Check that connection limit is within valid range. IOW, not < -1.
authorHeikki Linnakangas <heikki.linnakangas@iki.fi>
Fri, 30 Jan 2009 17:24:47 +0000 (17:24 +0000)
committerHeikki Linnakangas <heikki.linnakangas@iki.fi>
Fri, 30 Jan 2009 17:24:47 +0000 (17:24 +0000)
It's missing in older versions too, but it doesn't seem worth
back-porting. All negative are just harmlessly treated as "no limit", and
tightening the check might even brake an application that relies on it.

src/backend/commands/dbcommands.c
src/backend/commands/user.c

index 2ff7021f28503cc102f2b6f25e45b9aa10738f34..f9dcb973c0d8f64241f740a2e24ef94e974e29c3 100644 (file)
@@ -13,7 +13,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.218 2009/01/20 18:59:37 heikki Exp $
+ *       $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.219 2009/01/30 17:24:47 heikki Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -244,7 +244,13 @@ createdb(const CreatedbStmt *stmt)
                dbctype = strVal(dctype->arg);
 
        if (dconnlimit && dconnlimit->arg)
+       {
                dbconnlimit = intVal(dconnlimit->arg);
+               if (dbconnlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", dbconnlimit)));
+       }
 
        /* obtain OID of proposed owner */
        if (dbowner)
@@ -1319,7 +1325,13 @@ AlterDatabase(AlterDatabaseStmt *stmt, bool isTopLevel)
        }
 
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
 
        /*
         * Get the old tuple.  We don't need a lock on the database per se,
index 7c1da42bc3edac4a1686953231870000c8415784..22491cf3f78bd5eec21c4f1b541a48e0a713e981 100644 (file)
@@ -6,7 +6,7 @@
  * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.185 2009/01/22 20:16:02 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.186 2009/01/30 17:24:47 heikki Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -242,7 +242,13 @@ CreateRole(CreateRoleStmt *stmt)
        if (dcanlogin)
                canlogin = intVal(dcanlogin->arg) != 0;
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
        if (daddroleto)
                addroleto = (List *) daddroleto->arg;
        if (drolemembers)
@@ -533,7 +539,13 @@ AlterRole(AlterRoleStmt *stmt)
        if (dcanlogin)
                canlogin = intVal(dcanlogin->arg);
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
        if (drolemembers)
                rolemembers = (List *) drolemembers->arg;
        if (dvalidUntil)