You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Noah Misch
fcd15f1358
Obstruct shell, SQL, and conninfo injection via database and role names. ...
Due to simplistic quoting and confusion of database names with conninfo
strings, roles with the CREATEDB or CREATEROLE option could escalate to
superuser privileges when a superuser next ran certain maintenance
commands. The new coding rule for PQconnectdbParams() calls, documented
at conninfo_array_parse(), is to pass expand_dbname=true and wrap
literal database names in a trivial connection string. Escape
zero-length values in appendConnStrVal(). Back-patch to 9.1 (all
supported versions).
Nathan Bossart, Michael Paquier, and Noah Misch. Reviewed by Peter
Eisentraut. Reported by Nathan Bossart.
Security: CVE-2016-5424
10 years ago
..
access
Minor cleanup for access/transam/parallel.c.
10 years ago
bootstrap
Update copyright for 2016
11 years ago
catalog
Fix misestimation of n_distinct for a nearly-unique column with many nulls.
10 years ago
commands
Print a given subplan only once in EXPLAIN.
10 years ago
common
pgindent run for 9.6
10 years ago
datatype
Be more careful about out-of-range dates and timestamps.
10 years ago
executor
Fix worst memory leaks in tqueue.c.
10 years ago
fe_utils
Obstruct shell, SQL, and conninfo injection via database and role names.
10 years ago
foreign
Remove GetUserMappingId() and GetUserMappingById().
10 years ago
lib
Remove mergeHyperLogLog.
10 years ago
libpq
Fix pq_putmessage_noblock() to not block.
10 years ago
mb
Update copyright for 2016
11 years ago
nodes
Teach parser to transform "x IS [NOT] DISTINCT FROM NULL" to a NullTest.
10 years ago
optimizer
Avoid making a separate pass over the query to check for partializability.
10 years ago
parser
Fix type-safety problem with parallel aggregate serial/deserialization.
10 years ago
port
Fix various common mispellings.
10 years ago
portability
Update copyright for 2016
11 years ago
postmaster
Allow Pin/UnpinBuffer to operate in a lockfree manner.
10 years ago
regex
Suppress compiler warnings about useless comparison of unsigned to zero.
10 years ago
replication
Add conninfo to pg_stat_wal_receiver
10 years ago
rewrite
Update copyright for 2016
11 years ago
snowball
Update copyright for 2016
11 years ago
storage
Prevent "snapshot too old" from trying to return pruned TOAST tuples.
10 years ago
tcop
Stop the executor if no more tuples can be sent from worker to leader.
10 years ago
tsearch
Change predecence of phrase operator.
10 years ago
utils
Fix TOAST access failure in RETURNING queries.
10 years ago
.gitignore
…
Makefile
Create src/fe_utils/, and move stuff into there from pg_dump's dumputils.
10 years ago
c.h
Make init_spin_delay() C89 compliant and change stuck spinlock reporting.
10 years ago
fmgr.h
Update copyright for 2016
11 years ago
funcapi.h
Widen query numbers-of-tuples-processed counters to uint64.
10 years ago
getaddrinfo.h
Update copyright for 2016
11 years ago
getopt_long.h
Update copyright for 2016
11 years ago
miscadmin.h
Mark PostmasterPid as PGDLLIMPORT.
10 years ago
pg_config.h.in
Add BSD authentication method.
10 years ago
pg_config.h.win32
Stamp 9.6beta3.
10 years ago
pg_config_ext.h.in
…
pg_config_ext.h.win32
…
pg_config_manual.h
Add support for more extensive testing of raw_expression_tree_walker().
10 years ago
pg_getopt.h
Update copyright for 2016
11 years ago
pg_trace.h
Update copyright for 2016
11 years ago
pgstat.h
pgindent run for 9.6
10 years ago
pgtar.h
Update copyright for 2016
11 years ago
pgtime.h
Update copyright for 2016
11 years ago
port.h
On all Windows platforms, not just Cygwin, use _timezone and _tzname.
10 years ago
postgres.h
Adjust DatumGetBool macro, this time for sure.
10 years ago
postgres_ext.h
pgindent run for 9.4
12 years ago
postgres_fe.h
Update copyright for 2016
11 years ago
rusagestub.h
Update copyright for 2016
11 years ago
windowapi.h
Update copyright for 2016
11 years ago
Noah Misch
fcd15f1358