projects / postgresql.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6dce59c)
GCC 4.0 includes a new warning option, -Wformat-literal, that emits
authorNeil Conway <neilc@samurai.com>
Sat, 30 Apr 2005 09:08:14 +0000 (09:08 +0000)
committerNeil Conway <neilc@samurai.com>
Sat, 30 Apr 2005 09:08:14 +0000 (09:08 +0000)
a warning when a variable is used as a format string for printf()
and similar functions (if the variable is derived from untrusted
data, it could include unexpected formatting sequences). This
emits too many warnings to be enabled by default, but it does
flag a few dubious constructs in the Postgres tree. This patch
fixes up the obvious variants: functions that are passed a variable
format string but no additional arguments.

This patch fixes a bug in pg_dump (triggers with formatting sequences
in their names are not dumped correctly) and some related pg_dump
code that looks dubious; cleanups for more harmless instances have
been applied to more recent branches. This patch also fixes an
additional format string bug that is present in 7.2 but not in later
releases: pg_dump would also fail to correctly dump indexes with
formatting sequences in their names.

src/bin/pg_dump/pg_backup_archiver.c patch | blob | blame | history
src/bin/pg_dump/pg_dump.c patch | blob | blame | history

diff --git a/src/bin/pg_dump/pg_backup_archiver.c b/src/bin/pg_dump/pg_backup_archiver.c
index 2c8ea7d828f899992e07f98cc3008bd7d9eb1094..39cabdbac66566e842d6f941f4af95070366b83d 100644 (file)
--- a/src/bin/pg_dump/pg_backup_archiver.c
+++ b/src/bin/pg_dump/pg_backup_archiver.c
@@ -15,7 +15,7 @@
  *
  *
  * IDENTIFICATION
- *     $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_archiver.c,v 1.42 2002/02/11 00:18:20 tgl Exp $
+ *     $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_archiver.c,v 1.42.2.1 2005/04/30 09:08:14 neilc Exp $
  *
  * Modifications - 28-Jun-2000 - pjw@rhyme.com.au
  *
@@ -391,7 +391,7 @@ RestoreArchive(Archive *AHX, RestoreOptions *ropt)
                         * mode with libpq.
                         */
                        if (te->copyStmt && strlen(te->copyStmt) > 0)
-                           ahprintf(AH, te->copyStmt);
+                           ahprintf(AH, "%s", te->copyStmt);
 
                        (*AH->PrintTocDataPtr) (AH, te, ropt);
 
@@ -2006,7 +2006,7 @@ _reconnectAsUser(ArchiveHandle *AH, const char *dbname, const char *user)
        appendPQExpBuffer(qry, " %s\n\n",
                          fmtId(user, false));
 
-       ahprintf(AH, qry->data);
+       ahprintf(AH, "%s", qry->data);
 
        destroyPQExpBuffer(qry);
    }
diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c
index 9a7036a818a2b879a040282e0e6781d9b7bd6144..47ee20ccdc8a8ed3f7d6bc7f64387a220acfa25a 100644 (file)
--- a/src/bin/pg_dump/pg_dump.c
+++ b/src/bin/pg_dump/pg_dump.c
@@ -22,7 +22,7 @@
  *
  *
  * IDENTIFICATION
- *   $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_dump.c,v 1.241.2.3 2004/03/20 18:12:32 tgl Exp $
+ *   $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_dump.c,v 1.241.2.4 2005/04/30 09:08:14 neilc Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -436,7 +436,7 @@ dumpClasses_dumpData(Archive *fout, char *oid, void *dctxv)
                {
                    if (field > 0)
                        appendPQExpBuffer(q, ",");
-                   appendPQExpBuffer(q, fmtId(PQfname(res, field), force_quotes));
+                   appendPQExpBufferStr(q, fmtId(PQfname(res, field), force_quotes));
                }
                appendPQExpBuffer(q, ") ");
                archprintf(fout, "%s", q->data);
@@ -2599,12 +2599,12 @@ getTables(int *numTables, FuncInfo *finfo, int numFuncs, const char *tablename)
                if (tgisconstraint)
                {
                    appendPQExpBuffer(query, "CREATE CONSTRAINT TRIGGER ");
-                   appendPQExpBuffer(query, fmtId(PQgetvalue(res2, i2, i_tgconstrname), force_quotes));
+                   appendPQExpBufferStr(query, fmtId(PQgetvalue(res2, i2, i_tgconstrname), force_quotes));
                }
                else
                {
                    appendPQExpBuffer(query, "CREATE TRIGGER ");
-                   appendPQExpBuffer(query, fmtId(tgname, force_quotes));
+                   appendPQExpBufferStr(query, fmtId(tgname, force_quotes));
                }
                appendPQExpBufferChar(query, ' ');
                /* Trigger type */
@@ -4483,7 +4483,7 @@ dumpIndexes(Archive *fout, IndInfo *indinfo, int numIndexes,
        }
 
        resetPQExpBuffer(id1);
-       appendPQExpBuffer(id1, fmtId(indinfo[i].indexrelname, force_quotes));
+       appendPQExpBufferStr(id1, fmtId(indinfo[i].indexrelname, force_quotes));
 
        resetPQExpBuffer(q);
        appendPQExpBuffer(q, "%s;\n", indinfo[i].indexdef);
This is the main PostgreSQL git repository.