From cf7e5f55bfd56fc811018c5c56fd5fba6e9b87be Mon Sep 17 00:00:00 2001 From: Noah Misch Date: Mon, 8 Aug 2016 10:07:46 -0400 Subject: Introduce a psql "\connect -reuse-previous=on|off" option. The decision to reuse values of parameters from a previous connection has been based on whether the new target is a conninfo string. Add this means of overriding that default. This feature arose as one component of a fix for security vulnerabilities in pg_dump, pg_dumpall, and pg_upgrade, so back-patch to 9.1 (all supported versions). In 9.3 and later, comment paragraphs that required update had already-incorrect claims about behavior when no connection is open; fix those problems. Security: CVE-2016-5424 --- src/bin/psql/startup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/bin/psql/startup.c') diff --git a/src/bin/psql/startup.c b/src/bin/psql/startup.c index af82e9f5b37..0cf4c565b9f 100644 --- a/src/bin/psql/startup.c +++ b/src/bin/psql/startup.c @@ -183,7 +183,7 @@ main(int argc, char *argv[]) values[2] = options.username; keywords[3] = "password"; values[3] = password; - keywords[4] = "dbname"; + keywords[4] = "dbname"; /* see do_connect() */ values[4] = (options.action == ACT_LIST_DB && options.dbname == NULL) ? "postgres" : options.dbname; -- cgit v1.2.3