]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 61c2cd8) | patch
Fix Windows shell argument quoting.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:54 +0000 (10:07 -0400)
commit2d69f5b12e5a99eea7bc175fa30e612384bf9e52
treed02937a4dfb24d70591a8e6151ba939e765dcff0tree | snapshot
parent61c2cd88deca0d7e4c0bfb0c17b4959f59e08167commit | diff
Fix Windows shell argument quoting.

The incorrect quoting may have permitted arbitrary command execution.
At a minimum, it gave broader control over the command line to actors
supposed to have control over a single argument.  Back-patch to 9.1 (all
supported versions).

Security: CVE-2016-5424
src/bin/pg_dump/pg_dumpall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.