dbconn: Don't leak implicit transactions on connect()

The unsetting of search_path started an implicit transaction that can
affect the behavior of subsequent SQL statements. A simpler solution
(thanks Heikki!) is to just set the search_path for the entire
connection using the connection string options.
Co-authored-by: NJamie McAtamney <jmcatamney@pivotal.io>
Co-authored-by: NJacob Champion <pchampion@pivotal.io>
Co-authored-by: NNikolaos Kalampalikis <nkalampalikis@pivotal.io>

gpMgmt/bin/gppylib/db/dbconn.py

@@ -197,6 +197,11 @@ def connect(dburl, utility=False, verbose=False,
         retries = 1
 
     options = []
+
+    # unset search path due to CVE-2018-1058
+    if unsetSearchPath:
+        options.append("-c search_path=")
+
     #by default, libpq will print WARNINGS to stdout
     if not verbose:
         options.append("-c CLIENT_MIN_MESSAGES=ERROR")
@@ -228,11 +233,6 @@ def connect(dburl, utility=False, verbose=False,
     # NOTE: the code to set ALWAYS_SECURE_SEARCH_PATH_SQL below assumes it is not part of an existing transaction
     conn = pgdb.pgdbCnx(cnx)
 
-    # unset search path due to CVE-2018-1058
-    if unsetSearchPath:
-        ALWAYS_SECURE_SEARCH_PATH_SQL = "SELECT pg_catalog.set_config('search_path', '', false)"
-        execSQL(conn, ALWAYS_SECURE_SEARCH_PATH_SQL).close()
-
     def __enter__(self):
         return self
     def __exit__(self, type, value, traceback):

gpMgmt/bin/gppylib/db/test/unit/test_cluster_dbconn.py

@@ -72,5 +72,13 @@ class ConnectTestCase(unittest.TestCase):
 
         self.assertEqual(result, '"$user",public')
 
+    def test_no_transaction_after_connect(self):
+        with dbconn.connect(self.url) as conn:
+            db = pg.DB(conn)
+            # this would fail if we were in a transaction DROP DATABASE cannot
+            # run inside a transaction block
+            db.query("DROP DATABASE IF EXISTS some_nonexistent_database")
+
+
 if __name__ == '__main__':
     unittest.main()