diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2006-05-21 20:12:20 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2006-05-21 20:12:20 +0000 |
| commit | 16e77740ea9e7f585393e4c5e20495f5ebce8d88 (patch) | |
| tree | 3adacbb5b50249f37e00ca025f5e2ffbe39bd595 /src/backend/utils/misc/guc.c | |
| parent | 5c4de6704454cebb57662a272f823159844ecf72 (diff) | |
Add a new GUC parameter backslash_quote, which determines whether the SQL
parser will allow "\'" to be used to represent a literal quote mark. The
"\'" representation has been deprecated for some time in favor of the
SQL-standard representation "''" (two single quote marks), but it has been
used often enough that just disallowing it immediately won't do. Hence
backslash_quote allows the settings "on", "off", and "safe_encoding",
the last meaning to allow "\'" only if client_encoding is a valid server
encoding. That is now the default, and the reason is that in encodings
such as SJIS that allow 0x5c (ASCII backslash) to be the last byte of a
multibyte character, accepting "\'" allows SQL-injection attacks as per
CVE-2006-2314 (further details will be published after release). The
"on" setting is available for backward compatibility, but it must not be
used with clients that are exposed to untrusted input.
Thanks to Akio Ishida and Yasuo Ohgaki for identifying this security issue.
Diffstat (limited to 'src/backend/utils/misc/guc.c')
| -rw-r--r-- | src/backend/utils/misc/guc.c | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index af64f0ad34f..4f723c42dbb 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -5,7 +5,7 @@ * command, configuration file, and command line options. * See src/backend/utils/misc/README for more information. * - * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.99.2.6 2006/02/12 22:33:47 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.99.2.7 2006/05/21 20:12:20 tgl Exp $ * * Copyright 2000 by PostgreSQL Global Development Group * Written by Peter Eisentraut <peter_e@gmx.net>. @@ -38,6 +38,7 @@ #include "optimizer/geqo.h" #include "optimizer/paths.h" #include "optimizer/planmain.h" +#include "parser/gramparse.h" #include "parser/parse_expr.h" #include "storage/fd.h" #include "storage/freespace.h" @@ -72,6 +73,8 @@ static const char *assign_facility(const char *facility, static const char *assign_msglvl(int *var, const char *newval, bool doit, bool interactive); +static const char *assign_backslash_quote(const char *newval, bool doit, + bool interactive); /* * Debugging options @@ -124,6 +127,7 @@ const char client_min_messages_str_default[] = "notice"; * and is kept in sync by assign_hooks. */ static double phony_random_seed; +static char *backslash_quote_string; static char *client_encoding_string; static char *datestyle_string; static char *default_iso_level_string; @@ -737,6 +741,11 @@ static struct config_string ConfigureNamesString[] = { { + {"backslash_quote", PGC_USERSET}, &backslash_quote_string, + "safe_encoding", assign_backslash_quote, NULL + }, + + { {"client_encoding", PGC_USERSET, GUC_IS_NAME}, &client_encoding_string, "SQL_ASCII", assign_client_encoding, NULL }, @@ -3060,4 +3069,30 @@ assign_msglvl(int *var, const char *newval, bool doit, bool interactive) return newval; /* OK */ } +static const char * +assign_backslash_quote(const char *newval, bool doit, bool interactive) +{ + BackslashQuoteType bq; + bool bqbool; + + /* + * Although only "on", "off", and "safe_encoding" are documented, + * we use parse_bool so we can accept all the likely variants of + * "on" and "off". + */ + if (strcasecmp(newval, "safe_encoding") == 0) + bq = BACKSLASH_QUOTE_SAFE_ENCODING; + else if (parse_bool(newval, &bqbool)) + { + bq = bqbool ? BACKSLASH_QUOTE_ON : BACKSLASH_QUOTE_OFF; + } + else + return NULL; /* reject */ + + if (doit) + backslash_quote = bq; + + return newval; +} + #include "guc-file.c" |