Convert newlines to spaces in names written in v11+ pg_dump comments.

Maliciously-crafted object names could achieve SQL injection during restore. CVE-2012-0868 fixed this class of problem at the time, but later work reintroduced three cases. Commit bc8cd50fefd369b217f80078585c486505aafb62 (back-patched to v11+ in 2023-05 releases) introduced the pg_dump case. Commit 6cbdbd9e8d8f2986fde44f2431ed8d0c8fce7f5d (v12+) introduced the two pg_dumpall cases. Move sanitize_line(), unchanged, to dumputils.c so pg_dumpall has access to it in all supported versions. Back-patch to v13 (all supported versions). Reviewed-by: Robert Haas <robertmhaas@gmail.com> Reviewed-by: Nathan Bossart <nathandbossart@gmail.com> Backpatch-through: 13 Security: CVE-2025-8715
author: Noah Misch <noah@leadboat.com> 2025-08-11 06:18:59 -0700
committer: Noah Misch <noah@leadboat.com> 2025-08-11 06:19:04 -0700
commit: 9751f934aa80f855f742425e16f669c44f6d0b9b (patch)
tree: b4c761347a9bbb2d1c4c939f34a3372996c900c2 /src/bin/pg_dump/dumputils.h
parent: a4f513b5a8cade4fbf2115e3250d56dc7f83166e (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/bin/pg_dump/dumputils.h b/src/bin/pg_dump/dumputils.h
index c67c3b5b842..1716b6d0d83 100644
--- a/src/bin/pg_dump/dumputils.h
+++ b/src/bin/pg_dump/dumputils.h
@@ -36,6 +36,7 @@
 #endif
 
 
+extern char *sanitize_line(const char *str, bool want_hyphen);
 extern bool buildACLCommands(const char *name, const char *subname, const char *nspname,
 							 const char *type, const char *acls, const char *baseacls,
 							 const char *owner, const char *prefix, int remoteVersion,
author	Noah Misch <noah@leadboat.com>	2025-08-11 06:18:59 -0700
committer	Noah Misch <noah@leadboat.com>	2025-08-11 06:19:04 -0700
commit	9751f934aa80f855f742425e16f669c44f6d0b9b (patch)
tree	b4c761347a9bbb2d1c4c939f34a3372996c900c2 /src/bin/pg_dump/dumputils.h
parent	a4f513b5a8cade4fbf2115e3250d56dc7f83166e (diff)