Fix initdb to properly escape quotes and backslashes in the supplied
superuser password, and also in the paths of the various files it issues SQL COPY commands for. Per bug #2424.
This commit is contained in:
parent
0780ce6a93
commit
58a2dbc740
|
@ -42,7 +42,7 @@
|
||||||
* Portions Copyright (c) 1994, Regents of the University of California
|
* Portions Copyright (c) 1994, Regents of the University of California
|
||||||
* Portions taken from FreeBSD.
|
* Portions taken from FreeBSD.
|
||||||
*
|
*
|
||||||
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.115 2006/05/26 23:48:54 momjian Exp $
|
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.116 2006/05/27 18:07:06 tgl Exp $
|
||||||
*
|
*
|
||||||
*-------------------------------------------------------------------------
|
*-------------------------------------------------------------------------
|
||||||
*/
|
*/
|
||||||
|
@ -1222,20 +1222,20 @@ setup_config(void)
|
||||||
conflines = replace_token(conflines, "#port = 5432", repltok);
|
conflines = replace_token(conflines, "#port = 5432", repltok);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
lc_messages = escape_quotes(lc_messages);
|
snprintf(repltok, sizeof(repltok), "lc_messages = '%s'",
|
||||||
snprintf(repltok, sizeof(repltok), "lc_messages = '%s'", lc_messages);
|
escape_quotes(lc_messages));
|
||||||
conflines = replace_token(conflines, "#lc_messages = 'C'", repltok);
|
conflines = replace_token(conflines, "#lc_messages = 'C'", repltok);
|
||||||
|
|
||||||
lc_monetary = escape_quotes(lc_monetary);
|
snprintf(repltok, sizeof(repltok), "lc_monetary = '%s'",
|
||||||
snprintf(repltok, sizeof(repltok), "lc_monetary = '%s'", lc_monetary);
|
escape_quotes(lc_monetary));
|
||||||
conflines = replace_token(conflines, "#lc_monetary = 'C'", repltok);
|
conflines = replace_token(conflines, "#lc_monetary = 'C'", repltok);
|
||||||
|
|
||||||
lc_numeric = escape_quotes(lc_numeric);
|
snprintf(repltok, sizeof(repltok), "lc_numeric = '%s'",
|
||||||
snprintf(repltok, sizeof(repltok), "lc_numeric = '%s'", lc_numeric);
|
escape_quotes(lc_numeric));
|
||||||
conflines = replace_token(conflines, "#lc_numeric = 'C'", repltok);
|
conflines = replace_token(conflines, "#lc_numeric = 'C'", repltok);
|
||||||
|
|
||||||
lc_time = escape_quotes(lc_time);
|
snprintf(repltok, sizeof(repltok), "lc_time = '%s'",
|
||||||
snprintf(repltok, sizeof(repltok), "lc_time = '%s'", lc_time);
|
escape_quotes(lc_time));
|
||||||
conflines = replace_token(conflines, "#lc_time = 'C'", repltok);
|
conflines = replace_token(conflines, "#lc_time = 'C'", repltok);
|
||||||
|
|
||||||
switch (locale_date_order(lc_time)) {
|
switch (locale_date_order(lc_time)) {
|
||||||
|
@ -1541,8 +1541,8 @@ get_set_pwd(void)
|
||||||
|
|
||||||
PG_CMD_OPEN;
|
PG_CMD_OPEN;
|
||||||
|
|
||||||
PG_CMD_PRINTF2("ALTER USER \"%s\" WITH PASSWORD '%s';\n",
|
PG_CMD_PRINTF2("ALTER USER \"%s\" WITH PASSWORD E'%s';\n",
|
||||||
username, pwd1);
|
username, escape_quotes(pwd1));
|
||||||
|
|
||||||
PG_CMD_CLOSE;
|
PG_CMD_CLOSE;
|
||||||
|
|
||||||
|
@ -1740,8 +1740,8 @@ setup_description(void)
|
||||||
" objsubid int4, "
|
" objsubid int4, "
|
||||||
" description text) WITHOUT OIDS;\n");
|
" description text) WITHOUT OIDS;\n");
|
||||||
|
|
||||||
PG_CMD_PRINTF1("COPY tmp_pg_description FROM '%s';\n",
|
PG_CMD_PRINTF1("COPY tmp_pg_description FROM E'%s';\n",
|
||||||
desc_file);
|
escape_quotes(desc_file));
|
||||||
|
|
||||||
PG_CMD_PUTS("INSERT INTO pg_description "
|
PG_CMD_PUTS("INSERT INTO pg_description "
|
||||||
" SELECT t.objoid, c.oid, t.objsubid, t.description "
|
" SELECT t.objoid, c.oid, t.objsubid, t.description "
|
||||||
|
@ -1753,8 +1753,8 @@ setup_description(void)
|
||||||
" classname name, "
|
" classname name, "
|
||||||
" description text) WITHOUT OIDS;\n");
|
" description text) WITHOUT OIDS;\n");
|
||||||
|
|
||||||
PG_CMD_PRINTF1("COPY tmp_pg_shdescription FROM '%s';\n",
|
PG_CMD_PRINTF1("COPY tmp_pg_shdescription FROM E'%s';\n",
|
||||||
shdesc_file);
|
escape_quotes(shdesc_file));
|
||||||
|
|
||||||
PG_CMD_PUTS("INSERT INTO pg_shdescription "
|
PG_CMD_PUTS("INSERT INTO pg_shdescription "
|
||||||
" SELECT t.objoid, c.oid, t.description "
|
" SELECT t.objoid, c.oid, t.description "
|
||||||
|
@ -1925,8 +1925,8 @@ setup_schema(void)
|
||||||
PG_CMD_PRINTF1("COPY information_schema.sql_features "
|
PG_CMD_PRINTF1("COPY information_schema.sql_features "
|
||||||
" (feature_id, feature_name, sub_feature_id, "
|
" (feature_id, feature_name, sub_feature_id, "
|
||||||
" sub_feature_name, is_supported, comments) "
|
" sub_feature_name, is_supported, comments) "
|
||||||
" FROM '%s';\n",
|
" FROM E'%s';\n",
|
||||||
features_file);
|
escape_quotes(features_file));
|
||||||
|
|
||||||
PG_CMD_CLOSE;
|
PG_CMD_CLOSE;
|
||||||
|
|
||||||
|
@ -2103,8 +2103,15 @@ check_ok(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Escape any single quotes or backslashes in given string;
|
* Escape (by doubling) any single quotes or backslashes in given string
|
||||||
* postgresql.conf always enables backslash escapes
|
*
|
||||||
|
* Note: this is used to process both postgresql.conf entries and SQL
|
||||||
|
* string literals. Since postgresql.conf strings are defined to treat
|
||||||
|
* backslashes as escapes, we have to double backslashes here. Hence,
|
||||||
|
* when using this for a SQL string literal, use E'' syntax.
|
||||||
|
*
|
||||||
|
* We do not need to worry about encoding considerations because all
|
||||||
|
* valid backend encodings are ASCII-safe.
|
||||||
*/
|
*/
|
||||||
static char *
|
static char *
|
||||||
escape_quotes(const char *src)
|
escape_quotes(const char *src)
|
||||||
|
|
Loading…
Reference in New Issue