1996-07-09 08:22:35 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
1999-02-14 00:22:53 +01:00
|
|
|
* be-fsstubs.c
|
2004-07-28 16:23:31 +02:00
|
|
|
* Builtin functions for open/close/read/write operations on large objects
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
2021-01-02 19:06:25 +01:00
|
|
|
* Portions Copyright (c) 1996-2021, PostgreSQL Global Development Group
|
2000-01-26 06:58:53 +01:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/backend/libpq/be-fsstubs.c
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
* NOTES
|
|
|
|
* This should be moved to a more appropriate place. It is here
|
|
|
|
* for lack of a better place.
|
|
|
|
*
|
2006-04-26 02:34:57 +02:00
|
|
|
* These functions store LargeObjectDesc structs in a private MemoryContext,
|
|
|
|
* which means that large object descriptors hang around until we destroy
|
|
|
|
* the context at transaction end. It'd be possible to prolong the lifetime
|
1999-06-01 00:53:59 +02:00
|
|
|
* of the context so that LO FDs are good across transactions (for example,
|
|
|
|
* we could release the context only if we see that no FDs remain open).
|
|
|
|
* But we'd need additional state in order to do the right thing at the
|
|
|
|
* end of an aborted transaction. FDs opened during an aborted xact would
|
|
|
|
* still need to be closed, since they might not be pointing at valid
|
2000-06-28 05:33:33 +02:00
|
|
|
* relations at all. Locking semantics are also an interesting problem
|
|
|
|
* if LOs stay open across transactions. For now, we'll stick with the
|
|
|
|
* existing documented semantics of LO FDs: they're only good within a
|
|
|
|
* transaction.
|
1999-06-01 00:53:59 +02:00
|
|
|
*
|
2004-08-04 23:34:35 +02:00
|
|
|
* As of PostgreSQL 8.0, much of the angst expressed above is no longer
|
2004-07-28 16:23:31 +02:00
|
|
|
* relevant, and in fact it'd be pretty easy to allow LO FDs to stay
|
2006-04-26 02:34:57 +02:00
|
|
|
* open across transactions. (Snapshot relevancy would still be an issue.)
|
|
|
|
* However backwards compatibility suggests that we should stick to the
|
|
|
|
* status quo.
|
2004-07-28 16:23:31 +02:00
|
|
|
*
|
1996-07-09 08:22:35 +02:00
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
2000-10-24 03:38:44 +02:00
|
|
|
#include "postgres.h"
|
|
|
|
|
1996-11-06 09:48:33 +01:00
|
|
|
#include <fcntl.h>
|
1996-11-15 19:38:20 +01:00
|
|
|
#include <sys/stat.h>
|
1996-11-06 09:48:33 +01:00
|
|
|
#include <unistd.h>
|
1996-07-09 08:22:35 +02:00
|
|
|
|
1999-07-16 01:04:24 +02:00
|
|
|
#include "libpq/be-fsstubs.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "libpq/libpq-fs.h"
|
2001-06-13 23:44:41 +02:00
|
|
|
#include "miscadmin.h"
|
2004-02-10 02:55:27 +01:00
|
|
|
#include "storage/fd.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "storage/large_object.h"
|
2009-12-11 04:34:57 +01:00
|
|
|
#include "utils/acl.h"
|
2008-03-25 23:42:46 +01:00
|
|
|
#include "utils/builtins.h"
|
2000-07-17 05:05:41 +02:00
|
|
|
#include "utils/memutils.h"
|
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
/* define this to enable debug logging */
|
|
|
|
/* #define FSDB 1 */
|
|
|
|
/* chunk size for lo_import/lo_export transfers */
|
2000-10-24 03:38:44 +02:00
|
|
|
#define BUFSIZE 8192
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
/*
|
2000-10-24 05:14:08 +02:00
|
|
|
* LO "FD"s are indexes into the cookies array.
|
|
|
|
*
|
2000-06-09 03:11:16 +02:00
|
|
|
* A non-null entry is a pointer to a LargeObjectDesc allocated in the
|
2006-04-26 02:34:57 +02:00
|
|
|
* LO private memory context "fscxt". The cookies array itself is also
|
|
|
|
* dynamically allocated in that context. Its current allocated size is
|
2019-07-01 03:00:23 +02:00
|
|
|
* cookies_size entries, of which any unused entries will be NULL.
|
2000-06-09 03:11:16 +02:00
|
|
|
*/
|
2000-10-24 05:14:08 +02:00
|
|
|
static LargeObjectDesc **cookies = NULL;
|
|
|
|
static int cookies_size = 0;
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2000-06-28 05:33:33 +02:00
|
|
|
static MemoryContext fscxt = NULL;
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2004-09-11 17:56:46 +02:00
|
|
|
#define CreateFSContext() \
|
|
|
|
do { \
|
|
|
|
if (fscxt == NULL) \
|
|
|
|
fscxt = AllocSetContextCreate(TopMemoryContext, \
|
|
|
|
"Filesystem", \
|
Add macros to make AllocSetContextCreate() calls simpler and safer.
I found that half a dozen (nearly 5%) of our AllocSetContextCreate calls
had typos in the context-sizing parameters. While none of these led to
especially significant problems, they did create minor inefficiencies,
and it's now clear that expecting people to copy-and-paste those calls
accurately is not a great idea. Let's reduce the risk of future errors
by introducing single macros that encapsulate the common use-cases.
Three such macros are enough to cover all but two special-purpose contexts;
those two calls can be left as-is, I think.
While this patch doesn't in itself improve matters for third-party
extensions, it doesn't break anything for them either, and they can
gradually adopt the simplified notation over time.
In passing, change TopMemoryContext to use the default allocation
parameters. Formerly it could only be extended 8K at a time. That was
probably reasonable when this code was written; but nowadays we create
many more contexts than we did then, so that it's not unusual to have a
couple hundred K in TopMemoryContext, even without considering various
dubious code that sticks other things there. There seems no good reason
not to let it use growing blocks like most other contexts.
Back-patch to 9.6, mostly because that's still close enough to HEAD that
it's easy to do so, and keeping the branches in sync can be expected to
avoid some future back-patching pain. The bugs fixed by these changes
don't seem to be significant enough to justify fixing them further back.
Discussion: <21072.1472321324@sss.pgh.pa.us>
2016-08-27 23:50:38 +02:00
|
|
|
ALLOCSET_DEFAULT_SIZES); \
|
2004-09-11 17:56:46 +02:00
|
|
|
} while (0)
|
2005-10-15 04:49:52 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
|
|
|
|
static int newLOfd(LargeObjectDesc *lobjCookie);
|
|
|
|
static void deleteLOfd(int fd);
|
2008-03-22 02:55:14 +01:00
|
|
|
static Oid lo_import_internal(text *filename, Oid lobjOid);
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2004-07-28 16:23:31 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*****************************************************************************
|
|
|
|
* File Interfaces for Large Objects
|
|
|
|
*****************************************************************************/
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_open(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
Oid lobjId = PG_GETARG_OID(0);
|
|
|
|
int32 mode = PG_GETARG_INT32(1);
|
1996-07-09 08:22:35 +02:00
|
|
|
LargeObjectDesc *lobjDesc;
|
|
|
|
int fd;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2019-10-19 18:21:58 +02:00
|
|
|
#ifdef FSDB
|
2003-05-27 19:49:47 +02:00
|
|
|
elog(DEBUG4, "lo_open(%u,%d)", lobjId, mode);
|
1996-07-09 08:22:35 +02:00
|
|
|
#endif
|
|
|
|
|
2004-09-11 17:56:46 +02:00
|
|
|
CreateFSContext();
|
2000-06-28 05:33:33 +02:00
|
|
|
|
2006-04-26 02:34:57 +02:00
|
|
|
lobjDesc = inv_open(lobjId, mode, fscxt);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
fd = newLOfd(lobjDesc);
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
PG_RETURN_INT32(fd);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_close(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
2007-03-03 20:52:47 +01:00
|
|
|
|
2019-10-19 18:21:58 +02:00
|
|
|
#ifdef FSDB
|
2003-05-27 19:49:47 +02:00
|
|
|
elog(DEBUG4, "lo_close(%d)", fd);
|
1996-07-09 08:22:35 +02:00
|
|
|
#endif
|
|
|
|
|
|
|
|
inv_close(cookies[fd]);
|
|
|
|
|
|
|
|
deleteLOfd(fd);
|
2000-06-09 03:11:16 +02:00
|
|
|
|
|
|
|
PG_RETURN_INT32(0);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Bare Read/Write operations --- these are not fmgr-callable!
|
|
|
|
*
|
1996-07-09 08:22:35 +02:00
|
|
|
* We assume the large object supports byte oriented reads and seeks so
|
|
|
|
* that our work is easier.
|
2000-06-09 03:11:16 +02:00
|
|
|
*
|
|
|
|
*****************************************************************************/
|
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
int
|
|
|
|
lo_read(int fd, char *buf, int len)
|
|
|
|
{
|
1999-05-09 17:00:18 +02:00
|
|
|
int status;
|
2012-10-09 22:38:00 +02:00
|
|
|
LargeObjectDesc *lobj;
|
1999-05-09 17:00:18 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
2012-10-09 22:38:00 +02:00
|
|
|
lobj = cookies[fd];
|
1999-06-01 00:53:59 +02:00
|
|
|
|
2017-11-09 18:56:07 +01:00
|
|
|
/*
|
|
|
|
* Check state. inv_read() would throw an error anyway, but we want the
|
|
|
|
* error to be about the FD's state not the underlying privilege; it might
|
|
|
|
* be that the privilege exists but user forgot to ask for read mode.
|
|
|
|
*/
|
|
|
|
if ((lobj->flags & IFS_RDLOCK) == 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
errmsg("large object descriptor %d was not opened for reading",
|
|
|
|
fd)));
|
2009-12-11 04:34:57 +01:00
|
|
|
|
2012-10-09 22:38:00 +02:00
|
|
|
status = inv_read(lobj, buf, len);
|
1999-05-09 02:54:30 +02:00
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
return status;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2006-09-07 17:37:25 +02:00
|
|
|
lo_write(int fd, const char *buf, int len)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
1999-05-09 17:00:18 +02:00
|
|
|
int status;
|
2012-10-09 22:38:00 +02:00
|
|
|
LargeObjectDesc *lobj;
|
1999-05-09 17:00:18 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
2012-10-09 22:38:00 +02:00
|
|
|
lobj = cookies[fd];
|
1999-06-01 00:53:59 +02:00
|
|
|
|
2017-11-09 18:56:07 +01:00
|
|
|
/* see comment in lo_read() */
|
2012-10-09 22:38:00 +02:00
|
|
|
if ((lobj->flags & IFS_WRLOCK) == 0)
|
2005-06-13 04:26:53 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
errmsg("large object descriptor %d was not opened for writing",
|
|
|
|
fd)));
|
|
|
|
|
2012-10-09 22:38:00 +02:00
|
|
|
status = inv_write(lobj, buf, len);
|
1999-05-09 02:54:30 +02:00
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
return status;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_lseek(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
|
|
|
int32 offset = PG_GETARG_INT32(1);
|
|
|
|
int32 whence = PG_GETARG_INT32(2);
|
2012-10-07 01:36:48 +02:00
|
|
|
int64 status;
|
1997-03-18 22:30:41 +01:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
1997-03-18 22:30:41 +01:00
|
|
|
|
1999-06-01 00:53:59 +02:00
|
|
|
status = inv_seek(cookies[fd], offset, whence);
|
1997-03-18 22:30:41 +01:00
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
/* guard against result overflow */
|
|
|
|
if (status != (int32) status)
|
2012-10-07 01:36:48 +02:00
|
|
|
ereport(ERROR,
|
2012-10-09 00:24:06 +02:00
|
|
|
(errcode(ERRCODE_NUMERIC_VALUE_OUT_OF_RANGE),
|
2012-10-09 22:38:00 +02:00
|
|
|
errmsg("lo_lseek result out of range for large-object descriptor %d",
|
|
|
|
fd)));
|
2012-10-07 01:36:48 +02:00
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
PG_RETURN_INT32((int32) status);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2012-10-07 01:36:48 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_lseek64(PG_FUNCTION_ARGS)
|
2012-10-07 01:36:48 +02:00
|
|
|
{
|
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
|
|
|
int64 offset = PG_GETARG_INT64(1);
|
|
|
|
int32 whence = PG_GETARG_INT32(2);
|
2012-10-09 00:24:06 +02:00
|
|
|
int64 status;
|
2012-10-07 01:36:48 +02:00
|
|
|
|
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
|
|
|
|
|
|
|
status = inv_seek(cookies[fd], offset, whence);
|
|
|
|
|
|
|
|
PG_RETURN_INT64(status);
|
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_creat(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
|
|
|
Oid lobjId;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2006-04-26 02:34:57 +02:00
|
|
|
/*
|
|
|
|
* We don't actually need to store into fscxt, but create it anyway to
|
|
|
|
* ensure that AtEOXact_LargeObject knows there is state to clean up
|
|
|
|
*/
|
2004-09-11 17:56:46 +02:00
|
|
|
CreateFSContext();
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2005-06-13 04:26:53 +02:00
|
|
|
lobjId = inv_create(InvalidOid);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2005-06-13 04:26:53 +02:00
|
|
|
PG_RETURN_OID(lobjId);
|
|
|
|
}
|
|
|
|
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_create(PG_FUNCTION_ARGS)
|
2005-06-13 04:26:53 +02:00
|
|
|
{
|
|
|
|
Oid lobjId = PG_GETARG_OID(0);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2006-04-26 02:34:57 +02:00
|
|
|
/*
|
|
|
|
* We don't actually need to store into fscxt, but create it anyway to
|
|
|
|
* ensure that AtEOXact_LargeObject knows there is state to clean up
|
|
|
|
*/
|
2005-06-13 04:26:53 +02:00
|
|
|
CreateFSContext();
|
|
|
|
|
|
|
|
lobjId = inv_create(lobjId);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
PG_RETURN_OID(lobjId);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_tell(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
2012-10-09 00:24:06 +02:00
|
|
|
int64 offset;
|
2000-06-09 03:11:16 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
1999-06-01 00:53:59 +02:00
|
|
|
|
2012-10-07 01:36:48 +02:00
|
|
|
offset = inv_tell(cookies[fd]);
|
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
/* guard against result overflow */
|
|
|
|
if (offset != (int32) offset)
|
2012-10-07 01:36:48 +02:00
|
|
|
ereport(ERROR,
|
2012-10-09 00:24:06 +02:00
|
|
|
(errcode(ERRCODE_NUMERIC_VALUE_OUT_OF_RANGE),
|
2012-10-09 22:38:00 +02:00
|
|
|
errmsg("lo_tell result out of range for large-object descriptor %d",
|
|
|
|
fd)));
|
2012-10-07 01:36:48 +02:00
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
PG_RETURN_INT32((int32) offset);
|
2012-10-07 01:36:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_tell64(PG_FUNCTION_ARGS)
|
2012-10-07 01:36:48 +02:00
|
|
|
{
|
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
2012-10-09 00:24:06 +02:00
|
|
|
int64 offset;
|
2012-10-07 01:36:48 +02:00
|
|
|
|
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
|
|
|
|
2012-10-09 00:24:06 +02:00
|
|
|
offset = inv_tell(cookies[fd]);
|
|
|
|
|
|
|
|
PG_RETURN_INT64(offset);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_unlink(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
Oid lobjId = PG_GETARG_OID(0);
|
2000-04-12 19:17:23 +02:00
|
|
|
|
2017-11-09 18:56:07 +01:00
|
|
|
/*
|
|
|
|
* Must be owner of the large object. It would be cleaner to check this
|
|
|
|
* in inv_drop(), but we want to throw the error before not after closing
|
|
|
|
* relevant FDs.
|
|
|
|
*/
|
2009-12-11 04:34:57 +01:00
|
|
|
if (!lo_compat_privileges &&
|
|
|
|
!pg_largeobject_ownercheck(lobjId, GetUserId()))
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
|
|
|
errmsg("must be owner of large object %u", lobjId)));
|
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
/*
|
|
|
|
* If there are any open LO FDs referencing that ID, close 'em.
|
|
|
|
*/
|
|
|
|
if (fscxt != NULL)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < cookies_size; i++)
|
|
|
|
{
|
|
|
|
if (cookies[i] != NULL && cookies[i]->id == lobjId)
|
|
|
|
{
|
|
|
|
inv_close(cookies[i]);
|
|
|
|
deleteLOfd(i);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1999-06-01 00:53:59 +02:00
|
|
|
/*
|
2006-04-26 02:34:57 +02:00
|
|
|
* inv_drop does not create a need for end-of-transaction cleanup and
|
|
|
|
* hence we don't need to have created fscxt.
|
1999-06-01 00:53:59 +02:00
|
|
|
*/
|
2000-06-09 03:11:16 +02:00
|
|
|
PG_RETURN_INT32(inv_drop(lobjId));
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*****************************************************************************
|
2000-06-09 03:11:16 +02:00
|
|
|
* Read/Write using bytea
|
1996-07-09 08:22:35 +02:00
|
|
|
*****************************************************************************/
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_loread(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
|
|
|
int32 len = PG_GETARG_INT32(1);
|
2002-08-25 19:20:01 +02:00
|
|
|
bytea *retval;
|
2000-06-09 03:11:16 +02:00
|
|
|
int totalread;
|
|
|
|
|
|
|
|
if (len < 0)
|
|
|
|
len = 0;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2002-08-25 19:20:01 +02:00
|
|
|
retval = (bytea *) palloc(VARHDRSZ + len);
|
1996-07-09 08:22:35 +02:00
|
|
|
totalread = lo_read(fd, VARDATA(retval), len);
|
2007-02-28 00:48:10 +01:00
|
|
|
SET_VARSIZE(retval, totalread + VARHDRSZ);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2002-08-25 19:20:01 +02:00
|
|
|
PG_RETURN_BYTEA_P(retval);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lowrite(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
2017-03-13 00:35:34 +01:00
|
|
|
bytea *wbuf = PG_GETARG_BYTEA_PP(1);
|
2000-06-09 03:11:16 +02:00
|
|
|
int bytestowrite;
|
|
|
|
int totalwritten;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2017-03-13 00:35:34 +01:00
|
|
|
bytestowrite = VARSIZE_ANY_EXHDR(wbuf);
|
|
|
|
totalwritten = lo_write(fd, VARDATA_ANY(wbuf), bytestowrite);
|
2000-06-09 03:11:16 +02:00
|
|
|
PG_RETURN_INT32(totalwritten);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Import/Export of Large Object
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lo_import -
|
|
|
|
* imports a file as an (inversion) large object.
|
|
|
|
*/
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_import(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2008-03-25 23:42:46 +01:00
|
|
|
text *filename = PG_GETARG_TEXT_PP(0);
|
2008-03-22 02:55:14 +01:00
|
|
|
|
|
|
|
PG_RETURN_OID(lo_import_internal(filename, InvalidOid));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lo_import_with_oid -
|
|
|
|
* imports a file as an (inversion) large object specifying oid.
|
|
|
|
*/
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_import_with_oid(PG_FUNCTION_ARGS)
|
2008-03-22 02:55:14 +01:00
|
|
|
{
|
2008-03-25 23:42:46 +01:00
|
|
|
text *filename = PG_GETARG_TEXT_PP(0);
|
2008-03-22 02:55:14 +01:00
|
|
|
Oid oid = PG_GETARG_OID(1);
|
|
|
|
|
|
|
|
PG_RETURN_OID(lo_import_internal(filename, oid));
|
|
|
|
}
|
|
|
|
|
|
|
|
static Oid
|
|
|
|
lo_import_internal(text *filename, Oid lobjOid)
|
|
|
|
{
|
Add OpenTransientFile, with automatic cleanup at end-of-xact.
Files opened with BasicOpenFile or PathNameOpenFile are not automatically
cleaned up on error. That puts unnecessary burden on callers that only want
to keep the file open for a short time. There is AllocateFile, but that
returns a buffered FILE * stream, which in many cases is not the nicest API
to work with. So add function called OpenTransientFile, which returns a
unbuffered fd that's cleaned up like the FILE* returned by AllocateFile().
This plugs a few rare fd leaks in error cases:
1. copy_file() - fixed by by using OpenTransientFile instead of BasicOpenFile
2. XLogFileInit() - fixed by adding close() calls to the error cases. Can't
use OpenTransientFile here because the fd is supposed to persist over
transaction boundaries.
3. lo_import/lo_export - fixed by using OpenTransientFile instead of
PathNameOpenFile.
In addition to plugging those leaks, this replaces many BasicOpenFile() calls
with OpenTransientFile() that were not leaking, because the code meticulously
closed the file on error. That wasn't strictly necessary, but IMHO it's good
for robustness.
The same leaks exist in older versions, but given the rarity of the issues,
I'm not backpatching this. Not yet, anyway - it might be good to backpatch
later, after this mechanism has had some more testing in master branch.
2012-11-27 09:25:50 +01:00
|
|
|
int fd;
|
1996-07-09 08:22:35 +02:00
|
|
|
int nbytes,
|
2012-03-21 22:30:14 +01:00
|
|
|
tmp PG_USED_FOR_ASSERTS_ONLY;
|
1996-07-09 08:22:35 +02:00
|
|
|
char buf[BUFSIZE];
|
2000-10-24 03:38:44 +02:00
|
|
|
char fnamebuf[MAXPGPATH];
|
1996-07-09 08:22:35 +02:00
|
|
|
LargeObjectDesc *lobj;
|
2008-03-22 02:55:14 +01:00
|
|
|
Oid oid;
|
2009-06-11 16:49:15 +02:00
|
|
|
|
2004-09-11 17:56:46 +02:00
|
|
|
CreateFSContext();
|
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
|
|
|
* open the file to be read in
|
|
|
|
*/
|
2008-03-25 23:42:46 +01:00
|
|
|
text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf));
|
2017-09-23 15:49:22 +02:00
|
|
|
fd = OpenTransientFile(fnamebuf, O_RDONLY | PG_BINARY);
|
1996-07-09 08:22:35 +02:00
|
|
|
if (fd < 0)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not open server file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
1996-07-09 08:22:35 +02:00
|
|
|
|
1997-09-07 07:04:48 +02:00
|
|
|
/*
|
2003-07-22 21:00:12 +02:00
|
|
|
* create an inversion object
|
1997-09-07 07:04:48 +02:00
|
|
|
*/
|
2008-03-22 02:55:14 +01:00
|
|
|
oid = inv_create(lobjOid);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
|
|
|
/*
|
2005-06-13 04:26:53 +02:00
|
|
|
* read in from the filesystem and write to the inversion object
|
1997-09-07 07:04:48 +02:00
|
|
|
*/
|
2008-03-22 02:55:14 +01:00
|
|
|
lobj = inv_open(oid, INV_WRITE, fscxt);
|
2005-06-13 04:26:53 +02:00
|
|
|
|
Add OpenTransientFile, with automatic cleanup at end-of-xact.
Files opened with BasicOpenFile or PathNameOpenFile are not automatically
cleaned up on error. That puts unnecessary burden on callers that only want
to keep the file open for a short time. There is AllocateFile, but that
returns a buffered FILE * stream, which in many cases is not the nicest API
to work with. So add function called OpenTransientFile, which returns a
unbuffered fd that's cleaned up like the FILE* returned by AllocateFile().
This plugs a few rare fd leaks in error cases:
1. copy_file() - fixed by by using OpenTransientFile instead of BasicOpenFile
2. XLogFileInit() - fixed by adding close() calls to the error cases. Can't
use OpenTransientFile here because the fd is supposed to persist over
transaction boundaries.
3. lo_import/lo_export - fixed by using OpenTransientFile instead of
PathNameOpenFile.
In addition to plugging those leaks, this replaces many BasicOpenFile() calls
with OpenTransientFile() that were not leaking, because the code meticulously
closed the file on error. That wasn't strictly necessary, but IMHO it's good
for robustness.
The same leaks exist in older versions, but given the rarity of the issues,
I'm not backpatching this. Not yet, anyway - it might be good to backpatch
later, after this mechanism has had some more testing in master branch.
2012-11-27 09:25:50 +01:00
|
|
|
while ((nbytes = read(fd, buf, BUFSIZE)) > 0)
|
1997-09-07 07:04:48 +02:00
|
|
|
{
|
1996-07-09 08:22:35 +02:00
|
|
|
tmp = inv_write(lobj, buf, nbytes);
|
2003-07-22 21:00:12 +02:00
|
|
|
Assert(tmp == nbytes);
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
2003-07-22 21:00:12 +02:00
|
|
|
if (nbytes < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not read server file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
|
|
|
|
1997-08-13 00:55:25 +02:00
|
|
|
inv_close(lobj);
|
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
2019-03-09 00:50:55 +01:00
|
|
|
|
2019-07-06 23:18:46 +02:00
|
|
|
if (CloseTransientFile(fd) != 0)
|
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
2019-03-09 00:50:55 +01:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not close file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2008-03-22 02:55:14 +01:00
|
|
|
return oid;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lo_export -
|
|
|
|
* exports an (inversion) large object.
|
|
|
|
*/
|
2000-06-09 03:11:16 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_export(PG_FUNCTION_ARGS)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2000-06-09 03:11:16 +02:00
|
|
|
Oid lobjId = PG_GETARG_OID(0);
|
2008-03-25 23:42:46 +01:00
|
|
|
text *filename = PG_GETARG_TEXT_PP(1);
|
Add OpenTransientFile, with automatic cleanup at end-of-xact.
Files opened with BasicOpenFile or PathNameOpenFile are not automatically
cleaned up on error. That puts unnecessary burden on callers that only want
to keep the file open for a short time. There is AllocateFile, but that
returns a buffered FILE * stream, which in many cases is not the nicest API
to work with. So add function called OpenTransientFile, which returns a
unbuffered fd that's cleaned up like the FILE* returned by AllocateFile().
This plugs a few rare fd leaks in error cases:
1. copy_file() - fixed by by using OpenTransientFile instead of BasicOpenFile
2. XLogFileInit() - fixed by adding close() calls to the error cases. Can't
use OpenTransientFile here because the fd is supposed to persist over
transaction boundaries.
3. lo_import/lo_export - fixed by using OpenTransientFile instead of
PathNameOpenFile.
In addition to plugging those leaks, this replaces many BasicOpenFile() calls
with OpenTransientFile() that were not leaking, because the code meticulously
closed the file on error. That wasn't strictly necessary, but IMHO it's good
for robustness.
The same leaks exist in older versions, but given the rarity of the issues,
I'm not backpatching this. Not yet, anyway - it might be good to backpatch
later, after this mechanism has had some more testing in master branch.
2012-11-27 09:25:50 +01:00
|
|
|
int fd;
|
1996-07-09 08:22:35 +02:00
|
|
|
int nbytes,
|
|
|
|
tmp;
|
|
|
|
char buf[BUFSIZE];
|
2000-10-24 03:38:44 +02:00
|
|
|
char fnamebuf[MAXPGPATH];
|
1996-07-09 08:22:35 +02:00
|
|
|
LargeObjectDesc *lobj;
|
1996-11-15 19:38:20 +01:00
|
|
|
mode_t oumask;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2004-09-11 17:56:46 +02:00
|
|
|
CreateFSContext();
|
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
2003-07-22 21:00:12 +02:00
|
|
|
* open the inversion object (no need to test for failure)
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
2006-04-26 02:34:57 +02:00
|
|
|
lobj = inv_open(lobjId, INV_READ, fscxt);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
|
|
|
* open the file to be written to
|
1999-06-01 00:53:59 +02:00
|
|
|
*
|
|
|
|
* Note: we reduce backend's normal 077 umask to the slightly friendlier
|
|
|
|
* 022. This code used to drop it all the way to 0, but creating
|
|
|
|
* world-writable export files doesn't seem wise.
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
2008-03-25 23:42:46 +01:00
|
|
|
text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf));
|
2010-12-10 23:35:33 +01:00
|
|
|
oumask = umask(S_IWGRP | S_IWOTH);
|
2017-09-22 22:50:59 +02:00
|
|
|
PG_TRY();
|
|
|
|
{
|
2017-09-23 15:49:22 +02:00
|
|
|
fd = OpenTransientFilePerm(fnamebuf, O_CREAT | O_WRONLY | O_TRUNC | PG_BINARY,
|
|
|
|
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
|
2017-09-22 22:50:59 +02:00
|
|
|
}
|
2019-11-01 11:09:52 +01:00
|
|
|
PG_FINALLY();
|
2017-09-22 22:50:59 +02:00
|
|
|
{
|
|
|
|
umask(oumask);
|
|
|
|
}
|
|
|
|
PG_END_TRY();
|
1996-07-09 08:22:35 +02:00
|
|
|
if (fd < 0)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not create server file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
1996-07-09 08:22:35 +02:00
|
|
|
|
1997-09-07 07:04:48 +02:00
|
|
|
/*
|
2004-07-28 16:23:31 +02:00
|
|
|
* read in from the inversion file and write to the filesystem
|
1997-09-07 07:04:48 +02:00
|
|
|
*/
|
1996-07-09 08:22:35 +02:00
|
|
|
while ((nbytes = inv_read(lobj, buf, BUFSIZE)) > 0)
|
1997-09-07 07:04:48 +02:00
|
|
|
{
|
Add OpenTransientFile, with automatic cleanup at end-of-xact.
Files opened with BasicOpenFile or PathNameOpenFile are not automatically
cleaned up on error. That puts unnecessary burden on callers that only want
to keep the file open for a short time. There is AllocateFile, but that
returns a buffered FILE * stream, which in many cases is not the nicest API
to work with. So add function called OpenTransientFile, which returns a
unbuffered fd that's cleaned up like the FILE* returned by AllocateFile().
This plugs a few rare fd leaks in error cases:
1. copy_file() - fixed by by using OpenTransientFile instead of BasicOpenFile
2. XLogFileInit() - fixed by adding close() calls to the error cases. Can't
use OpenTransientFile here because the fd is supposed to persist over
transaction boundaries.
3. lo_import/lo_export - fixed by using OpenTransientFile instead of
PathNameOpenFile.
In addition to plugging those leaks, this replaces many BasicOpenFile() calls
with OpenTransientFile() that were not leaking, because the code meticulously
closed the file on error. That wasn't strictly necessary, but IMHO it's good
for robustness.
The same leaks exist in older versions, but given the rarity of the issues,
I'm not backpatching this. Not yet, anyway - it might be good to backpatch
later, after this mechanism has had some more testing in master branch.
2012-11-27 09:25:50 +01:00
|
|
|
tmp = write(fd, buf, nbytes);
|
2000-10-24 03:38:44 +02:00
|
|
|
if (tmp != nbytes)
|
2003-07-22 21:00:12 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not write server file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
2019-07-06 23:18:46 +02:00
|
|
|
if (CloseTransientFile(fd) != 0)
|
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
2019-03-09 00:50:55 +01:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not close file \"%s\": %m",
|
|
|
|
fnamebuf)));
|
|
|
|
|
2003-07-22 21:00:12 +02:00
|
|
|
inv_close(lobj);
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2000-06-09 03:11:16 +02:00
|
|
|
PG_RETURN_INT32(1);
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
2007-03-03 20:52:47 +01:00
|
|
|
/*
|
|
|
|
* lo_truncate -
|
|
|
|
* truncate a large object to a specified length
|
|
|
|
*/
|
2012-10-09 22:38:00 +02:00
|
|
|
static void
|
|
|
|
lo_truncate_internal(int32 fd, int64 len)
|
2007-03-03 20:52:47 +01:00
|
|
|
{
|
2012-10-09 22:38:00 +02:00
|
|
|
LargeObjectDesc *lobj;
|
2007-03-03 20:52:47 +01:00
|
|
|
|
|
|
|
if (fd < 0 || fd >= cookies_size || cookies[fd] == NULL)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
|
|
|
errmsg("invalid large-object descriptor: %d", fd)));
|
2012-10-09 22:38:00 +02:00
|
|
|
lobj = cookies[fd];
|
2007-03-03 20:52:47 +01:00
|
|
|
|
2017-11-09 18:56:07 +01:00
|
|
|
/* see comment in lo_read() */
|
2012-10-09 22:38:00 +02:00
|
|
|
if ((lobj->flags & IFS_WRLOCK) == 0)
|
2012-10-07 01:36:48 +02:00
|
|
|
ereport(ERROR,
|
2012-10-09 22:38:00 +02:00
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
errmsg("large object descriptor %d was not opened for writing",
|
|
|
|
fd)));
|
|
|
|
|
|
|
|
inv_truncate(lobj, len);
|
|
|
|
}
|
2012-10-07 01:36:48 +02:00
|
|
|
|
2012-10-09 22:38:00 +02:00
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_truncate(PG_FUNCTION_ARGS)
|
2012-10-09 22:38:00 +02:00
|
|
|
{
|
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
|
|
|
int32 len = PG_GETARG_INT32(1);
|
|
|
|
|
|
|
|
lo_truncate_internal(fd, len);
|
2012-10-07 01:36:48 +02:00
|
|
|
PG_RETURN_INT32(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_truncate64(PG_FUNCTION_ARGS)
|
2012-10-07 01:36:48 +02:00
|
|
|
{
|
|
|
|
int32 fd = PG_GETARG_INT32(0);
|
|
|
|
int64 len = PG_GETARG_INT64(1);
|
|
|
|
|
2012-10-09 22:38:00 +02:00
|
|
|
lo_truncate_internal(fd, len);
|
2007-03-03 20:52:47 +01:00
|
|
|
PG_RETURN_INT32(0);
|
|
|
|
}
|
|
|
|
|
1998-07-21 06:17:30 +02:00
|
|
|
/*
|
2004-07-28 16:23:31 +02:00
|
|
|
* AtEOXact_LargeObject -
|
|
|
|
* prepares large objects for transaction commit
|
1998-07-21 06:17:30 +02:00
|
|
|
*/
|
|
|
|
void
|
2004-07-28 16:23:31 +02:00
|
|
|
AtEOXact_LargeObject(bool isCommit)
|
1998-07-21 06:17:30 +02:00
|
|
|
{
|
1998-07-22 07:48:59 +02:00
|
|
|
int i;
|
1998-07-21 06:17:30 +02:00
|
|
|
|
1998-07-22 07:48:59 +02:00
|
|
|
if (fscxt == NULL)
|
1999-06-01 00:53:59 +02:00
|
|
|
return; /* no LO operations in this xact */
|
1998-09-01 06:40:42 +02:00
|
|
|
|
1999-06-01 00:53:59 +02:00
|
|
|
/*
|
2004-07-28 16:23:31 +02:00
|
|
|
* Close LO fds and clear cookies array so that LO fds are no longer good.
|
|
|
|
* On abort we skip the close step.
|
1999-06-01 00:53:59 +02:00
|
|
|
*/
|
2000-10-24 05:14:08 +02:00
|
|
|
for (i = 0; i < cookies_size; i++)
|
1998-07-22 07:48:59 +02:00
|
|
|
{
|
|
|
|
if (cookies[i] != NULL)
|
1999-06-01 00:53:59 +02:00
|
|
|
{
|
|
|
|
if (isCommit)
|
2000-10-24 03:38:44 +02:00
|
|
|
inv_close(cookies[i]);
|
2004-07-28 16:23:31 +02:00
|
|
|
deleteLOfd(i);
|
1999-06-01 00:53:59 +02:00
|
|
|
}
|
1998-07-22 07:48:59 +02:00
|
|
|
}
|
1998-07-21 06:17:30 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
/* Needn't actually pfree since we're about to zap context */
|
|
|
|
cookies = NULL;
|
|
|
|
cookies_size = 0;
|
|
|
|
|
1999-06-01 00:53:59 +02:00
|
|
|
/* Release the LO memory context to prevent permanent memory leaks. */
|
2000-06-28 05:33:33 +02:00
|
|
|
MemoryContextDelete(fscxt);
|
1999-06-01 00:53:59 +02:00
|
|
|
fscxt = NULL;
|
2004-07-28 16:23:31 +02:00
|
|
|
|
|
|
|
/* Give inv_api.c a chance to clean up, too */
|
|
|
|
close_lo_relation(isCommit);
|
1998-07-21 06:17:30 +02:00
|
|
|
}
|
|
|
|
|
2004-07-28 16:23:31 +02:00
|
|
|
/*
|
|
|
|
* AtEOSubXact_LargeObject
|
|
|
|
* Take care of large objects at subtransaction commit/abort
|
|
|
|
*
|
|
|
|
* Reassign LOs created/opened during a committing subtransaction
|
2004-09-16 18:58:44 +02:00
|
|
|
* to the parent subtransaction. On abort, just close them.
|
2004-07-28 16:23:31 +02:00
|
|
|
*/
|
|
|
|
void
|
2004-09-16 18:58:44 +02:00
|
|
|
AtEOSubXact_LargeObject(bool isCommit, SubTransactionId mySubid,
|
|
|
|
SubTransactionId parentSubid)
|
2004-07-28 16:23:31 +02:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
if (fscxt == NULL) /* no LO operations in this xact */
|
|
|
|
return;
|
|
|
|
|
|
|
|
for (i = 0; i < cookies_size; i++)
|
|
|
|
{
|
|
|
|
LargeObjectDesc *lo = cookies[i];
|
|
|
|
|
2004-09-16 18:58:44 +02:00
|
|
|
if (lo != NULL && lo->subid == mySubid)
|
2004-07-28 16:23:31 +02:00
|
|
|
{
|
|
|
|
if (isCommit)
|
2004-09-16 18:58:44 +02:00
|
|
|
lo->subid = parentSubid;
|
2004-07-28 16:23:31 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Make sure we do not call inv_close twice if it errors out
|
|
|
|
* for some reason. Better a leak than a crash.
|
|
|
|
*/
|
|
|
|
deleteLOfd(i);
|
|
|
|
inv_close(lo);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1996-07-09 08:22:35 +02:00
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Support routines for this file
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
static int
|
|
|
|
newLOfd(LargeObjectDesc *lobjCookie)
|
|
|
|
{
|
2000-10-24 05:14:08 +02:00
|
|
|
int i,
|
|
|
|
newsize;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2000-10-24 05:14:08 +02:00
|
|
|
/* Try to find a free slot */
|
|
|
|
for (i = 0; i < cookies_size; i++)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
|
|
|
if (cookies[i] == NULL)
|
|
|
|
{
|
|
|
|
cookies[i] = lobjCookie;
|
|
|
|
return i;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
2000-10-24 05:14:08 +02:00
|
|
|
|
|
|
|
/* No free slot, so make the array bigger */
|
|
|
|
if (cookies_size <= 0)
|
|
|
|
{
|
|
|
|
/* First time through, arbitrarily make 64-element array */
|
|
|
|
i = 0;
|
|
|
|
newsize = 64;
|
|
|
|
cookies = (LargeObjectDesc **)
|
2006-04-26 02:34:57 +02:00
|
|
|
MemoryContextAllocZero(fscxt, newsize * sizeof(LargeObjectDesc *));
|
2000-10-24 05:14:08 +02:00
|
|
|
cookies_size = newsize;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* Double size of array */
|
|
|
|
i = cookies_size;
|
|
|
|
newsize = cookies_size * 2;
|
|
|
|
cookies = (LargeObjectDesc **)
|
|
|
|
repalloc(cookies, newsize * sizeof(LargeObjectDesc *));
|
|
|
|
MemSet(cookies + cookies_size, 0,
|
|
|
|
(newsize - cookies_size) * sizeof(LargeObjectDesc *));
|
|
|
|
cookies_size = newsize;
|
|
|
|
}
|
|
|
|
|
|
|
|
Assert(cookies[i] == NULL);
|
|
|
|
cookies[i] = lobjCookie;
|
|
|
|
return i;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
deleteLOfd(int fd)
|
|
|
|
{
|
|
|
|
cookies[fd] = NULL;
|
|
|
|
}
|
2013-10-28 03:42:46 +01:00
|
|
|
|
|
|
|
/*****************************************************************************
|
|
|
|
* Wrappers oriented toward SQL callers
|
|
|
|
*****************************************************************************/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read [offset, offset+nbytes) within LO; when nbytes is -1, read to end.
|
|
|
|
*/
|
|
|
|
static bytea *
|
|
|
|
lo_get_fragment_internal(Oid loOid, int64 offset, int32 nbytes)
|
|
|
|
{
|
|
|
|
LargeObjectDesc *loDesc;
|
|
|
|
int64 loSize;
|
|
|
|
int64 result_length;
|
|
|
|
int total_read PG_USED_FOR_ASSERTS_ONLY;
|
|
|
|
bytea *result = NULL;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We don't actually need to store into fscxt, but create it anyway to
|
|
|
|
* ensure that AtEOXact_LargeObject knows there is state to clean up
|
|
|
|
*/
|
|
|
|
CreateFSContext();
|
|
|
|
|
|
|
|
loDesc = inv_open(loOid, INV_READ, fscxt);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compute number of bytes we'll actually read, accommodating nbytes == -1
|
|
|
|
* and reads beyond the end of the LO.
|
|
|
|
*/
|
|
|
|
loSize = inv_seek(loDesc, 0, SEEK_END);
|
|
|
|
if (loSize > offset)
|
|
|
|
{
|
|
|
|
if (nbytes >= 0 && nbytes <= loSize - offset)
|
|
|
|
result_length = nbytes; /* request is wholly inside LO */
|
|
|
|
else
|
|
|
|
result_length = loSize - offset; /* adjust to end of LO */
|
|
|
|
}
|
|
|
|
else
|
|
|
|
result_length = 0; /* request is wholly outside LO */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A result_length calculated from loSize may not fit in a size_t. Check
|
|
|
|
* that the size will satisfy this and subsequently-enforced size limits.
|
|
|
|
*/
|
|
|
|
if (result_length > MaxAllocSize - VARHDRSZ)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
|
|
|
errmsg("large object read request is too large")));
|
|
|
|
|
|
|
|
result = (bytea *) palloc(VARHDRSZ + result_length);
|
|
|
|
|
|
|
|
inv_seek(loDesc, offset, SEEK_SET);
|
|
|
|
total_read = inv_read(loDesc, VARDATA(result), result_length);
|
|
|
|
Assert(total_read == result_length);
|
|
|
|
SET_VARSIZE(result, result_length + VARHDRSZ);
|
|
|
|
|
|
|
|
inv_close(loDesc);
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read entire LO
|
|
|
|
*/
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_get(PG_FUNCTION_ARGS)
|
2013-10-28 03:42:46 +01:00
|
|
|
{
|
|
|
|
Oid loOid = PG_GETARG_OID(0);
|
|
|
|
bytea *result;
|
|
|
|
|
|
|
|
result = lo_get_fragment_internal(loOid, 0, -1);
|
|
|
|
|
|
|
|
PG_RETURN_BYTEA_P(result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Read range within LO
|
|
|
|
*/
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_get_fragment(PG_FUNCTION_ARGS)
|
2013-10-28 03:42:46 +01:00
|
|
|
{
|
|
|
|
Oid loOid = PG_GETARG_OID(0);
|
|
|
|
int64 offset = PG_GETARG_INT64(1);
|
|
|
|
int32 nbytes = PG_GETARG_INT32(2);
|
|
|
|
bytea *result;
|
|
|
|
|
|
|
|
if (nbytes < 0)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
|
|
|
|
errmsg("requested length cannot be negative")));
|
|
|
|
|
|
|
|
result = lo_get_fragment_internal(loOid, offset, nbytes);
|
|
|
|
|
|
|
|
PG_RETURN_BYTEA_P(result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2014-06-12 21:39:09 +02:00
|
|
|
* Create LO with initial contents given by a bytea argument
|
2013-10-28 03:42:46 +01:00
|
|
|
*/
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_from_bytea(PG_FUNCTION_ARGS)
|
2013-10-28 03:42:46 +01:00
|
|
|
{
|
|
|
|
Oid loOid = PG_GETARG_OID(0);
|
|
|
|
bytea *str = PG_GETARG_BYTEA_PP(1);
|
|
|
|
LargeObjectDesc *loDesc;
|
|
|
|
int written PG_USED_FOR_ASSERTS_ONLY;
|
|
|
|
|
|
|
|
CreateFSContext();
|
|
|
|
|
|
|
|
loOid = inv_create(loOid);
|
|
|
|
loDesc = inv_open(loOid, INV_WRITE, fscxt);
|
|
|
|
written = inv_write(loDesc, VARDATA_ANY(str), VARSIZE_ANY_EXHDR(str));
|
|
|
|
Assert(written == VARSIZE_ANY_EXHDR(str));
|
|
|
|
inv_close(loDesc);
|
|
|
|
|
|
|
|
PG_RETURN_OID(loOid);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update range within LO
|
|
|
|
*/
|
|
|
|
Datum
|
2016-12-27 18:00:00 +01:00
|
|
|
be_lo_put(PG_FUNCTION_ARGS)
|
2013-10-28 03:42:46 +01:00
|
|
|
{
|
|
|
|
Oid loOid = PG_GETARG_OID(0);
|
|
|
|
int64 offset = PG_GETARG_INT64(1);
|
|
|
|
bytea *str = PG_GETARG_BYTEA_PP(2);
|
|
|
|
LargeObjectDesc *loDesc;
|
|
|
|
int written PG_USED_FOR_ASSERTS_ONLY;
|
|
|
|
|
|
|
|
CreateFSContext();
|
|
|
|
|
|
|
|
loDesc = inv_open(loOid, INV_WRITE, fscxt);
|
2017-08-07 16:19:01 +02:00
|
|
|
|
|
|
|
/* Permission check */
|
|
|
|
if (!lo_compat_privileges &&
|
|
|
|
pg_largeobject_aclcheck_snapshot(loDesc->id,
|
|
|
|
GetUserId(),
|
|
|
|
ACL_UPDATE,
|
|
|
|
loDesc->snapshot) != ACLCHECK_OK)
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
|
|
|
errmsg("permission denied for large object %u",
|
|
|
|
loDesc->id)));
|
|
|
|
|
2013-10-28 03:42:46 +01:00
|
|
|
inv_seek(loDesc, offset, SEEK_SET);
|
|
|
|
written = inv_write(loDesc, VARDATA_ANY(str), VARSIZE_ANY_EXHDR(str));
|
|
|
|
Assert(written == VARSIZE_ANY_EXHDR(str));
|
|
|
|
inv_close(loDesc);
|
|
|
|
|
|
|
|
PG_RETURN_VOID();
|
|
|
|
}
|