Skip to content

Commit a73952b

Browse files
michaelpqmichaelpq
committed
Add check on initial and boot values when loading GUCs
This commit adds a function to perform a cross-check between the initial value of the C declaration associated to a GUC and its actual boot value in assert-enabled builds. The purpose of this is to prevent anybody reading these C declarations from being fooled by mismatched values before they are loaded at program startup. The following rules apply depending on the GUC type: * bool - can be false, or same as boot_val. * int - can be 0, or same as the boot_val. * real - can be 0.0, or same as the boot_val. * string - can be NULL, or strcmp'd equal to the boot_val. * enum - equal to the boot_val. This is done for the system as well custom GUCs loaded by external modules, which may require extension developers to adapt the C declaration of the variables used by these GUCs (testing this change with some of my own modules has allowed me to catch some stupid typos, FWIW). This may finish by being a bad experiment depending on the feedbcak received, but let's see how it goes. Author: Peter Smith Reviewed-by: Nathan Bossart, Tom Lane, Michael Paquier, Justin Pryzby Discussion: https://postgr.es/m/CAHut+PtHE0XSfjjRQ6D4v7+dqzCw=d+1a64ujra4EX8aoc_Z+w@mail.gmail.com
1 parent d9d873b commit a73952b

File tree

1 file changed

+89
-0
lines changed
  • src/backend/utils/misc

1 file changed

+89
-0
lines changed

src/backend/utils/misc/guc.c

+89
Original file line numberDiff line numberDiff line change
@@ -1382,6 +1382,89 @@ check_GUC_name_for_parameter_acl(const char *name)
13821382
return false;
13831383
}
13841384

1385+
/*
1386+
* Routine in charge of checking that the initial value of a GUC is the
1387+
* same when declared and when loaded to prevent anybody looking at the
1388+
* C declarations of these GUCS from being fooled by mismatched values.
1389+
*
1390+
* The following validation rules apply:
1391+
* bool - can be false, otherwise must be same as the boot_val
1392+
* int - can be 0, otherwise must be same as the boot_val
1393+
* real - can be 0.0, otherwise must be same as the boot_val
1394+
* string - can be NULL, otherwise must be strcmp equal to the boot_val
1395+
* enum - must be same as the boot_val
1396+
*/
1397+
#ifdef USE_ASSERT_CHECKING
1398+
static bool
1399+
check_GUC_init(struct config_generic *gconf)
1400+
{
1401+
switch (gconf->vartype)
1402+
{
1403+
case PGC_BOOL:
1404+
{
1405+
struct config_bool *conf = (struct config_bool *) gconf;
1406+
1407+
if (*conf->variable && !conf->boot_val)
1408+
{
1409+
elog(LOG, "GUC (PGC_BOOL) %s, boot_val=%d, C-var=%d",
1410+
conf->gen.name, conf->boot_val, *conf->variable);
1411+
return false;
1412+
}
1413+
break;
1414+
}
1415+
case PGC_INT:
1416+
{
1417+
struct config_int *conf = (struct config_int *) gconf;
1418+
1419+
if (*conf->variable != 0 && *conf->variable != conf->boot_val)
1420+
{
1421+
elog(LOG, "GUC (PGC_INT) %s, boot_val=%d, C-var=%d",
1422+
conf->gen.name, conf->boot_val, *conf->variable);
1423+
return false;
1424+
}
1425+
break;
1426+
}
1427+
case PGC_REAL:
1428+
{
1429+
struct config_real *conf = (struct config_real *) gconf;
1430+
1431+
if (*conf->variable != 0.0 && *conf->variable != conf->boot_val)
1432+
{
1433+
elog(LOG, "GUC (PGC_REAL) %s, boot_val=%g, C-var=%g",
1434+
conf->gen.name, conf->boot_val, *conf->variable);
1435+
return false;
1436+
}
1437+
break;
1438+
}
1439+
case PGC_STRING:
1440+
{
1441+
struct config_string *conf = (struct config_string *) gconf;
1442+
1443+
if (*conf->variable != NULL && strcmp(*conf->variable, conf->boot_val) != 0)
1444+
{
1445+
elog(LOG, "GUC (PGC_STRING) %s, boot_val=%s, C-var=%s",
1446+
conf->gen.name, conf->boot_val ? conf->boot_val : "<null>", *conf->variable);
1447+
return false;
1448+
}
1449+
break;
1450+
}
1451+
case PGC_ENUM:
1452+
{
1453+
struct config_enum *conf = (struct config_enum *) gconf;
1454+
1455+
if (*conf->variable != conf->boot_val)
1456+
{
1457+
elog(LOG, "GUC (PGC_ENUM) %s, boot_val=%d, C-var=%d",
1458+
conf->gen.name, conf->boot_val, *conf->variable);
1459+
return false;
1460+
}
1461+
break;
1462+
}
1463+
}
1464+
1465+
return true;
1466+
}
1467+
#endif
13851468

13861469
/*
13871470
* Initialize GUC options during program startup.
@@ -1413,6 +1496,9 @@ InitializeGUCOptions(void)
14131496
hash_seq_init(&status, guc_hashtab);
14141497
while ((hentry = (GUCHashEntry *) hash_seq_search(&status)) != NULL)
14151498
{
1499+
/* Check mapping between initial and default value */
1500+
Assert(check_GUC_init(hentry->gucvar));
1501+
14161502
InitializeOneGUCOption(hentry->gucvar);
14171503
}
14181504

@@ -4654,6 +4740,9 @@ define_custom_variable(struct config_generic *variable)
46544740
GUCHashEntry *hentry;
46554741
struct config_string *pHolder;
46564742

4743+
/* Check mapping between initial and default value */
4744+
Assert(check_GUC_init(variable));
4745+
46574746
/*
46584747
* See if there's a placeholder by the same name.
46594748
*/

0 commit comments

Comments
 (0)