Does the patch below look like the correct fix to CVE-2006-0553 if
running 8.1.1? I just scanned cvs log from the 8.1 branch, looking for
CVE-2006-0553 and picked out the diffs.

-- 
albert chin ([EMAIL PROTECTED])

-- snip snip
Index: src/backend/commands/variable.c
===================================================================
--- src/backend/commands/variable.c.orig        2005-11-22 12:23:08.000000000 
-0600
+++ src/backend/commands/variable.c     2006-02-19 15:24:40.540106000 -0600
@@ -586,7 +586,9 @@
  * by the numeric oid, followed by a comma, followed by the role name.
  * This cannot be confused with a plain role name because of the NAMEDATALEN
  * limit on names, so we can tell whether we're being passed an initial
- * role name or a saved/restored value.
+ * role name or a saved/restored value.  (NOTE: we rely on guc.c to have
+ * properly truncated any incoming value, but not to truncate already-stored
+ * values.  See GUC_IS_NAME processing.)
  */
 extern char *session_authorization_string;             /* in guc.c */
 
Index: src/include/utils/guc_tables.h
===================================================================
--- src/include/utils/guc_tables.h.orig 2005-07-14 00:13:44.000000000 -0500
+++ src/include/utils/guc_tables.h      2006-02-19 15:29:15.187973000 -0600
@@ -126,6 +126,7 @@
 #define GUC_DISALLOW_IN_FILE   0x0040  /* can't set in postgresql.conf */
 #define GUC_CUSTOM_PLACEHOLDER 0x0080  /* placeholder for custom variable */
 #define GUC_SUPERUSER_ONLY             0x0100  /* show only to superusers */
+#define GUC_IS_NAME                    0x0200  /* limit string to 
NAMEDATALEN-1 */
 
 /* bit values in status field */
 #define GUC_HAVE_TENTATIVE     0x0001          /* tentative value is defined */
Index: src/backend/utils/misc/guc.c
===================================================================
--- src/backend/utils/misc/guc.c.orig   2005-11-22 12:23:24.000000000 -0600
+++ src/backend/utils/misc/guc.c        2006-02-19 15:30:21.625766000 -0600
@@ -48,6 +48,7 @@
 #include "optimizer/prep.h"
 #include "parser/parse_expr.h"
 #include "parser/parse_relation.h"
+#include "parser/scansup.h"
 #include "postmaster/autovacuum.h"
 #include "postmaster/bgwriter.h"
 #include "postmaster/syslogger.h"
@@ -1662,7 +1663,7 @@
                {"client_encoding", PGC_USERSET, CLIENT_CONN_LOCALE,
                        gettext_noop("Sets the client's character set 
encoding."),
                        NULL,
-                       GUC_REPORT
+                       GUC_IS_NAME | GUC_REPORT
                },
                &client_encoding_string,
                "SQL_ASCII", assign_client_encoding, NULL
@@ -1742,7 +1743,8 @@
        {
                {"default_tablespace", PGC_USERSET, CLIENT_CONN_STATEMENT,
                        gettext_noop("Sets the default tablespace to create 
tables and indexes in."),
-                       gettext_noop("An empty string selects the database's 
default tablespace.")
+                       gettext_noop("An empty string selects the database's 
default tablespace."),
+                       GUC_IS_NAME
                },
                &default_tablespace,
                "", assign_default_tablespace, NULL
@@ -1900,7 +1902,7 @@
                {"server_encoding", PGC_INTERNAL, CLIENT_CONN_LOCALE,
                        gettext_noop("Sets the server (database) character set 
encoding."),
                        NULL,
-                       GUC_REPORT | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
+                       GUC_IS_NAME | GUC_REPORT | GUC_NOT_IN_SAMPLE | 
GUC_DISALLOW_IN_FILE
                },
                &server_encoding_string,
                "SQL_ASCII", NULL, NULL
@@ -1922,7 +1924,7 @@
                {"role", PGC_USERSET, UNGROUPED,
                        gettext_noop("Sets the current role."),
                        NULL,
-                       GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE 
| GUC_DISALLOW_IN_FILE
+                       GUC_IS_NAME | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | 
GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
                },
                &role_string,
                "none", assign_role, show_role
@@ -1933,7 +1935,7 @@
                {"session_authorization", PGC_USERSET, UNGROUPED,
                        gettext_noop("Sets the session user name."),
                        NULL,
-                       GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | 
GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
+                       GUC_IS_NAME | GUC_REPORT | GUC_NO_SHOW_ALL | 
GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE | GUC_DISALLOW_IN_FILE
                },
                &session_authorization_string,
                NULL, assign_session_authorization, show_session_authorization
@@ -3934,6 +3936,12 @@
                                        newval = guc_strdup(elevel, value);
                                        if (newval == NULL)
                                                return false;
+                                       /*
+                                        * The only sort of "parsing" check we 
need to do is
+                                        * apply truncation if GUC_IS_NAME.
+                                        */
+                                       if (conf->gen.flags & GUC_IS_NAME)
+                                               truncate_identifier(newval, 
strlen(newval), true);
                                }
                                else if (conf->reset_val)
                                {
Index: src/backend/utils/mb/encnames.c
===================================================================
--- src/backend/utils/mb/encnames.c.orig        2005-10-14 21:49:33.000000000 
-0500
+++ src/backend/utils/mb/encnames.c     2006-02-19 15:35:15.559558000 -0600
@@ -449,7 +449,7 @@
        if (name == NULL || *name == '\0')
                return NULL;
 
-       if (strlen(name) > NAMEDATALEN)
+       if (strlen(name) >= NAMEDATALEN)
        {
 #ifdef FRONTEND
                fprintf(stderr, "encoding name too long\n");

---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
       subscribe-nomail command to [EMAIL PROTECTED] so that your
       message can get through to the mailing list cleanly

Reply via email to