]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0f679d2) | patch
Fix Windows shell argument quoting.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:52 +0000 (10:07 -0400)
commit395d565ac76b6fe5a9a97fb5e87e0d0842ba9824
tree26918d249e5e160406f6a00e4837f4c8aae93bdctree | snapshot
parent0f679d2c1cb0ef5fc43133ebebf489b82b929214commit | diff
Fix Windows shell argument quoting.

The incorrect quoting may have permitted arbitrary command execution.
At a minimum, it gave broader control over the command line to actors
supposed to have control over a single argument.  Back-patch to 9.1 (all
supported versions).

Security: CVE-2016-5424
src/bin/pg_dump/pg_dumpall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.