From 4265ed9f4e6e7bfdd26cd7879006a14fce3e5640 Mon Sep 17 00:00:00 2001 From: Heikki Linnakangas Date: Fri, 30 Jan 2009 17:24:47 +0000 Subject: [PATCH] Check that connection limit is within valid range. IOW, not < -1. It's missing in older versions too, but it doesn't seem worth back-porting. All negative are just harmlessly treated as "no limit", and tightening the check might even brake an application that relies on it. --- src/backend/commands/dbcommands.c | 14 +++++++++++++- src/backend/commands/user.c | 14 +++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index 2ff7021f28..f9dcb973c0 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -13,7 +13,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.218 2009/01/20 18:59:37 heikki Exp $ + * $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.219 2009/01/30 17:24:47 heikki Exp $ * *------------------------------------------------------------------------- */ @@ -244,7 +244,13 @@ createdb(const CreatedbStmt *stmt) dbctype = strVal(dctype->arg); if (dconnlimit && dconnlimit->arg) + { dbconnlimit = intVal(dconnlimit->arg); + if (dbconnlimit < -1) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("invalid connection limit: %d", dbconnlimit))); + } /* obtain OID of proposed owner */ if (dbowner) @@ -1319,7 +1325,13 @@ AlterDatabase(AlterDatabaseStmt *stmt, bool isTopLevel) } if (dconnlimit) + { connlimit = intVal(dconnlimit->arg); + if (connlimit < -1) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("invalid connection limit: %d", connlimit))); + } /* * Get the old tuple. We don't need a lock on the database per se, diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 7c1da42bc3..22491cf3f7 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -6,7 +6,7 @@ * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.185 2009/01/22 20:16:02 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.186 2009/01/30 17:24:47 heikki Exp $ * *------------------------------------------------------------------------- */ @@ -242,7 +242,13 @@ CreateRole(CreateRoleStmt *stmt) if (dcanlogin) canlogin = intVal(dcanlogin->arg) != 0; if (dconnlimit) + { connlimit = intVal(dconnlimit->arg); + if (connlimit < -1) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("invalid connection limit: %d", connlimit))); + } if (daddroleto) addroleto = (List *) daddroleto->arg; if (drolemembers) @@ -533,7 +539,13 @@ AlterRole(AlterRoleStmt *stmt) if (dcanlogin) canlogin = intVal(dcanlogin->arg); if (dconnlimit) + { connlimit = intVal(dconnlimit->arg); + if (connlimit < -1) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("invalid connection limit: %d", connlimit))); + } if (drolemembers) rolemembers = (List *) drolemembers->arg; if (dvalidUntil) -- GitLab