diff options
| -rw-r--r-- | contrib/sepgsql/expected/label.out | 2 | ||||
| -rw-r--r-- | src/backend/catalog/objectaddress.c | 4 | ||||
| -rw-r--r-- | src/test/regress/input/security_label.source | 1 | ||||
| -rw-r--r-- | src/test/regress/output/security_label.source | 2 |
4 files changed, 8 insertions, 1 deletions
diff --git a/contrib/sepgsql/expected/label.out b/contrib/sepgsql/expected/label.out index bac169f37bf..279cfab0914 100644 --- a/contrib/sepgsql/expected/label.out +++ b/contrib/sepgsql/expected/label.out @@ -65,7 +65,7 @@ SECURITY LABEL ON TABLE t2 ERROR: SELinux: invalid security label: "invalid security context" SECURITY LABEL ON COLUMN t2 IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- be failed -ERROR: improper relation name (too many dotted names): +ERROR: column name must be qualified SECURITY LABEL ON COLUMN t2.b IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- ok -- diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 3925b8ec95c..403bd9e283c 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -526,6 +526,10 @@ get_object_address_attribute(ObjectType objtype, List *objname, const char *attname; /* Extract relation name and open relation. */ + if (list_length(objname) < 2) + ereport(ERROR, + (errcode(ERRCODE_SYNTAX_ERROR), + errmsg("column name must be qualified"))); attname = strVal(lfirst(list_tail(objname))); relname = list_truncate(list_copy(objname), list_length(objname) - 1); relation = relation_openrv(makeRangeVarFromNameList(relname), lockmode); diff --git a/src/test/regress/input/security_label.source b/src/test/regress/input/security_label.source index 810a721ca8f..9b430b09a57 100644 --- a/src/test/regress/input/security_label.source +++ b/src/test/regress/input/security_label.source @@ -44,6 +44,7 @@ SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK SECURITY LABEL FOR 'unknown_seclabel' ON TABLE seclabel_tbl1 IS 'classified'; -- fail diff --git a/src/test/regress/output/security_label.source b/src/test/regress/output/security_label.source index 4bc803d694f..4b53bd54c90 100644 --- a/src/test/regress/output/security_label.source +++ b/src/test/regress/output/security_label.source @@ -37,6 +37,8 @@ LOAD '@abs_builddir@/dummy_seclabel@DLSUFFIX@'; SET SESSION AUTHORIZATION seclabel_user1; SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN seclabel_tbl1.a IS 'unclassified'; -- OK +SECURITY LABEL ON COLUMN seclabel_tbl1 IS 'unclassified'; -- fail +ERROR: column name must be qualified SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail ERROR: '...invalid label...' is not a valid security label SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'unclassified'; -- OK |