mirror of
https://github.com/postgres/postgres.git
synced 2026-03-14 14:42:30 -04:00
254eb04f17
Due to simplistic quoting and confusion of database names with conninfo strings, roles with the CREATEDB or CREATEROLE option could escalate to superuser privileges when a superuser next ran certain maintenance commands. The new coding rule for PQconnectdbParams() calls, documented at conninfo_array_parse(), is to pass expand_dbname=true and wrap literal database names in a trivial connection string. Escape zero-length values in appendConnStrVal(). Back-patch to 9.1 (all supported versions). Nathan Bossart, Michael Paquier, and Noah Misch. Reviewed by Peter Eisentraut. Reported by Nathan Bossart. Security: CVE-2016-5424 |
||
|---|---|---|
| .. | ||
| po | ||
| t | ||
| .gitignore | ||
| clusterdb.c | ||
| common.c | ||
| common.h | ||
| createdb.c | ||
| createlang.c | ||
| createuser.c | ||
| dropdb.c | ||
| droplang.c | ||
| dropuser.c | ||
| Makefile | ||
| nls.mk | ||
| pg_isready.c | ||
| reindexdb.c | ||
| vacuumdb.c | ||