]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6df8ff4) | patch
Obstruct shell, SQL, and conninfo injection via database and role names.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:51 +0000 (10:07 -0400)
commit254eb04f17b8c0a933ff0cdf2003339a460d778f
treedb91fdbb64599690ec4ba84f3bea9820549e7bb8tree | snapshot
parent6df8ff49d9ea6ce2386d50deffff85503bc9fcd3commit | diff
Obstruct shell, SQL, and conninfo injection via database and role names.

Due to simplistic quoting and confusion of database names with conninfo
strings, roles with the CREATEDB or CREATEROLE option could escalate to
superuser privileges when a superuser next ran certain maintenance
commands.  The new coding rule for PQconnectdbParams() calls, documented
at conninfo_array_parse(), is to pass expand_dbname=true and wrap
literal database names in a trivial connection string.  Escape
zero-length values in appendConnStrVal().  Back-patch to 9.1 (all
supported versions).

Nathan Bossart, Michael Paquier, and Noah Misch.  Reviewed by Peter
Eisentraut.  Reported by Nathan Bossart.

Security: CVE-2016-5424
22 files changed:
contrib/pg_upgrade/check.c diff | blob | history
contrib/pg_upgrade/dump.c diff | blob | history
contrib/pg_upgrade/pg_upgrade.c diff | blob | history
contrib/pg_upgrade/pg_upgrade.h diff | blob | history
contrib/pg_upgrade/server.c diff | blob | history
contrib/pg_upgrade/test.sh diff | blob | history
contrib/pg_upgrade/util.c diff | blob | history
contrib/pg_upgrade/version.c diff | blob | history
contrib/pg_upgrade/version_old_8_3.c diff | blob | history
src/bin/pg_basebackup/streamutil.c diff | blob | history
src/bin/pg_dump/dumputils.c diff | blob | history
src/bin/pg_dump/dumputils.h diff | blob | history
src/bin/pg_dump/pg_backup.h diff | blob | history
src/bin/pg_dump/pg_backup_archiver.c diff | blob | history
src/bin/pg_dump/pg_backup_db.c diff | blob | history
src/bin/pg_dump/pg_dumpall.c diff | blob | history
src/bin/psql/command.c diff | blob | history
src/bin/scripts/clusterdb.c diff | blob | history
src/bin/scripts/reindexdb.c diff | blob | history
src/bin/scripts/vacuumdb.c diff | blob | history
src/interfaces/libpq/fe-connect.c diff | blob | history
src/tools/msvc/vcregress.pl diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.