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
134-
(if_exists ? "IF EXISTS " : ""),
135-
fmtId(dbname),
136-
force ? " WITH (FORCE)" : "");
137-
138131
/* Avoid trying to drop postgres db while we are connected to it. */
139132
if (maintenance_db == NULL && strcmp(dbname, "postgres") == 0)
140133
maintenance_db = "template1";
@@ -148,6 +141,12 @@ main(int argc, char *argv[])
148141

149142
conn = connectMaintenanceDatabase(&cparams, progname, echo);
150143

144+
initPQExpBuffer(&sql);
145+
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
146+
(if_exists ? "IF EXISTS " : ""),
147+
fmtIdEnc(dbname, PQclientEncoding(conn)),
148+
force ? " WITH (FORCE)" : "");
149+
151150
if (echo)
152151
printf("%s\n", sql.data);
153152
result = PQexec(conn, sql.data);

src/bin/scripts/dropuser.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,8 @@ main(int argc, char *argv[])
142142

143143
initPQExpBuffer(&sql);
144144
appendPQExpBuffer(&sql, "DROP ROLE %s%s;",
145-
(if_exists ? "IF EXISTS " : ""), fmtId(dropuser));
145+
(if_exists ? "IF EXISTS " : ""),
146+
fmtIdEnc(dropuser, PQclientEncoding(conn)));
146147

147148
if (echo)
148149
printf("%s\n", sql.data);

src/bin/scripts/reindexdb.c

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -533,7 +533,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
533533

534534
if (tablespace)
535535
{
536-
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep, fmtId(tablespace));
536+
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep,
537+
fmtIdEnc(tablespace, PQclientEncoding(conn)));
537538
sep = comma;
538539
}
539540

@@ -573,7 +574,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
573574
{
574575
case REINDEX_DATABASE:
575576
case REINDEX_SYSTEM:
576-
appendPQExpBufferStr(&sql, fmtId(name));
577+
appendPQExpBufferStr(&sql,
578+
fmtIdEnc(name, PQclientEncoding(conn)));
577579
break;
578580
case REINDEX_INDEX:
579581
case REINDEX_TABLE:
@@ -743,8 +745,9 @@ get_parallel_object_list(PGconn *conn, ReindexType type,
743745
for (i = 0; i < ntups; i++)
744746
{
745747
appendPQExpBufferStr(&buf,
746-
fmtQualifiedId(PQgetvalue(res, i, 1),
747-
PQgetvalue(res, i, 0)));
748+
fmtQualifiedIdEnc(PQgetvalue(res, i, 1),
749+
PQgetvalue(res, i, 0),
750+
PQclientEncoding(conn)));
748751

749752
simple_string_list_append(tables, buf.data);
750753
resetPQExpBuffer(&buf);

0 commit comments

Comments
 (0)