From 8fbe5a317de6c91826ae2c91f73f780bb0d6489e Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Tue, 22 May 2012 11:19:33 -0400 Subject: [PATCH] Fix error message for COMMENT/SECURITY LABEL ON COLUMN xxx IS 'yyy' When the column name is an unqualified name, rather than table.column, the error message complains about too many dotted names, which is wrong. Report by Peter Eisentraut based on examination of the sepgsql regression test output, but the problem also affects COMMENT. New wording as suggested by Tom Lane. --- contrib/sepgsql/expected/label.out | 2 +- src/backend/catalog/objectaddress.c | 4 ++++ src/test/regress/input/security_label.source | 1 + src/test/regress/output/security_label.source | 2 ++ 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/contrib/sepgsql/expected/label.out b/contrib/sepgsql/expected/label.out index f9587dee57..d4a6f8ae96 100644 --- a/contrib/sepgsql/expected/label.out +++ b/contrib/sepgsql/expected/label.out @@ -91,7 +91,7 @@ SECURITY LABEL ON TABLE t2 ERROR: SELinux: invalid security label: "invalid security context" SECURITY LABEL ON COLUMN t2 IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- be failed -ERROR: improper relation name (too many dotted names): +ERROR: column name must be qualified SECURITY LABEL ON COLUMN t2.b IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- ok -- diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 250069f410..d133f64776 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -794,6 +794,10 @@ get_object_address_attribute(ObjectType objtype, List *objname, AttrNumber attnum; /* Extract relation name and open relation. */ + if (list_length(objname) < 2) + ereport(ERROR, + (errcode(ERRCODE_SYNTAX_ERROR), + errmsg("column name must be qualified"))); attname = strVal(lfirst(list_tail(objname))); relname = list_truncate(list_copy(objname), list_length(objname) - 1); relation = relation_openrv(makeRangeVarFromNameList(relname), lockmode); diff --git a/src/test/regress/input/security_label.source b/src/test/regress/input/security_label.source index 70771d7596..287dd76ead 100644 --- a/src/test/regress/input/security_label.source +++ b/src/test/regress/input/security_label.source @@ -49,6 +49,7 @@ SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK SECURITY LABEL FOR 'unknown_seclabel' ON TABLE seclabel_tbl1 IS 'classified'; -- fail diff --git a/src/test/regress/output/security_label.source b/src/test/regress/output/security_label.source index 6994d19c2e..9be8bbd15c 100644 --- a/src/test/regress/output/security_label.source +++ b/src/test/regress/output/security_label.source @@ -45,6 +45,8 @@ LOAD '@abs_builddir@/dummy_seclabel@DLSUFFIX@'; SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail +ERROR: column name must be qualified SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail ERROR: '...invalid label...' is not a valid security label SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK