]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6bec1a6) | patch
Fix Windows shell argument quoting.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:51 +0000 (10:07 -0400)
commit18392ed4aa7bd27ab753e0e89358043c7b9b8337
treed8387b522b1beeb272b72afb14545af0aa2b548etree | snapshot
parent6bec1a6c834bc128fec4305f2d7ad2b2e4f681facommit | diff
Fix Windows shell argument quoting.

The incorrect quoting may have permitted arbitrary command execution.
At a minimum, it gave broader control over the command line to actors
supposed to have control over a single argument.  Back-patch to 9.1 (all
supported versions).

Security: CVE-2016-5424
src/bin/pg_dump/pg_dumpall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.