2005-08-12 05:25:13 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
|
|
|
* genfile.c
|
2005-08-12 20:23:56 +02:00
|
|
|
* Functions for direct access to files
|
2005-08-12 05:25:13 +02:00
|
|
|
*
|
|
|
|
*
|
2010-01-02 17:58:17 +01:00
|
|
|
* Copyright (c) 2004-2010, PostgreSQL Global Development Group
|
2005-10-15 04:49:52 +02:00
|
|
|
*
|
2005-08-12 05:25:13 +02:00
|
|
|
* Author: Andreas Pflug <pgadmin@pse-consulting.de>
|
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/backend/utils/adt/genfile.c
|
2005-08-12 05:25:13 +02:00
|
|
|
*
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
#include "postgres.h"
|
|
|
|
|
|
|
|
#include <sys/file.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <dirent.h>
|
|
|
|
|
|
|
|
#include "catalog/pg_type.h"
|
|
|
|
#include "funcapi.h"
|
2010-01-05 02:29:36 +01:00
|
|
|
#include "mb/pg_wchar.h"
|
2005-08-12 20:23:56 +02:00
|
|
|
#include "miscadmin.h"
|
|
|
|
#include "postmaster/syslogger.h"
|
|
|
|
#include "storage/fd.h"
|
|
|
|
#include "utils/builtins.h"
|
|
|
|
#include "utils/memutils.h"
|
2006-07-13 18:49:20 +02:00
|
|
|
#include "utils/timestamp.h"
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-10-15 04:49:52 +02:00
|
|
|
typedef struct
|
2005-08-12 05:25:13 +02:00
|
|
|
{
|
2005-10-15 04:49:52 +02:00
|
|
|
char *location;
|
|
|
|
DIR *dirdesc;
|
2005-08-12 05:25:13 +02:00
|
|
|
} directory_fctx;
|
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
|
2005-08-12 05:25:13 +02:00
|
|
|
/*
|
2006-11-06 04:06:41 +01:00
|
|
|
* Convert a "text" filename argument to C string, and check it's allowable.
|
2005-08-12 20:23:56 +02:00
|
|
|
*
|
2006-11-06 04:06:41 +01:00
|
|
|
* Filename may be absolute or relative to the DataDir, but we only allow
|
|
|
|
* absolute paths that match DataDir or Log_directory.
|
2005-08-12 05:25:13 +02:00
|
|
|
*/
|
2005-08-12 20:23:56 +02:00
|
|
|
static char *
|
2006-11-06 04:06:41 +01:00
|
|
|
convert_and_check_filename(text *arg)
|
2005-08-12 05:25:13 +02:00
|
|
|
{
|
2008-03-25 23:42:46 +01:00
|
|
|
char *filename;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2008-03-25 23:42:46 +01:00
|
|
|
filename = text_to_cstring(arg);
|
2005-08-12 23:07:53 +02:00
|
|
|
canonicalize_path(filename); /* filename can change length here */
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-08-12 23:07:53 +02:00
|
|
|
/* Disallow ".." in the path */
|
|
|
|
if (path_contains_parent_reference(filename))
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
2005-10-15 04:49:52 +02:00
|
|
|
(errmsg("reference to parent directory (\"..\") not allowed"))));
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
if (is_absolute_path(filename))
|
|
|
|
{
|
2005-08-29 21:39:39 +02:00
|
|
|
/* Allow absolute references within DataDir */
|
|
|
|
if (path_is_prefix_of_path(DataDir, filename))
|
|
|
|
return filename;
|
2005-08-12 05:25:13 +02:00
|
|
|
/* The log directory might be outside our datadir, but allow it */
|
2005-08-29 21:39:39 +02:00
|
|
|
if (is_absolute_path(Log_directory) &&
|
|
|
|
path_is_prefix_of_path(Log_directory, filename))
|
2005-08-12 05:25:13 +02:00
|
|
|
return filename;
|
|
|
|
|
2005-10-15 04:49:52 +02:00
|
|
|
ereport(ERROR,
|
2005-08-12 05:25:13 +02:00
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
2005-08-12 20:23:56 +02:00
|
|
|
(errmsg("absolute path not allowed"))));
|
|
|
|
return NULL; /* keep compiler quiet */
|
2005-08-12 05:25:13 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2006-11-06 04:06:41 +01:00
|
|
|
return filename;
|
2005-08-12 05:25:13 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
/*
|
2010-12-15 22:56:28 +01:00
|
|
|
* Read a section of a file, returning it as bytea
|
|
|
|
*
|
|
|
|
* We read the whole of the file when bytes_to_read is nagative.
|
2005-08-12 20:23:56 +02:00
|
|
|
*/
|
2010-12-15 22:56:28 +01:00
|
|
|
static bytea *
|
|
|
|
read_binary_file(text *filename_t, int64 seek_offset, int64 bytes_to_read)
|
2005-08-12 05:25:13 +02:00
|
|
|
{
|
2010-12-15 22:56:28 +01:00
|
|
|
bytea *buf;
|
2005-08-12 05:25:13 +02:00
|
|
|
size_t nbytes;
|
2005-10-15 04:49:52 +02:00
|
|
|
FILE *file;
|
|
|
|
char *filename;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
if (!superuser())
|
2005-10-15 04:49:52 +02:00
|
|
|
ereport(ERROR,
|
2005-08-12 05:25:13 +02:00
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
|
|
|
(errmsg("must be superuser to read files"))));
|
|
|
|
|
2006-11-06 04:06:41 +01:00
|
|
|
filename = convert_and_check_filename(filename_t);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2010-12-15 22:56:28 +01:00
|
|
|
if (bytes_to_read < 0)
|
|
|
|
{
|
|
|
|
if (seek_offset < 0)
|
|
|
|
bytes_to_read = -seek_offset;
|
|
|
|
else
|
|
|
|
{
|
|
|
|
struct stat fst;
|
|
|
|
|
|
|
|
if (stat(filename, &fst) < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not stat file \"%s\": %m", filename)));
|
|
|
|
|
|
|
|
bytes_to_read = fst.st_size - seek_offset;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* not sure why anyone thought that int64 length was a good idea */
|
|
|
|
if (bytes_to_read > (MaxAllocSize - VARHDRSZ))
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
|
|
|
|
errmsg("requested length too large")));
|
|
|
|
|
2005-08-12 05:25:13 +02:00
|
|
|
if ((file = AllocateFile(filename, PG_BINARY_R)) == NULL)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
2005-08-12 20:23:56 +02:00
|
|
|
errmsg("could not open file \"%s\" for reading: %m",
|
|
|
|
filename)));
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
if (fseeko(file, (off_t) seek_offset,
|
|
|
|
(seek_offset >= 0) ? SEEK_SET : SEEK_END) != 0)
|
2005-08-12 05:25:13 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
2005-08-12 20:23:56 +02:00
|
|
|
errmsg("could not seek in file \"%s\": %m", filename)));
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2010-12-15 22:56:28 +01:00
|
|
|
buf = (bytea *) palloc((Size) bytes_to_read + VARHDRSZ);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
nbytes = fread(VARDATA(buf), 1, (size_t) bytes_to_read, file);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-10-15 21:47:09 +02:00
|
|
|
if (ferror(file))
|
2005-08-12 05:25:13 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
2005-08-12 20:23:56 +02:00
|
|
|
errmsg("could not read file \"%s\": %m", filename)));
|
|
|
|
|
2007-02-28 00:48:10 +01:00
|
|
|
SET_VARSIZE(buf, nbytes + VARHDRSZ);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
FreeFile(file);
|
2005-08-12 20:23:56 +02:00
|
|
|
pfree(filename);
|
|
|
|
|
2010-12-15 22:56:28 +01:00
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* In addition to read_binary_file, verify whether the contents are encoded
|
|
|
|
* in the database encoding.
|
|
|
|
*/
|
|
|
|
static text *
|
|
|
|
read_text_file(text *filename, int64 seek_offset, int64 bytes_to_read)
|
|
|
|
{
|
|
|
|
bytea *buf = read_binary_file(filename, seek_offset, bytes_to_read);
|
|
|
|
|
|
|
|
/* Make sure the input is valid */
|
|
|
|
pg_verifymbstr(VARDATA(buf), VARSIZE(buf) - VARHDRSZ, false);
|
|
|
|
|
|
|
|
/* OK, we can cast it as text safely */
|
|
|
|
return (text *) buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read a section of a file, returning it as text
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_read_file(PG_FUNCTION_ARGS)
|
|
|
|
{
|
|
|
|
text *filename_t = PG_GETARG_TEXT_P(0);
|
|
|
|
int64 seek_offset = PG_GETARG_INT64(1);
|
|
|
|
int64 bytes_to_read = PG_GETARG_INT64(2);
|
|
|
|
|
|
|
|
if (bytes_to_read < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
|
|
|
|
errmsg("requested length cannot be negative")));
|
|
|
|
|
|
|
|
PG_RETURN_TEXT_P(read_text_file(filename_t, seek_offset, bytes_to_read));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read the whole of a file, returning it as text
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_read_file_all(PG_FUNCTION_ARGS)
|
|
|
|
{
|
|
|
|
text *filename_t = PG_GETARG_TEXT_P(0);
|
|
|
|
|
|
|
|
PG_RETURN_TEXT_P(read_text_file(filename_t, 0, -1));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read a section of a file, returning it as bytea
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_read_binary_file(PG_FUNCTION_ARGS)
|
|
|
|
{
|
|
|
|
text *filename_t = PG_GETARG_TEXT_P(0);
|
|
|
|
int64 seek_offset = PG_GETARG_INT64(1);
|
|
|
|
int64 bytes_to_read = PG_GETARG_INT64(2);
|
|
|
|
|
|
|
|
if (bytes_to_read < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
|
|
|
|
errmsg("requested length cannot be negative")));
|
|
|
|
|
|
|
|
PG_RETURN_BYTEA_P(read_binary_file(filename_t, seek_offset, bytes_to_read));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read the whole of a file, returning it as bytea
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_read_binary_file_all(PG_FUNCTION_ARGS)
|
|
|
|
{
|
|
|
|
text *filename_t = PG_GETARG_TEXT_P(0);
|
|
|
|
|
|
|
|
PG_RETURN_BYTEA_P(read_binary_file(filename_t, 0, -1));
|
2005-08-12 05:25:13 +02:00
|
|
|
}
|
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
/*
|
|
|
|
* stat a file
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_stat_file(PG_FUNCTION_ARGS)
|
2005-08-12 05:25:13 +02:00
|
|
|
{
|
2005-08-12 20:23:56 +02:00
|
|
|
text *filename_t = PG_GETARG_TEXT_P(0);
|
2005-10-15 04:49:52 +02:00
|
|
|
char *filename;
|
2005-08-12 05:25:13 +02:00
|
|
|
struct stat fst;
|
2005-08-16 01:00:14 +02:00
|
|
|
Datum values[6];
|
|
|
|
bool isnull[6];
|
2005-08-12 05:25:13 +02:00
|
|
|
HeapTuple tuple;
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDesc tupdesc;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
if (!superuser())
|
2005-10-15 04:49:52 +02:00
|
|
|
ereport(ERROR,
|
2005-08-12 05:25:13 +02:00
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
|
|
|
(errmsg("must be superuser to get file information"))));
|
|
|
|
|
2006-11-06 04:06:41 +01:00
|
|
|
filename = convert_and_check_filename(filename_t);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
if (stat(filename, &fst) < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
2005-08-12 20:23:56 +02:00
|
|
|
errmsg("could not stat file \"%s\": %m", filename)));
|
|
|
|
|
2005-08-13 21:02:34 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* This record type had better match the output parameters declared for me
|
2006-11-24 22:18:42 +01:00
|
|
|
* in pg_proc.h.
|
2005-08-13 21:02:34 +02:00
|
|
|
*/
|
2005-08-16 01:00:14 +02:00
|
|
|
tupdesc = CreateTemplateTupleDesc(6, false);
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 1,
|
2005-08-16 01:00:14 +02:00
|
|
|
"size", INT8OID, -1, 0);
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 2,
|
2005-08-16 01:00:14 +02:00
|
|
|
"access", TIMESTAMPTZOID, -1, 0);
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 3,
|
2005-08-16 01:00:14 +02:00
|
|
|
"modification", TIMESTAMPTZOID, -1, 0);
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 4,
|
2005-08-16 01:00:14 +02:00
|
|
|
"change", TIMESTAMPTZOID, -1, 0);
|
2005-08-12 20:23:56 +02:00
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 5,
|
2005-08-16 01:00:14 +02:00
|
|
|
"creation", TIMESTAMPTZOID, -1, 0);
|
|
|
|
TupleDescInitEntry(tupdesc, (AttrNumber) 6,
|
2005-08-12 20:23:56 +02:00
|
|
|
"isdir", BOOLOID, -1, 0);
|
|
|
|
BlessTupleDesc(tupdesc);
|
|
|
|
|
2005-08-16 01:00:14 +02:00
|
|
|
memset(isnull, false, sizeof(isnull));
|
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
values[0] = Int64GetDatum((int64) fst.st_size);
|
|
|
|
values[1] = TimestampTzGetDatum(time_t_to_timestamptz(fst.st_atime));
|
|
|
|
values[2] = TimestampTzGetDatum(time_t_to_timestamptz(fst.st_mtime));
|
2005-08-16 01:00:14 +02:00
|
|
|
/* Unix has file status change time, while Win32 has creation time */
|
|
|
|
#if !defined(WIN32) && !defined(__CYGWIN__)
|
2005-08-12 20:23:56 +02:00
|
|
|
values[3] = TimestampTzGetDatum(time_t_to_timestamptz(fst.st_ctime));
|
2005-08-16 01:00:14 +02:00
|
|
|
isnull[4] = true;
|
|
|
|
#else
|
|
|
|
isnull[3] = true;
|
|
|
|
values[4] = TimestampTzGetDatum(time_t_to_timestamptz(fst.st_ctime));
|
|
|
|
#endif
|
Fix a number of places that were making file-type tests infelicitously.
The places that did, eg,
(statbuf.st_mode & S_IFMT) == S_IFDIR
were correct, but there is no good reason not to use S_ISDIR() instead,
especially when that's what the other 90% of our code does. The places
that did, eg,
(statbuf.st_mode & S_IFDIR)
were flat out *wrong* and would fail in various platform-specific ways,
eg a symlink could be mistaken for a regular file on most Unixen.
The actual impact of this is probably small, since the problem cases
seem to always involve symlinks or sockets, which are unlikely to be
found in the directories that PG code might be scanning. But it's
clearly trouble waiting to happen, so patch all the way back anyway.
(There seem to be no occurrences of the mistake in 7.4.)
2008-03-31 03:31:43 +02:00
|
|
|
values[5] = BoolGetDatum(S_ISDIR(fst.st_mode));
|
2005-08-12 20:23:56 +02:00
|
|
|
|
|
|
|
tuple = heap_form_tuple(tupdesc, values, isnull);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
pfree(filename);
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
PG_RETURN_DATUM(HeapTupleGetDatum(tuple));
|
2005-08-12 05:25:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2005-08-12 20:23:56 +02:00
|
|
|
/*
|
|
|
|
* List a directory (returns the filenames only)
|
|
|
|
*/
|
|
|
|
Datum
|
|
|
|
pg_ls_dir(PG_FUNCTION_ARGS)
|
2005-08-12 05:25:13 +02:00
|
|
|
{
|
2005-10-15 04:49:52 +02:00
|
|
|
FuncCallContext *funcctx;
|
|
|
|
struct dirent *de;
|
|
|
|
directory_fctx *fctx;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
if (!superuser())
|
2005-10-15 04:49:52 +02:00
|
|
|
ereport(ERROR,
|
2005-08-12 05:25:13 +02:00
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
|
|
|
(errmsg("must be superuser to get directory listings"))));
|
|
|
|
|
|
|
|
if (SRF_IS_FIRSTCALL())
|
|
|
|
{
|
|
|
|
MemoryContext oldcontext;
|
|
|
|
|
|
|
|
funcctx = SRF_FIRSTCALL_INIT();
|
|
|
|
oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
|
|
|
|
|
|
|
|
fctx = palloc(sizeof(directory_fctx));
|
2006-11-06 04:06:41 +01:00
|
|
|
fctx->location = convert_and_check_filename(PG_GETARG_TEXT_P(0));
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
fctx->dirdesc = AllocateDir(fctx->location);
|
|
|
|
|
|
|
|
if (!fctx->dirdesc)
|
2005-10-15 04:49:52 +02:00
|
|
|
ereport(ERROR,
|
2005-08-12 05:25:13 +02:00
|
|
|
(errcode_for_file_access(),
|
2005-08-12 20:23:56 +02:00
|
|
|
errmsg("could not open directory \"%s\": %m",
|
|
|
|
fctx->location)));
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
funcctx->user_fctx = fctx;
|
|
|
|
MemoryContextSwitchTo(oldcontext);
|
|
|
|
}
|
|
|
|
|
|
|
|
funcctx = SRF_PERCALL_SETUP();
|
2005-10-15 04:49:52 +02:00
|
|
|
fctx = (directory_fctx *) funcctx->user_fctx;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
|
|
|
while ((de = ReadDir(fctx->dirdesc, fctx->location)) != NULL)
|
|
|
|
{
|
2005-08-12 20:23:56 +02:00
|
|
|
if (strcmp(de->d_name, ".") == 0 ||
|
|
|
|
strcmp(de->d_name, "..") == 0)
|
2005-10-15 04:49:52 +02:00
|
|
|
continue;
|
2005-08-12 05:25:13 +02:00
|
|
|
|
2008-03-25 23:42:46 +01:00
|
|
|
SRF_RETURN_NEXT(funcctx, CStringGetTextDatum(de->d_name));
|
2005-08-12 05:25:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
FreeDir(fctx->dirdesc);
|
2005-08-12 20:23:56 +02:00
|
|
|
|
2005-08-12 05:25:13 +02:00
|
|
|
SRF_RETURN_DONE(funcctx);
|
|
|
|
}
|