Skip to content

Commit 56aa2dc

Browse files
anarazelanarazel
committed
Specify the encoding of input to fmtId()
This commit adds fmtIdEnc() and fmtQualifiedIdEnc(), which allow to specify the encoding as an explicit argument. Additionally setFmtEncoding() is provided, which defines the encoding when no explicit encoding is provided, to avoid breaking all code using fmtId(). All users of fmtId()/fmtQualifiedId() are either converted to the explicit version or a call to setFmtEncoding() has been added. This commit does not yet utilize the now well-defined encoding, that will happen in a subsequent commit. Reviewed-by: Noah Misch <noah@leadboat.com> Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> Backpatch-through: 13 Security: CVE-2025-1094
1 parent 6e05b19 commit 56aa2dc

File tree

13 files changed

+112
-22
lines changed

13 files changed

+112
-22
lines changed

src/bin/pg_dump/pg_backup_archiver.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2713,6 +2713,7 @@ processEncodingEntry(ArchiveHandle *AH, TocEntry *te)
27132713
pg_fatal("unrecognized encoding \"%s\"",
27142714
ptr1);
27152715
AH->public.encoding = encoding;
2716+
setFmtEncoding(encoding);
27162717
}
27172718
else
27182719
pg_fatal("invalid ENCODING item: %s",

src/bin/pg_dump/pg_dump.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1172,6 +1172,7 @@ setup_connection(Archive *AH, const char *dumpencoding,
11721172
* we know how to escape strings.
11731173
*/
11741174
AH->encoding = PQclientEncoding(conn);
1175+
setFmtEncoding(AH->encoding);
11751176

11761177
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
11771178
AH->std_strings = (std_strings && strcmp(std_strings, "on") == 0);

src/bin/pg_dump/pg_dumpall.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -519,6 +519,7 @@ main(int argc, char *argv[])
519519
* we know how to escape strings.
520520
*/
521521
encoding = PQclientEncoding(conn);
522+
setFmtEncoding(encoding);
522523
std_strings = PQparameterStatus(conn, "standard_conforming_strings");
523524
if (!std_strings)
524525
std_strings = "off";

src/bin/psql/command.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1318,6 +1318,7 @@ exec_command_encoding(PsqlScanState scan_state, bool active_branch)
13181318
/* save encoding info into psql internal data */
13191319
pset.encoding = PQclientEncoding(pset.db);
13201320
pset.popt.topt.encoding = pset.encoding;
1321+
setFmtEncoding(pset.encoding);
13211322
SetVariable(pset.vars, "ENCODING",
13221323
pg_encoding_to_char(pset.encoding));
13231324
}
@@ -3867,6 +3868,8 @@ SyncVariables(void)
38673868
pset.popt.topt.encoding = pset.encoding;
38683869
pset.sversion = PQserverVersion(pset.db);
38693870

3871+
setFmtEncoding(pset.encoding);
3872+
38703873
SetVariable(pset.vars, "DBNAME", PQdb(pset.db));
38713874
SetVariable(pset.vars, "USER", PQuser(pset.db));
38723875
SetVariable(pset.vars, "HOST", PQhost(pset.db));

src/bin/scripts/common.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -112,8 +112,9 @@ appendQualifiedRelation(PQExpBuffer buf, const char *spec,
112112
exit(1);
113113
}
114114
appendPQExpBufferStr(buf,
115-
fmtQualifiedId(PQgetvalue(res, 0, 1),
116-
PQgetvalue(res, 0, 0)));
115+
fmtQualifiedIdEnc(PQgetvalue(res, 0, 1),
116+
PQgetvalue(res, 0, 0),
117+
PQclientEncoding(conn)));
117118
appendPQExpBufferStr(buf, columns);
118119
PQclear(res);
119120
termPQExpBuffer(&sql);

src/bin/scripts/createdb.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -193,6 +193,8 @@ main(int argc, char *argv[])
193193

194194
conn = connectMaintenanceDatabase(&cparams, progname, echo);
195195

196+
setFmtEncoding(PQclientEncoding(conn));
197+
196198
initPQExpBuffer(&sql);
197199

198200
appendPQExpBuffer(&sql, "CREATE DATABASE %s",

src/bin/scripts/createuser.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -292,6 +292,8 @@ main(int argc, char *argv[])
292292

293293
conn = connectMaintenanceDatabase(&cparams, progname, echo);
294294

295+
setFmtEncoding(PQclientEncoding(conn));
296+
295297
initPQExpBuffer(&sql);
296298

297299
printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));

src/bin/scripts/dropdb.c

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -129,13 +129,6 @@ main(int argc, char *argv[])
129129
exit(0);
130130
}
131131

132-
initPQExpBuffer(&sql);
133-
134-
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
135-
(if_exists ? "IF EXISTS " : ""),
136-
fmtId(dbname),
137-
force ? " WITH (FORCE)" : "");
138-
139132
/* Avoid trying to drop postgres db while we are connected to it. */
140133
if (maintenance_db == NULL && strcmp(dbname, "postgres") == 0)
141134
maintenance_db = "template1";
@@ -149,6 +142,12 @@ main(int argc, char *argv[])
149142

150143
conn = connectMaintenanceDatabase(&cparams, progname, echo);
151144

145+
initPQExpBuffer(&sql);
146+
appendPQExpBuffer(&sql, "DROP DATABASE %s%s%s;",
147+
(if_exists ? "IF EXISTS " : ""),
148+
fmtIdEnc(dbname, PQclientEncoding(conn)),
149+
force ? " WITH (FORCE)" : "");
150+
152151
if (echo)
153152
printf("%s\n", sql.data);
154153
result = PQexec(conn, sql.data);

src/bin/scripts/dropuser.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,8 @@ main(int argc, char *argv[])
143143

144144
initPQExpBuffer(&sql);
145145
appendPQExpBuffer(&sql, "DROP ROLE %s%s;",
146-
(if_exists ? "IF EXISTS " : ""), fmtId(dropuser));
146+
(if_exists ? "IF EXISTS " : ""),
147+
fmtIdEnc(dropuser, PQclientEncoding(conn)));
147148

148149
if (echo)
149150
printf("%s\n", sql.data);

src/bin/scripts/reindexdb.c

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -489,7 +489,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
489489

490490
if (tablespace)
491491
{
492-
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep, fmtId(tablespace));
492+
appendPQExpBuffer(&sql, "%sTABLESPACE %s", sep,
493+
fmtIdEnc(tablespace, PQclientEncoding(conn)));
493494
sep = comma;
494495
}
495496

@@ -529,7 +530,8 @@ run_reindex_command(PGconn *conn, ReindexType type, const char *name,
529530
{
530531
case REINDEX_DATABASE:
531532
case REINDEX_SYSTEM:
532-
appendPQExpBufferStr(&sql, fmtId(name));
533+
appendPQExpBufferStr(&sql,
534+
fmtIdEnc(name, PQclientEncoding(conn)));
533535
break;
534536
case REINDEX_INDEX:
535537
case REINDEX_TABLE:
@@ -699,8 +701,9 @@ get_parallel_object_list(PGconn *conn, ReindexType type,
699701
for (i = 0; i < ntups; i++)
700702
{
701703
appendPQExpBufferStr(&buf,
702-
fmtQualifiedId(PQgetvalue(res, i, 1),
703-
PQgetvalue(res, i, 0)));
704+
fmtQualifiedIdEnc(PQgetvalue(res, i, 1),
705+
PQgetvalue(res, i, 0),
706+
PQclientEncoding(conn)));
704707

705708
simple_string_list_append(tables, buf.data);
706709
resetPQExpBuffer(&buf);

0 commit comments

Comments
 (0)