]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 142c24c) | patch
Fix Windows shell argument quoting.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
commitbd65371851b7a9964b4b265d06fe1304315e37c1
tree42a29232611d7751de5457a683a08b4fc5e86982tree | snapshot
parent142c24c23447f212e642a0ffac9af878b93f490dcommit | diff
Fix Windows shell argument quoting.

The incorrect quoting may have permitted arbitrary command execution.
At a minimum, it gave broader control over the command line to actors
supposed to have control over a single argument.  Back-patch to 9.1 (all
supported versions).

Security: CVE-2016-5424
src/bin/pg_dump/pg_dumpall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.