Make contrib/unaccent's unaccent() function work when not in search path.

Since the fixes for CVE-2018-1058, we've advised people to schema-qualify
function references in order to fix failures in code that executes under
a minimal search_path setting.  However, that's insufficient to make the
single-argument form of unaccent() work, because it looks up the "unaccent"
text search dictionary using the search path.

The most expedient answer seems to be to remove the search_path dependency
by making it look in the same schema that the unaccent() function itself
is declared in.  This will definitely work for the normal usage of this
function with the unaccent dictionary provided by the extension.
It's barely possible that there are people who were relying on the
search-path-dependent behavior to select other dictionaries with the same
name; but if there are any such people at all, they can still get that
behavior by writing unaccent('unaccent', ...), or possibly
unaccent('unaccent'::text::regdictionary, ...) if the lookup has to be
postponed to runtime.

Per complaint from Gunnlaugur Thor Briem.  Back-patch to all supported
branches.

Discussion: https://postgr.es/m/CAPs+M8LCex6d=DeneofdsoJVijaG59m9V0ggbb3pOH7hZO4+cQ@mail.gmail.com

diff --git a/contrib/unaccent/unaccent.c b/contrib/unaccent/unaccent.c
index eafb4107b0d0f0efb22407b46c1d9f02812b396f..b9ec9d3315a936793d817f8a1be549354ba57b7c 100644 (file)
--- a/contrib/unaccent/unaccent.c
+++ b/contrib/unaccent/unaccent.c
@@ -20,6 +20,8 @@
 #include "tsearch/ts_locale.h"
 #include "tsearch/ts_public.h"
 #include "utils/builtins.h"
+#include "utils/lsyscache.h"
+#include "utils/syscache.h"
 
 PG_MODULE_MAGIC;
 
@@ -375,7 +377,21 @@ unaccent_dict(PG_FUNCTION_ARGS)
 
        if (PG_NARGS() == 1)
        {
-               dictOid = get_ts_dict_oid(stringToQualifiedNameList("unaccent"), false);
+               /*
+                * Use the "unaccent" dictionary that is in the same schema that this
+                * function is in.
+                */
+               Oid                     procnspid = get_func_namespace(fcinfo->flinfo->fn_oid);
+               const char *dictname = "unaccent";
+
+               dictOid = GetSysCacheOid2(TSDICTNAMENSP,
+                                                                 PointerGetDatum(dictname),
+                                                                 ObjectIdGetDatum(procnspid));
+               if (!OidIsValid(dictOid))
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_UNDEFINED_OBJECT),
+                                        errmsg("text search dictionary \"%s.%s\" does not exist",
+                                                       get_namespace_name(procnspid), dictname)));
                strArg = 0;
        }
        else

diff --git a/doc/src/sgml/unaccent.sgml b/doc/src/sgml/unaccent.sgml
index 1382fafc5ec3859ae14f8a3e0f26d57c46bbf0de..d6c12fd5a7844210449b05dc8617964291dd367e 100644 (file)
--- a/doc/src/sgml/unaccent.sgml
+++ b/doc/src/sgml/unaccent.sgml
@@ -171,12 +171,14 @@ mydb=# select ts_headline('fr','Hôtel de la Mer',to_tsquery('fr','Hotels')
  </indexterm>
 
 <synopsis>
-unaccent(<optional><replaceable class="PARAMETER">dictionary</replaceable>, </optional> <replaceable class="PARAMETER">string</replaceable>) returns <type>text</type>
+unaccent(<optional><replaceable class="parameter">dictionary</replaceable> <type>regdictionary</type>, </optional> <replaceable class="parameter">string</replaceable> <type>text</type>) returns <type>text</type>
 </synopsis>
 
  <para>
-  If the <replaceable class="PARAMETER">dictionary</replaceable> argument is
-  omitted, <literal>unaccent</> is assumed.
+  If the <replaceable class="parameter">dictionary</replaceable> argument is
+  omitted, the text search dictionary named <literal>unaccent</literal> and
+  appearing in the same schema as the <function>unaccent()</function>
+  function itself is used.
  </para>
 
  <para>