Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit fe2b538

Browse filesBrowse files
tglsfdctglsfdc
committed
Validate the OID argument of pg_import_system_collations().
"SELECT pg_import_system_collations(0)" caused an assertion failure. With a random nonzero argument --- or indeed with zero, in non-assert builds --- it would happily make pg_collation entries with garbage values of collnamespace. These are harmless as far as I can tell (unless maybe the OID happens to become used for a schema, later on?). In any case this isn't a security issue, since the function is superuser-only. But it seems like a gotcha for unwary DBAs, so let's add a check that the given OID belongs to some schema. Back-patch to v10 where this function was introduced.
1 parent 21d5a06 commit fe2b538
Copy full SHA for fe2b538

File tree

Expand file treeCollapse file tree

1 file changed

+5
-3
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+5
-3
lines changed

‎src/backend/commands/collationcmds.c

Copy file name to clipboardExpand all lines: src/backend/commands/collationcmds.c
+5-3Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -522,14 +522,16 @@ pg_import_system_collations(PG_FUNCTION_ARGS)
522522
Oid nspid = PG_GETARG_OID(0);
523523
int ncreated = 0;
524524

525-
/* silence compiler warning if we have no locale implementation at all */
526-
(void) nspid;
527-
528525
if (!superuser())
529526
ereport(ERROR,
530527
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
531528
errmsg("must be superuser to import system collations")));
532529

530+
if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(nspid)))
531+
ereport(ERROR,
532+
(errcode(ERRCODE_UNDEFINED_SCHEMA),
533+
errmsg("schema with OID %u does not exist", nspid)));
534+
533535
/* Load collations known to libc, using "locale -a" to enumerate them */
534536
#ifdef READ_LOCALE_A_OUTPUT
535537
{

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.