]> granicus.if.org Git - postgresql/commitdiff
projects / postgresql / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a1f8b6b)
Sort out paired double quotes in \connect, \password and \crosstabview.
authorNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
committerNoah Misch <noah@leadboat.com>
Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400)
In arguments, these meta-commands wrongly treated each pair as closing
the double quoted string.  Make the behavior match the documentation.
This is a compatibility break, but I more expect to find software with
untested reliance on the documented behavior than software reliant on
today's behavior.  Back-patch to 9.1 (all supported versions).

Reviewed by Tom Lane and Peter Eisentraut.

Security: CVE-2016-5424

src/bin/psql/psqlscanslash.l patch | blob | history
src/test/regress/expected/psql_crosstab.out patch | blob | history
src/test/regress/sql/psql_crosstab.sql patch | blob | history

diff --git a/src/bin/psql/psqlscanslash.l b/src/bin/psql/psqlscanslash.l
index 90854afeb0e049322d589c45172e1f02b3cef938..86832a865328798b82f49273601e4c379dc35206 100644 (file)
--- a/src/bin/psql/psqlscanslash.l
+++ b/src/bin/psql/psqlscanslash.l
@@ -671,7 +671,8 @@ dequote_downcase_identifier(char *str, bool downcase, int encoding)
                                /* Keep the first quote, remove the second */
                                cp++;
                        }
-                       inquotes = !inquotes;
+                       else
+                               inquotes = !inquotes;
                        /* Collapse out quote at *cp */
                        memmove(cp, cp + 1, strlen(cp));
                        /* do not advance cp */
diff --git a/src/test/regress/expected/psql_crosstab.out b/src/test/regress/expected/psql_crosstab.out
index 9be36c448019dc1a5f3768df82fc518da43fe3b8..b583323a9e4e15a4de3c0f930da79740fbc07376 100644 (file)
--- a/src/test/regress/expected/psql_crosstab.out
+++ b/src/test/regress/expected/psql_crosstab.out
@@ -46,19 +46,19 @@ SELECT v, to_char(d, 'Mon') AS "month name", EXTRACT(month FROM d) AS num,
 (3 rows)
 
 -- ordered months in vertical header, ordered years in horizontal header
-SELECT EXTRACT(year FROM d) AS year, to_char(d,'Mon') AS "month name",
+SELECT EXTRACT(year FROM d) AS year, to_char(d,'Mon') AS """month"" name",
   EXTRACT(month FROM d) AS month,
   format('sum=%s avg=%s', sum(i), avg(i)::numeric(2,1))
   FROM ctv_data
   GROUP BY EXTRACT(year FROM d), to_char(d,'Mon'), EXTRACT(month FROM d)
 ORDER BY month
-\crosstabview "month name" year format year
month name |      2014       |      2015      
-------------+-----------------+----------------
- Jan        |                 | sum=3 avg=3.0
- Apr        |                 | sum=10 avg=5.0
- Jul        | sum=5 avg=5.0   | sum=4 avg=4.0
- Dec        | sum=-3 avg=-3.0 | 
+\crosstabview """month"" name" year format year
"month" name |      2014       |      2015      
+--------------+-----------------+----------------
+ Jan          |                 | sum=3 avg=3.0
+ Apr          |                 | sum=10 avg=5.0
+ Jul          | sum=5 avg=5.0   | sum=4 avg=4.0
+ Dec          | sum=-3 avg=-3.0 | 
 (4 rows)
 
 -- combine contents vertically into the same cell (V/H duplicates)
diff --git a/src/test/regress/sql/psql_crosstab.sql b/src/test/regress/sql/psql_crosstab.sql
index dff023876bf9642a8dd8d4fd76b381d513b46b20..1237e82f2d6da7a60961fd0635c918e9b8551e61 100644 (file)
--- a/src/test/regress/sql/psql_crosstab.sql
+++ b/src/test/regress/sql/psql_crosstab.sql
@@ -29,13 +29,13 @@ SELECT v, to_char(d, 'Mon') AS "month name", EXTRACT(month FROM d) AS num,
  \crosstabview v "month name" 4 num
 
 -- ordered months in vertical header, ordered years in horizontal header
-SELECT EXTRACT(year FROM d) AS year, to_char(d,'Mon') AS "month name",
+SELECT EXTRACT(year FROM d) AS year, to_char(d,'Mon') AS """month"" name",
   EXTRACT(month FROM d) AS month,
   format('sum=%s avg=%s', sum(i), avg(i)::numeric(2,1))
   FROM ctv_data
   GROUP BY EXTRACT(year FROM d), to_char(d,'Mon'), EXTRACT(month FROM d)
 ORDER BY month
-\crosstabview "month name" year format year
+\crosstabview """month"" name" year format year
 
 -- combine contents vertically into the same cell (V/H duplicates)
 SELECT v, h, string_agg(c, E'\n') FROM ctv_data GROUP BY v, h ORDER BY 1,2,3
Unnamed repository; edit this file 'description' to name the repository.