hstore: Tighten key/value parsing check for whitespaces

michaelpq · michaelpq · commit e0e6829459b0 · 2023-06-12T09:14:14.000+09:00
isspace() can be locale-sensitive depending on the platform, causing hstore to consider as whitespaces characters it should not see as such. For example, U+0105, being decoded as 0xC4 0x85 in UTF-8, would be discarded from the input given. This problem is similar to 9ae2661, though it was missed that hstore can also manipulate non-ASCII inputs, so replace the existing isspace() calls with scanner_isspace(). This problem exists for a long time, so backpatch all the way down. Author: Evan Jones Discussion: https://postgr.es/m/CA+HWA9awUW0+RV_gO9r1ABZwGoZxPztcJxPy8vMFSTbTfi4jig@mail.gmail.com Backpatch-through: 11
diff --git a/contrib/hstore/Makefile b/contrib/hstore/Makefile
@@ -22,7 +22,7 @@ PGFILEDESC = "hstore - key/value pair data type"
 
 HEADERS = hstore.h
 
-REGRESS = hstore
+REGRESS = hstore hstore_utf8
 
 ifdef USE_PGXS
 PG_CONFIG = pg_config
diff --git a/contrib/hstore/expected/hstore_utf8.out b/contrib/hstore/expected/hstore_utf8.out
@@ -0,0 +1,36 @@
+/*
+ * This test must be run in a database with UTF-8 encoding,
+ * because other encodings don't support all the characters used.
+ */
+SELECT getdatabaseencoding() <> 'UTF8'
+       AS skip_test \gset
+\if :skip_test
+\quit
+\endif
+SET client_encoding = utf8;
+-- UTF-8 locale bug on macOS: isspace(0x85) returns true.  \u0105 encodes
+-- as 0xc4 0x85 in UTF-8; the 0x85 was interpreted here as a whitespace.
+SELECT E'key\u0105=>value\u0105'::hstore;
+      hstore      
+------------------
+ "keyą"=>"valueą"
+(1 row)
+
+SELECT 'keyą=>valueą'::hstore;
+      hstore      
+------------------
+ "keyą"=>"valueą"
+(1 row)
+
+SELECT 'ą=>ą'::hstore;
+  hstore  
+----------
+ "ą"=>"ą"
+(1 row)
+
+SELECT 'keyąfoo=>valueą'::hstore;
+       hstore        
+---------------------
+ "keyąfoo"=>"valueą"
+(1 row)
+
diff --git a/contrib/hstore/expected/hstore_utf8_1.out b/contrib/hstore/expected/hstore_utf8_1.out
@@ -0,0 +1,8 @@
+/*
+ * This test must be run in a database with UTF-8 encoding,
+ * because other encodings don't support all the characters used.
+ */
+SELECT getdatabaseencoding() <> 'UTF8'
+       AS skip_test \gset
+\if :skip_test
+\quit
diff --git a/contrib/hstore/hstore_io.c b/contrib/hstore/hstore_io.c
@@ -12,6 +12,7 @@
 #include "hstore.h"
 #include "lib/stringinfo.h"
 #include "libpq/pqformat.h"
+#include "parser/scansup.h"
 #include "utils/builtins.h"
 #include "utils/json.h"
 #include "utils/jsonb.h"
@@ -88,7 +89,7 @@ get_val(HSParser *state, bool ignoreeq, bool *escaped)
 			{
 				st = GV_WAITESCIN;
 			}
-			else if (!isspace((unsigned char) *(state->ptr)))
+			else if (!scanner_isspace((unsigned char) *(state->ptr)))
 			{
 				*(state->cur) = *(state->ptr);
 				state->cur++;
@@ -111,7 +112,7 @@ get_val(HSParser *state, bool ignoreeq, bool *escaped)
 				state->ptr--;
 				return true;
 			}
-			else if (isspace((unsigned char) *(state->ptr)))
+			else if (scanner_isspace((unsigned char) *(state->ptr)))
 			{
 				return true;
 			}
@@ -219,7 +220,7 @@ parse_hstore(HSParser *state)
 			{
 				elog(ERROR, "Unexpected end of string");
 			}
-			else if (!isspace((unsigned char) *(state->ptr)))
+			else if (!scanner_isspace((unsigned char) *(state->ptr)))
 			{
 				elog(ERROR, "Syntax error near \"%.*s\" at position %d",
 					 pg_mblen(state->ptr), state->ptr,
@@ -271,7 +272,7 @@ parse_hstore(HSParser *state)
 			{
 				return;
 			}
-			else if (!isspace((unsigned char) *(state->ptr)))
+			else if (!scanner_isspace((unsigned char) *(state->ptr)))
 			{
 				elog(ERROR, "Syntax error near \"%.*s\" at position %d",
 					 pg_mblen(state->ptr), state->ptr,
diff --git a/contrib/hstore/sql/hstore_utf8.sql b/contrib/hstore/sql/hstore_utf8.sql
@@ -0,0 +1,19 @@
+/*
+ * This test must be run in a database with UTF-8 encoding,
+ * because other encodings don't support all the characters used.
+ */
+
+SELECT getdatabaseencoding() <> 'UTF8'
+       AS skip_test \gset
+\if :skip_test
+\quit
+\endif
+
+SET client_encoding = utf8;
+
+-- UTF-8 locale bug on macOS: isspace(0x85) returns true.  \u0105 encodes
+-- as 0xc4 0x85 in UTF-8; the 0x85 was interpreted here as a whitespace.
+SELECT E'key\u0105=>value\u0105'::hstore;
+SELECT 'keyą=>valueą'::hstore;
+SELECT 'ą=>ą'::hstore;
+SELECT 'keyąfoo=>valueą'::hstore;

Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@`
`12`	`12`	`#include "hstore.h"`
`13`	`13`	`#include "lib/stringinfo.h"`
`14`	`14`	`#include "libpq/pqformat.h"`
	`15`	`+#include "parser/scansup.h"`
`15`	`16`	`#include "utils/builtins.h"`
`16`	`17`	`#include "utils/json.h"`
`17`	`18`	`#include "utils/jsonb.h"`
`@@ -88,7 +89,7 @@ get_val(HSParser state, bool ignoreeq, bool escaped)`
`88`	`89`	`{`
`89`	`90`	`st = GV_WAITESCIN;`
`90`	`91`	`}`
`91`		`- else if (!isspace((unsigned char) *(state->ptr)))`
	`92`	`+ else if (!scanner_isspace((unsigned char) *(state->ptr)))`
`92`	`93`	`{`
`93`	`94`	`(state->cur) = (state->ptr);`
`94`	`95`	`state->cur++;`
`@@ -111,7 +112,7 @@ get_val(HSParser state, bool ignoreeq, bool escaped)`
`111`	`112`	`state->ptr--;`
`112`	`113`	`return true;`
`113`	`114`	`}`
`114`		`- else if (isspace((unsigned char) *(state->ptr)))`
	`115`	`+ else if (scanner_isspace((unsigned char) *(state->ptr)))`
`115`	`116`	`{`
`116`	`117`	`return true;`
`117`	`118`	`}`
`@@ -219,7 +220,7 @@ parse_hstore(HSParser *state)`
`219`	`220`	`{`
`220`	`221`	`elog(ERROR, "Unexpected end of string");`
`221`	`222`	`}`
`222`		`- else if (!isspace((unsigned char) *(state->ptr)))`
	`223`	`+ else if (!scanner_isspace((unsigned char) *(state->ptr)))`
`223`	`224`	`{`
`224`	`225`	`elog(ERROR, "Syntax error near \"%.*s\" at position %d",`
`225`	`226`	`pg_mblen(state->ptr), state->ptr,`
`@@ -271,7 +272,7 @@ parse_hstore(HSParser *state)`
`271`	`272`	`{`
`272`	`273`	`return;`
`273`	`274`	`}`
`274`		`- else if (!isspace((unsigned char) *(state->ptr)))`
	`275`	`+ else if (!scanner_isspace((unsigned char) *(state->ptr)))`
`275`	`276`	`{`
`276`	`277`	`elog(ERROR, "Syntax error near \"%.*s\" at position %d",`
`277`	`278`	`pg_mblen(state->ptr), state->ptr,`