| Age | Commit message (Collapse) | Author |
|---|
|
|
|
previously-missing spinlock code for x86_64 and ppc64 architectures,
converts the ppc/ppc64 code into gcc inlines, and provides a better
spinlock backoff algorithm on all architectures. Aside from being
almost identical to the community 7.4 source code, this exact patch
has been in use for awhile in Red Hat's RHEL3 RPMs, so I have pretty
good confidence in it. Why bother, you ask? I'm taking pity on a
couple of buildfarm members that have been vainly trying to build 7.3
on these 64-bit architectures.
|
|
|
|
parser will allow "\'" to be used to represent a literal quote mark. The
"\'" representation has been deprecated for some time in favor of the
SQL-standard representation "''" (two single quote marks), but it has been
used often enough that just disallowing it immediately won't do. Hence
backslash_quote allows the settings "on", "off", and "safe_encoding",
the last meaning to allow "\'" only if client_encoding is a valid server
encoding. That is now the default, and the reason is that in encodings
such as SJIS that allow 0x5c (ASCII backslash) to be the last byte of a
multibyte character, accepting "\'" allows SQL-injection attacks as per
CVE-2006-2314 (further details will be published after release). The
"on" setting is available for backward compatibility, but it must not be
used with clients that are exposed to untrusted input.
Thanks to Akio Ishida and Yasuo Ohgaki for identifying this security issue.
|
|
characters in all cases. Formerly we mostly just threw warnings for invalid
input, and failed to detect it at all if no encoding conversion was required.
The tighter check is needed to defend against SQL-injection attacks as per
CVE-2006-2313 (further details will be published after release). Embedded
zero (null) bytes will be rejected as well. The checks are applied during
input to the backend (receipt from client or COPY IN), so it no longer seems
necessary to check in textin() and related routines; any string arriving at
those functions will already have been validated. Conversion failure
reporting (for characters with no equivalent in the destination encoding)
has been cleaned up and made consistent while at it.
Also, fix a few longstanding errors in little-used encoding conversion
routines: win1251_to_iso, win866_to_iso, euc_tw_to_big5, euc_tw_to_mic,
mic_to_euc_tw were all broken to varying extents.
Patches by Tatsuo Ishii and Tom Lane. Thanks to Akio Ishida and Yasuo Ohgaki
for identifying the security issues.
|
|
|
|
our own command (or more generally, xmin = our xact and cmin >= current
command ID) should not be seen as good. Else we may try to update rows
we already updated. This error was inserted last August while fixing the
even bigger problem that the old coding wouldn't see *any* tuples inserted
by our own transaction as good. Per report from Euler Taveira de Oliveira.
|
|
|
|
Back-patch of previous fix in HEAD for plperl-vs-locale issue.
|
|
environment fix.
|
|
|
|
|
|
and with insufficient paranoia in code that follows t_ctid links.
This patch covers the 7.3 branch.
|
|
checked that the pointer is actually word-aligned. Casting a non-aligned
pointer to int32* is technically illegal per the C spec, and some recent
versions of gcc actually generate bad code for the memset() when given
such a pointer. Per report from Andrew Morrow.
|
|
to just around the bare recv() call that gets a command from the client.
The former placement in PostgresMain was unsafe because the intermediate
processing layers (especially SSL) use facilities such as malloc that are
not necessarily re-entrant. Per report from counterstorm.com.
|
|
|
|
|
|
left input's sorting, because null rows may be inserted at various points.
Per report from Ferenc Lutischá¸n.
|
|
|
|
|
|
for transaction commits that occurred just before the checkpoint. This is
an EXTREMELY serious bug --- kudos to Satoshi Okada for creating a
reproducible test case to prove its existence.
|
|
|
|
|
|
so that they do not prevent the postmaster from deleting the shmem segment
during crash recovery.
|
|
|
|
|
|
since 7.2, per bug #947. Turns out it had wrong volatility label, too.
Can't force initdb in 7.3 branch, but fix anyway for future installs.
|
|
reading in any page. Also back-port the zero_damaged_pages boolean
that determines what to do about it.
|
|
qual checking, not GetCurrentCommandId. Per test case from Steve Wolfe.
|
|
initdb in the 7.3 branch, but we can at least make it right for people
who install 7.3.3 from scratch.
|
|
cleaning out temp namespaces. We don't really want the server log to be
cluttered with 'Drop cascades to table foo' every time someone uses a
temp table...
|
|
answer when SET TIMEZONE has been done since the start of the current
transaction. Per bug report from Robert Haas.
I plan some futher cleanup in HEAD, but this is a low-risk patch for
the immediate issue in 7.3.
|
|
correctly. However the patch for PostgresPollingStatusType() is not
included to avoid 7.3 libpq vs. pre-7.3 backend
compatibility problem. See following thread for more details.
Subject: [HACKERS] client_encoding directive is ignored in postgresql.conf
From: Tatsuo Ishii <t-ishii@sra.co.jp>
Date: Wed, 29 Jan 2003 22:24:04 +0900 (JST)
|
|
Instead of grovelling through pg_class to find them, make use of the
handy dandy dependency mechanism: just delete everything that depends
on our temp schema. Unlike the pg_class scan, the dependency mechanism
is smart enough to delete things in an order that doesn't fall foul of
any dependency restrictions. Fixes problem reported by David Heggie:
a temp table with a serial column may cause a backend FATAL exit at
shutdown time, if it chances to try to delete the temp sequence first.
|
|
|
|
value of MAX_TIME_PRECISION in floating-point-timestamp-storage case
from 13 to 10, which is as much as time_out is actually willing to print.
(The alternative of increasing the number of digits we are willing to
print looks risky; we might find ourselves printing roundoff garbage.)
|
|
for backwards compatibility with pre-7.3 behavior. Per discussion on
pgsql-general and pgsql-hackers.
|
|
that's selecting into a RECORD variable returns zero rows, make it
assign an all-nulls row to the RECORD; this is consistent with what
happens when the SELECT INTO target is not a RECORD. In support of
this, tweak the SPI code so that a valid tuple descriptor is returned
even when a SPI select returns no rows.
|
|
datetime token tables. Even more embarrassing, the regression tests
revealed some of the problems --- but evidently the bogus output wasn't
questioned. Add code to postmaster startup to directly check the tables
for correct ordering, in hopes of not being embarrassed like this again.
|
|
on its namespace, so that it will go away if the schema is dropped.
|
|
the index AM when we know we are fetching a unique row. However, this
logic did not consider the possibility that it would be asked to fetch
backwards. Also fix mark/restore to work correctly in this scenario.
|
|
it diverged from netbsd.h and openbsd.h. This has now been confirmed.
Accordingly, make all three exactly alike.
|
|
|
|
disallowed by CREATE TABLE (eg, pseudo-types); also disallow these types
from being introduced by the range-function syntax. While at it, allow
CREATE TABLE to create zero-column tables, per recent pghackers discussion.
I am back-patching this into 7.3 since failure to disallow pseudo-types
is arguably a security hole.
|
|
report from Terry Yapt and Hiroshi.
Backpatch to 7.3.
|
|
(64-bit). Fix it. Per report from Permaine Cheung.
|
|
but do it correctly now.
|
|
anymore given the mktime() workaround now done in DetermineLocalTimeZone.
This has now been confirmed by Robert Bruccoleri for Irix, and I'm going
to extrapolate to AIX as well.
|
|
|
|
where it's safe to do database access. Along the way, fix core dump
for 'DEFAULT' parameters to CREATE DATABASE. initdb forced due to
change in pg_proc entry.
|
