upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-23 10:55:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

libpq-oauth: Never link against libpq's encoding functions

Browse source 
Now that libpq-oauth doesn't have to match the major version of libpq,
some things in pg_wchar.h are technically unsafe for us to use. (See
b6c7cfac8 for a fuller discussion.) This is unlikely to be a problem --
we only care about UTF-8 in the context of OAuth right now -- but if
anyone did introduce a way to hit it, it'd be extremely difficult to
debug or reproduce, and it'd be a potential security vulnerability to
boot.

Define USE_PRIVATE_ENCODING_FUNCS so that anyone who tries to add a
dependency on the exported APIs will simply fail to link the shared
module.

Reviewed-by: Chao Li <li.evan.chao@gmail.com>
Reviewed-by: Zsolt Parragi <zsolt.parragi@percona.com>
Discussion: https://postgr.es/m/CAOYmi%2BmrGg%2Bn_X2MOLgeWcj3v_M00gR8uz_D7mM8z%3DdX1JYVbg%40mail.gmail.com
This commit is contained in:
Jacob Champion 2026-03-13 09:38:04 -07:00
parent 6225403f27
commit dba3560448
2 changed files with 18 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/interfaces/libpq-oauth/Makefile
View file

@ -24,6 +24,14 @@ override shlib := lib$(NAME)$(DLSUFFIX)
override CPPFLAGS := -I$(libpq_srcdir) -I$(top_builddir)/src/port $(CPPFLAGS) $(LIBCURL_CPPFLAGS)
override CFLAGS += $(PTHREAD_CFLAGS)
override CPPFLAGS_SHLIB := -DUSE_DYNAMIC_OAUTH
# A bit of forward-looking paranoia: don't allow libpq-oauth.so to accidentally
# depend on the encoding IDs coming from libpq. They're not guaranteed to match
# the IDs in use by our version of pgcommon, now that we allow the major version
# of libpq to differ from the major version of libpq-oauth.
override CPPFLAGS_SHLIB += -DUSE_PRIVATE_ENCODING_FUNCS
OBJS = \
$(WIN32RES)
@ -34,8 +42,7 @@ OBJS_SHLIB = \
oauth-curl_shlib.o \
oauth-utils.o \
oauth-utils.o: override CPPFLAGS += -DUSE_DYNAMIC_OAUTH
oauth-curl_shlib.o: override CPPFLAGS_SHLIB += -DUSE_DYNAMIC_OAUTH
oauth-utils.o: override CPPFLAGS += $(CPPFLAGS_SHLIB)
# Add shlib-/stlib-specific objects.
$(shlib): override OBJS += $(OBJS_SHLIB)

10
src/interfaces/libpq-oauth/meson.build
View file

@ -12,7 +12,15 @@ libpq_oauth_sources = files(
libpq_oauth_so_sources = files(
'oauth-utils.c',
)
libpq_oauth_so_c_args = ['-DUSE_DYNAMIC_OAUTH']
libpq_oauth_so_c_args = [
'-DUSE_DYNAMIC_OAUTH',
# A bit of forward-looking paranoia: don't allow anyone to accidentally depend
# on the encoding IDs coming from libpq. They're not guaranteed to match the
# IDs in use by our version of pgcommon, now that we allow the major version
# of libpq to differ from the major version of libpq-oauth.
'-DUSE_PRIVATE_ENCODING_FUNCS',
]
export_file = custom_target('libpq-oauth.exports',
kwargs: gen_export_kwargs,