]> granicus.if.org Git - postgresql/commitdiff
Properly escape usernames in initdb, so names with single-quotes are
authorBruce Momjian <bruce@momjian.us>
Wed, 15 Aug 2012 15:23:04 +0000 (11:23 -0400)
committerBruce Momjian <bruce@momjian.us>
Wed, 15 Aug 2012 15:23:15 +0000 (11:23 -0400)
supported.  Also add assert to catch future breakage.

Also, improve documentation that "double"-quotes must be used in
pg_hba.conf (not single quotes).

doc/src/sgml/client-auth.sgml
src/backend/parser/scansup.c
src/bin/initdb/initdb.c

index 679c40a64ec64fbc0623e878954287a5e6081dc4..97713948df69b1a615765bee73eb6979bdd480d4 100644 (file)
@@ -80,7 +80,7 @@
    Records cannot be continued across lines.
    A record is made
    up of a number of fields which are separated by spaces and/or tabs.
-   Fields can contain white space if the field value is quoted.
+   Fields can contain white space if the field value is double-quoted.
    Quoting one of the keywords in a database, user, or address field (e.g.,
    <literal>all</> or <literal>replication</>) makes the word lose its special
    character, and just match a database, user, or host with that name.
index 6101457a1095b9fee3588c64627f1deec5f16fcd..b8e2f71d656ba44c295e689f8a7b5349b2eea01e 100644 (file)
@@ -56,6 +56,8 @@ scanstr(const char *s)
                         * appear in pairs, so there should be another character.
                         */
                        i++;
+                       /* The bootstrap parser is not as smart, so check here. */
+                       Assert(s[i] == '\'');
                        newStr[j] = s[i];
                }
                else if (s[i] == '\\')
index 132ad0fa4cdb9b59f052f2d97494910c27b1f219..a53760af85c8b67f9e6dbc625071ad1b4e9f2679 100644 (file)
@@ -1395,7 +1395,7 @@ bootstrap_template1(void)
        bki_lines = replace_token(bki_lines, "FLOAT8PASSBYVAL",
                                                          FLOAT8PASSBYVAL ? "true" : "false");
 
-       bki_lines = replace_token(bki_lines, "POSTGRES", username);
+       bki_lines = replace_token(bki_lines, "POSTGRES", escape_quotes(username));
 
        bki_lines = replace_token(bki_lines, "ENCODING", encodingid);
 
@@ -2043,8 +2043,8 @@ setup_privileges(void)
 
        PG_CMD_OPEN;
 
-       priv_lines = replace_token(privileges_setup,
-                                                          "$POSTGRES_SUPERUSERNAME", username);
+       priv_lines = replace_token(privileges_setup, "$POSTGRES_SUPERUSERNAME",
+                                                          escape_quotes(username));
        for (line = priv_lines; *line != NULL; line++)
                PG_CMD_PUTS(*line);
 
@@ -3056,7 +3056,6 @@ main(int argc, char *argv[])
        canonicalize_path(pg_data);
 
 #ifdef WIN32
-
        /*
         * Before we execute another program, make sure that we are running with a
         * restricted token. If not, re-execute ourselves with one.