| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Marko Kreen <markokr(at)gmail(dot)com>, Postgres Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [patch] fix dblink security hole |
| Date: | 2008-09-22 03:44:11 |
| Message-ID: | 48D7148B.6020806@joeconway.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Joe Conway wrote:
> Tom Lane wrote:
>> Refactoring doesn't seem like an easy way to fix this, because of the
>> problem that the behavior of pulling up defaults is part of the API
>> specification for PQconndefaults().
>>
>> Thoughts?
>
> Hmm, I could have sworn I looked for that, and saw it elsewhere. Anyway,
> you are obviously correct.
>
> conninfo_parse() is presently only called from a few places -- maybe we
> should have conninfo_parse() really just parse, and create a new
> conninfo_get_missing() or some such that fills in missing values?
Maybe better:
static PQconninfoOption *
conninfo_parse(const char *conninfo, PQExpBuffer errorMessage,
bool fill_defaults, bool *password_from_string)
There are only three call sites including the new one. The two originals
could use fill_defaults == true, and PQconninfoParse could use false.
Joe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-09-22 03:47:15 | Re: [patch] fix dblink security hole |
| Previous Message | Tom Lane | 2008-09-22 03:44:05 | Re: [patch] fix dblink security hole |