From ae7c8b290f525504978c01d77366a753505d10d5 Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Tue, 22 May 2012 11:19:33 -0400 Subject: [PATCH] Fix error message for COMMENT/SECURITY LABEL ON COLUMN xxx IS 'yyy' When the column name is an unqualified name, rather than table.column, the error message complains about too many dotted names, which is wrong. Report by Peter Eisentraut based on examination of the sepgsql regression test output, but the problem also affects COMMENT. New wording as suggested by Tom Lane. --- contrib/sepgsql/expected/label.out | 2 +- src/backend/catalog/objectaddress.c | 4 ++++ src/test/regress/input/security_label.source | 1 + src/test/regress/output/security_label.source | 2 ++ 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/contrib/sepgsql/expected/label.out b/contrib/sepgsql/expected/label.out index bac169f37b..279cfab091 100644 --- a/contrib/sepgsql/expected/label.out +++ b/contrib/sepgsql/expected/label.out @@ -65,7 +65,7 @@ SECURITY LABEL ON TABLE t2 ERROR: SELinux: invalid security label: "invalid security context" SECURITY LABEL ON COLUMN t2 IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- be failed -ERROR: improper relation name (too many dotted names): +ERROR: column name must be qualified SECURITY LABEL ON COLUMN t2.b IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- ok -- diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 3925b8ec95..403bd9e283 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -526,6 +526,10 @@ get_object_address_attribute(ObjectType objtype, List *objname, const char *attname; /* Extract relation name and open relation. */ + if (list_length(objname) < 2) + ereport(ERROR, + (errcode(ERRCODE_SYNTAX_ERROR), + errmsg("column name must be qualified"))); attname = strVal(lfirst(list_tail(objname))); relname = list_truncate(list_copy(objname), list_length(objname) - 1); relation = relation_openrv(makeRangeVarFromNameList(relname), lockmode); diff --git a/src/test/regress/input/security_label.source b/src/test/regress/input/security_label.source index 810a721ca8..9b430b09a5 100644 --- a/src/test/regress/input/security_label.source +++ b/src/test/regress/input/security_label.source @@ -44,6 +44,7 @@ SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK SECURITY LABEL FOR 'unknown_seclabel' ON TABLE seclabel_tbl1 IS 'classified'; -- fail diff --git a/src/test/regress/output/security_label.source b/src/test/regress/output/security_label.source index 4bc803d694..4b53bd54c9 100644 --- a/src/test/regress/output/security_label.source +++ b/src/test/regress/output/security_label.source @@ -37,6 +37,8 @@ LOAD '@abs_builddir@/dummy_seclabel@DLSUFFIX@'; SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail +ERROR: column name must be qualified SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail ERROR: '...invalid label...' is not a valid security label SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK -- 2.40.0