From c4b6d218e369b69c20ca40d4ccefc02350f38c24 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 9 Sep 2022 12:41:36 -0400 Subject: [PATCH] Reject bogus output from uuid_create(3). When using the BSD UUID functions, contrib/uuid-ossp expects uuid_create() to produce a version-1 UUID. FreeBSD still does so, but in recent NetBSD releases that function produces a version-4 (random) UUID instead. That's not acceptable for our purposes: if the user wanted v4 she would have asked for v4, not v1. Hence, check the version digit and complain if it's not '1'. Also drop the documentation's claim that the NetBSD implementation is usable. It might be, depending on which OS version you're using, but we're not going to get into that kind of detail. (Maybe someday we should ditch all these external libraries and just write our own UUID code, but today is not that day.) Nazir Bilal Yavuz, with cosmetic adjustments and docs by me. Backpatch to all supported versions. Discussion: https://postgr.es/m/3848059.1661038772@sss.pgh.pa.us Discussion: https://postgr.es/m/17358-89806e7420797025@postgresql.org --- contrib/uuid-ossp/uuid-ossp.c | 12 ++++++++++++ doc/src/sgml/installation.sgml | 2 +- doc/src/sgml/uuid-ossp.sgml | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c index b868812358d..1245af3abb3 100644 --- a/contrib/uuid-ossp/uuid-ossp.c +++ b/contrib/uuid-ossp/uuid-ossp.c @@ -284,6 +284,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len) { strlcpy(strbuf, str, 37); + /* + * In recent NetBSD, uuid_create() has started + * producing v4 instead of v1 UUIDs. Check the + * version field and complain if it's not v1. + */ + if (strbuf[14] != '1') + ereport(ERROR, + (errcode(ERRCODE_EXTERNAL_ROUTINE_EXCEPTION), + /* translator: %c will be a hex digit */ + errmsg("uuid_create() produced a version %c UUID instead of the expected version 1", + strbuf[14]))); + /* * PTR, if set, replaces the trailing characters of * the uuid; this is to support v1mc, where a random diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml index 9daa656a048..7c79608e551 100644 --- a/doc/src/sgml/installation.sgml +++ b/doc/src/sgml/installation.sgml @@ -1125,7 +1125,7 @@ build-postgresql: - to use the UUID functions found in FreeBSD, NetBSD, + to use the UUID functions found in FreeBSD and some other BSD-derived systems diff --git a/doc/src/sgml/uuid-ossp.sgml b/doc/src/sgml/uuid-ossp.sgml index 359d3c01289..26bfb908dae 100644 --- a/doc/src/sgml/uuid-ossp.sgml +++ b/doc/src/sgml/uuid-ossp.sgml @@ -214,7 +214,7 @@ SELECT uuid_generate_v3(uuid_ns_url(), 'http://www.postgresql.org'); at , it is not well maintained, and is becoming increasingly difficult to port to newer platforms. uuid-ossp can now be built without the OSSP - library on some platforms. On FreeBSD, NetBSD, and some other BSD-derived + library on some platforms. On FreeBSD and some other BSD-derived platforms, suitable UUID creation functions are included in the core libc library. On Linux, macOS, and some other platforms, suitable functions are provided in the libuuid