Field conninfo strings throughout src/bin/scripts.

These programs nominally accepted conninfo strings, but they would proceed to use the original dbname parameter as though it were an unadorned database name. This caused "reindexdb dbname=foo" to issue an SQL command that always failed, and other programs printed a conninfo string in error messages that purported to print a database name. Fix both problems by using PQdb() to retrieve actual database names. Continue to print the full conninfo string when reporting a connection failure. It is informative there, and if the database name is the sole problem, the server-side error message will include the name. Beyond those user-visible fixes, this allows a subsequent commit to synthesize and use conninfo strings without that implementation detail leaking into messages. As a side effect, the "vacuuming database" message now appears after, not before, the connection attempt. Back-patch to 9.1 (all supported versions). Reviewed by Michael Paquier and Peter Eisentraut. Security: CVE-2016-5424
2016-08-08 10:07:46 -04:00 · 2016-08-08 10:07:46 -04:00 · ba8c4089d6
parent cf7e5f55bf
commit ba8c4089d6
5 changed files with 18 additions and 18 deletions
--- a/src/bin/scripts/clusterdb.c
+++ b/src/bin/scripts/clusterdb.c
@ -185,10 +185,10 @@ cluster_one_database(const char *dbname, bool verbose, const char *table,
 	{
 		if (table)
 			fprintf(stderr, _("%s: clustering of table \"%s\" in database \"%s\" failed: %s"),
-					progname, table, dbname, PQerrorMessage(conn));
+					progname, table, PQdb(conn), PQerrorMessage(conn));
 		else
 			fprintf(stderr, _("%s: clustering of database \"%s\" failed: %s"),
-					progname, dbname, PQerrorMessage(conn));
+					progname, PQdb(conn), PQerrorMessage(conn));
 		PQfinish(conn);
 		exit(1);
 	}
--- a/src/bin/scripts/createlang.c
+++ b/src/bin/scripts/createlang.c
@ -179,10 +179,10 @@ main(int argc, char *argv[])
 	result = executeQuery(conn, sql.data, progname, echo);
 	if (PQntuples(result) > 0)
 	{
-		PQfinish(conn);
 		fprintf(stderr,
 		  _("%s: language \"%s\" is already installed in database \"%s\"\n"),
-				progname, langname, dbname);
+				progname, langname, PQdb(conn));
+		PQfinish(conn);
 		/* separate exit status for "already installed" */
 		exit(2);
 	}
--- a/src/bin/scripts/droplang.c
+++ b/src/bin/scripts/droplang.c
@ -186,10 +186,10 @@ main(int argc, char *argv[])
 	result = executeQuery(conn, sql.data, progname, echo);
 	if (PQntuples(result) == 0)
 	{
-		PQfinish(conn);
 		fprintf(stderr, _("%s: language \"%s\" is not installed in "
 						  "database \"%s\"\n"),
-				progname, langname, dbname);
+				progname, langname, PQdb(conn));
+		PQfinish(conn);
 		exit(1);
 	}
 	PQclear(result);
--- a/src/bin/scripts/reindexdb.c
+++ b/src/bin/scripts/reindexdb.c
@ -203,7 +203,7 @@ main(int argc, char *argv[])
 								 username, prompt_password, progname, echo);
 		/* reindex database only if index or table is not specified */
 		if (index == NULL && table == NULL)
-			reindex_one_database(dbname, dbname, "DATABASE", host, port,
+			reindex_one_database(NULL, dbname, "DATABASE", host, port,
 								 username, prompt_password, progname, echo);
 	}

@ -219,6 +219,8 @@ reindex_one_database(const char *name, const char *dbname, const char *type,

 	PGconn	   *conn;

+	conn = connectDatabase(dbname, host, port, username, prompt_password, progname);
+
 	initPQExpBuffer(&sql);

 	appendPQExpBuffer(&sql, "REINDEX");
@ -227,22 +229,20 @@ reindex_one_database(const char *name, const char *dbname, const char *type,
 	else if (strcmp(type, "INDEX") == 0)
 		appendPQExpBuffer(&sql, " INDEX %s", fmtId(name));
 	else if (strcmp(type, "DATABASE") == 0)
-		appendPQExpBuffer(&sql, " DATABASE %s", fmtId(name));
+		appendPQExpBuffer(&sql, " DATABASE %s", fmtId(PQdb(conn)));
 	appendPQExpBuffer(&sql, ";\n");

-	conn = connectDatabase(dbname, host, port, username, prompt_password, progname);
-
 	if (!executeMaintenanceCommand(conn, sql.data, echo))
 	{
 		if (strcmp(type, "TABLE") == 0)
 			fprintf(stderr, _("%s: reindexing of table \"%s\" in database \"%s\" failed: %s"),
-					progname, name, dbname, PQerrorMessage(conn));
+					progname, name, PQdb(conn), PQerrorMessage(conn));
 		if (strcmp(type, "INDEX") == 0)
 			fprintf(stderr, _("%s: reindexing of index \"%s\" in database \"%s\" failed: %s"),
-					progname, name, dbname, PQerrorMessage(conn));
+					progname, name, PQdb(conn), PQerrorMessage(conn));
 		else
 			fprintf(stderr, _("%s: reindexing of database \"%s\" failed: %s"),
-					progname, dbname, PQerrorMessage(conn));
+					progname, PQdb(conn), PQerrorMessage(conn));
 		PQfinish(conn);
 		exit(1);
 	}
@ -286,15 +286,15 @@ reindex_system_catalogs(const char *dbname, const char *host, const char *port,
 						const char *username, enum trivalue prompt_password,
 						const char *progname, bool echo)
 {
+	PGconn	   *conn;
 	PQExpBufferData sql;

-	PGconn	   *conn;
+	conn = connectDatabase(dbname, host, port, username, prompt_password, progname);

 	initPQExpBuffer(&sql);

-	appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;\n", dbname);
+	appendPQExpBuffer(&sql, "REINDEX SYSTEM %s;\n", PQdb(conn));

-	conn = connectDatabase(dbname, host, port, username, prompt_password, progname);
 	if (!executeMaintenanceCommand(conn, sql.data, echo))
 	{
 		fprintf(stderr, _("%s: reindexing of system catalogs failed: %s"),
--- a/src/bin/scripts/vacuumdb.c
+++ b/src/bin/scripts/vacuumdb.c
@ -276,10 +276,10 @@ vacuum_one_database(const char *dbname, bool full, bool verbose, bool and_analyz
 	{
 		if (table)
 			fprintf(stderr, _("%s: vacuuming of table \"%s\" in database \"%s\" failed: %s"),
-					progname, table, dbname, PQerrorMessage(conn));
+					progname, table, PQdb(conn), PQerrorMessage(conn));
 		else
 			fprintf(stderr, _("%s: vacuuming of database \"%s\" failed: %s"),
-					progname, dbname, PQerrorMessage(conn));
+					progname, PQdb(conn), PQerrorMessage(conn));
 		PQfinish(conn);
 		exit(1);
 	}