Field conninfo strings throughout src/bin/scripts.

These programs nominally accepted conninfo strings, but they would
proceed to use the original dbname parameter as though it were an
unadorned database name.  This caused "reindexdb dbname=foo" to issue an
SQL command that always failed, and other programs printed a conninfo
string in error messages that purported to print a database name.  Fix
both problems by using PQdb() to retrieve actual database names.
Continue to print the full conninfo string when reporting a connection
failure.  It is informative there, and if the database name is the sole
problem, the server-side error message will include the name.  Beyond
those user-visible fixes, this allows a subsequent commit to synthesize
and use conninfo strings without that implementation detail leaking into
messages.  As a side effect, the "vacuuming database" message now
appears after, not before, the connection attempt.  Back-patch to 9.1
(all supported versions).

Reviewed by Michael Paquier and Peter Eisentraut.

Security: CVE-2016-5424

diff --git a/src/bin/scripts/clusterdb.c b/src/bin/scripts/clusterdb.c
index 5ad1d01a1afb47aac20ac0a289d6ae5c44d81474..c97f2be8190ed4dd713e8a93efaefe7ef5529684 100644 (file)
--- a/src/bin/scripts/clusterdb.c
+++ b/src/bin/scripts/clusterdb.c
@@ -209,10 +209,10 @@ cluster_one_database(const char *dbname, bool verbose, const char *table,
        {
                if (table)
                        fprintf(stderr, _("%s: clustering of table \"%s\" in database \"%s\" failed: %s"),
-                                       progname, table, dbname, PQerrorMessage(conn));
+                                       progname, table, PQdb(conn), PQerrorMessage(conn));
                else
                        fprintf(stderr, _("%s: clustering of database \"%s\" failed: %s"),
-                                       progname, dbname, PQerrorMessage(conn));
+                                       progname, PQdb(conn), PQerrorMessage(conn));
                PQfinish(conn);
                exit(1);
        }

diff --git a/src/bin/scripts/createlang.c b/src/bin/scripts/createlang.c
index 9bbd67de7bd7358e89d0d7a911a418fad62d499f..9a7adfa72c6ad0623d741e765117b7e94433b6b3 100644 (file)
--- a/src/bin/scripts/createlang.c
+++ b/src/bin/scripts/createlang.c
@@ -192,10 +192,10 @@ main(int argc, char *argv[])
        result = executeQuery(conn, sql.data, progname, echo);
        if (PQntuples(result) > 0)
        {
-               PQfinish(conn);
                fprintf(stderr,
                  _("%s: language \"%s\" is already installed in database \"%s\"\n"),
-                               progname, langname, dbname);
+                               progname, langname, PQdb(conn));
+               PQfinish(conn);
                /* separate exit status for "already installed" */
                exit(2);
        }

diff --git a/src/bin/scripts/droplang.c b/src/bin/scripts/droplang.c
index 09f7b66a47d191e64ff8f1c167dc2fbafda47e78..60b56d5e533bce748d4e8151903ed855e764d4a2 100644 (file)
--- a/src/bin/scripts/droplang.c
+++ b/src/bin/scripts/droplang.c
@@ -199,10 +199,10 @@ main(int argc, char *argv[])
        result = executeQuery(conn, sql.data, progname, echo);
        if (PQntuples(result) == 0)
        {
-               PQfinish(conn);
                fprintf(stderr, _("%s: language \"%s\" is not installed in "
                                                  "database \"%s\"\n"),
-                               progname, langname, dbname);
+                               progname, langname, PQdb(conn));
+               PQfinish(conn);
                exit(1);
        }
        PQclear(result);

diff --git a/src/bin/scripts/reindexdb.c b/src/bin/scripts/reindexdb.c
index 561bbcebd233016eb866930ae262ce92c61854e4..4a18895d71a9cec74740ebf0efcab5ee2fccd115 100644 (file)
--- a/src/bin/scripts/reindexdb.c
+++ b/src/bin/scripts/reindexdb.c
@@ -228,7 +228,7 @@ main(int argc, char *argv[])
                }
                /* reindex database only if neither index nor table is specified */
                if (indexes.head == NULL && tables.head == NULL)
-                       reindex_one_database(dbname, dbname, "DATABASE", host, port,
+                       reindex_one_database(NULL, dbname, "DATABASE", host, port,
                                                                 username, prompt_password, progname, echo);
        }
 
@@ -244,6 +244,9 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
 
        PGconn     *conn;
 
+       conn = connectDatabase(dbname, host, port, username, prompt_password,
+                                                  progname, false);
+
        initPQExpBuffer(&sql);
 
        appendPQExpBufferStr(&sql, "REINDEX");
@@ -252,23 +255,20 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
        else if (strcmp(type, "INDEX") == 0)
                appendPQExpBuffer(&sql, " INDEX %s", name);
        else if (strcmp(type, "DATABASE") == 0)
-               appendPQExpBuffer(&sql, " DATABASE %s", fmtId(name));
+               appendPQExpBuffer(&sql, " DATABASE %s", fmtId(PQdb(conn)));
        appendPQExpBufferStr(&sql, ";");
 
-       conn = connectDatabase(dbname, host, port, username, prompt_password,
-                                                  progname, false);
-
        if (!executeMaintenanceCommand(conn, sql.data, echo))
        {
                if (strcmp(type, "TABLE") == 0)
                        fprintf(stderr, _("%s: reindexing of table \"%s\" in database \"%s\" failed: %s"),
-                                       progname, name, dbname, PQerrorMessage(conn));
+                                       progname, name, PQdb(conn), PQerrorMessage(conn));
                if (strcmp(type, "INDEX") == 0)
                        fprintf(stderr, _("%s: reindexing of index \"%s\" in database \"%s\" failed: %s"),
-                                       progname, name, dbname, PQerrorMessage(conn));
+                                       progname, name, PQdb(conn), PQerrorMessage(conn));
                else
                        fprintf(stderr, _("%s: reindexing of database \"%s\" failed: %s"),
-                                       progname, dbname, PQerrorMessage(conn));
+                                       progname, PQdb(conn), PQerrorMessage(conn));
                PQfinish(conn);
                exit(1);
        }
@@ -314,16 +314,16 @@ reindex_system_catalogs(const char *dbname, const char *host, const char *port,
                                                const char *username, enum trivalue prompt_password,
                                                const char *progname, bool echo)
 {
+       PGconn     *conn;
        PQExpBufferData sql;
 
-       PGconn     *conn;
+       conn = connectDatabase(dbname, host, port, username, prompt_password,
+                                                  progname, false);
 
        initPQExpBuffer(&sql);
 
-       appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;", dbname);
+       appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;", PQdb(conn));
 
-       conn = connectDatabase(dbname, host, port, username, prompt_password,
-                                                  progname, false);
        if (!executeMaintenanceCommand(conn, sql.data, echo))
        {
                fprintf(stderr, _("%s: reindexing of system catalogs failed: %s"),

diff --git a/src/bin/scripts/vacuumdb.c b/src/bin/scripts/vacuumdb.c
index 86e6ab359fa593fd20665f20bdfc71a059f165a9..eca703de228189d515a6d8cde2a854411199546e 100644 (file)
--- a/src/bin/scripts/vacuumdb.c
+++ b/src/bin/scripts/vacuumdb.c
@@ -236,16 +236,16 @@ main(int argc, char *argv[])
 
 
 static void
-run_vacuum_command(PGconn *conn, const char *sql, bool echo, const char *dbname, const char *table, const char *progname)
+run_vacuum_command(PGconn *conn, const char *sql, bool echo, const char *table, const char *progname)
 {
        if (!executeMaintenanceCommand(conn, sql, echo))
        {
                if (table)
                        fprintf(stderr, _("%s: vacuuming of table \"%s\" in database \"%s\" failed: %s"),
-                                       progname, table, dbname, PQerrorMessage(conn));
+                                       progname, table, PQdb(conn), PQerrorMessage(conn));
                else
                        fprintf(stderr, _("%s: vacuuming of database \"%s\" failed: %s"),
-                                       progname, dbname, PQerrorMessage(conn));
+                                       progname, PQdb(conn), PQerrorMessage(conn));
                PQfinish(conn);
                exit(1);
        }
@@ -348,7 +348,7 @@ vacuum_one_database(const char *dbname, bool full, bool verbose, bool and_analyz
                                        fflush(stdout);
                                }
                                executeCommand(conn, stage_commands[i], progname, echo);
-                               run_vacuum_command(conn, sql.data, echo, dbname, table, progname);
+                               run_vacuum_command(conn, sql.data, echo, table, progname);
                        }
                }
                else
@@ -361,12 +361,12 @@ vacuum_one_database(const char *dbname, bool full, bool verbose, bool and_analyz
                                fflush(stdout);
                        }
                        executeCommand(conn, stage_commands[stage], progname, echo);
-                       run_vacuum_command(conn, sql.data, echo, dbname, table, progname);
+                       run_vacuum_command(conn, sql.data, echo, table, progname);
                }
 
        }
        else
-               run_vacuum_command(conn, sql.data, echo, dbname, NULL, progname);
+               run_vacuum_command(conn, sql.data, echo, NULL, progname);
 
        PQfinish(conn);
        termPQExpBuffer(&sql);