open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Disallow arrays in key provider options

Browse Source 
These are never valid values anyways, so just disallow them completely.
pull/220/head
Anders Åstrand 4 months ago committed by AndersAstrand
parent dc909626dc
commit fe50a21b31
3 changed files with 32 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 14
      contrib/pg_tde/expected/key_provider.out
  2. 11
      contrib/pg_tde/sql/key_provider.sql
  3. 8
      contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c

14
contrib/pg_tde/expected/key_provider.out
Unescape View File

@ -208,6 +208,13 @@ SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "
ERROR: external remote value must contain "url" in field "path"
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
ERROR: external file value must contain "path" in field "path"
-- Creating key providers fails if values are array instead of scalar
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
ERROR: unexpected array in field "path"
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
ERROR: unexpected array in field "path"
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
ERROR: unexpected array in field "path"
-- Modifying key providers fails if any required parameter is NULL
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
ERROR: provider type cannot be null
@ -242,6 +249,13 @@ SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"
ERROR: external remote value must contain "url" in field "path"
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
ERROR: external file value must contain "path" in field "path"
-- Modifying key providers fails if values are array instead of scalar
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
ERROR: unexpected array in field "path"
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
ERROR: unexpected array in field "path"
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
ERROR: unexpected array in field "path"
-- Deleting key providers fails if key name is NULL
SELECT pg_tde_delete_database_key_provider(NULL);
ERROR: provider_name cannot be null

11
contrib/pg_tde/sql/key_provider.sql
Unescape View File

@ -86,6 +86,11 @@ SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {}}');
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "remote"}}');
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file"}}');
-- Creating key providers fails if values are array instead of scalar
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": ["array"]}');
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": ["array"]}}');
SELECT pg_tde_add_database_key_provider('file', 'provider', '{"path": {"type": "file", "path": ["array"]}}');
-- Modifying key providers fails if any required parameter is NULL
SELECT pg_tde_change_database_key_provider(NULL, 'file-keyring', '{}');
SELECT pg_tde_change_database_key_provider('file', NULL, '{}');
@ -108,6 +113,12 @@ SELECT pg_tde_change_database_key_provider('file', 'file-provider', 'null');
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {}}');
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "remote"}}');
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file"}}');
-- Modifying key providers fails if values are array instead of scalar
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": ["array"]}');
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": ["array"]}}');
SELECT pg_tde_change_database_key_provider('file', 'file-provider', '{"path": {"type": "file", "path": ["array"]}}');
-- Deleting key providers fails if key name is NULL
SELECT pg_tde_delete_database_key_provider(NULL);
SELECT pg_tde_delete_global_key_provider(NULL);

8
contrib/pg_tde/src/catalog/tde_keyring_parse_opts.c
Unescape View File

@ -209,9 +209,15 @@ json_kring_array_start(void *state)
break;
case JK_EXPECT_TOP_FIELD:
case JK_EXPECT_EXTERN_VAL:
ereport(ERROR,
errcode(ERRCODE_INVALID_PARAMETER_VALUE),
errmsg("unexpected array in field \"%s\"", JK_FIELD_NAMES[parse->top_level_field]));
break;
}
return JSON_SUCCESS;
/* Never reached */
Assert(0);
return JSON_SEM_ACTION_FAILED;
}
/*

Write Preview
Loading…
Cancel
Save