rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Validate the OID argument of pg_import_system_collations(). 

"SELECT pg_import_system_collations(0)" caused an assertion failure.
With a random nonzero argument --- or indeed with zero, in non-assert
builds --- it would happily make pg_collation entries with garbage
values of collnamespace.  These are harmless as far as I can tell
(unless maybe the OID happens to become used for a schema, later on?).
In any case this isn't a security issue, since the function is
superuser-only.  But it seems like a gotcha for unwary DBAs, so let's
add a check that the given OID belongs to some schema.

Back-patch to v10 where this function was introduced.
This commit is contained in:
Tom Lane 2021-03-08 18:21:51 -05:00
parent 6c20bdb2a2
commit 5c06abb9b9
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/backend/commands/collationcmds.c
View File

@ -407,14 +407,16 @@ pg_import_system_collations(PG_FUNCTION_ARGS)
Oid nspid = PG_GETARG_OID(0);
int ncreated = 0;
/* silence compiler warning if we have no locale implementation at all */
(void) nspid;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to import system collations")));
if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(nspid)))
ereport(ERROR,
(errcode(ERRCODE_UNDEFINED_SCHEMA),
errmsg("schema with OID %u does not exist", nspid)));
/* Load collations known to libc, using "locale -a" to enumerate them */
#ifdef READ_LOCALE_A_OUTPUT
{