Commit Graph

32054 Commits

Author SHA1 Message Date
Tom Lane
299d171652 Install defenses against overflow in BuildTupleHashTable().
The planner can sometimes compute very large values for numGroups, and in
cases where we have no alternative to building a hashtable, such a value
will get fed directly to BuildTupleHashTable as its nbuckets parameter.
There were two ways in which that could go bad.  First, BuildTupleHashTable
declared the parameter as "int" but most callers were passing "long"s,
so on 64-bit machines undetected overflow could occur leading to a bogus
negative value.  The obvious fix for that is to change the parameter to
"long", which is what I've done in HEAD.  In the back branches that seems a
bit risky, though, since third-party code might be calling this function.
So for them, just put in a kluge to treat negative inputs as INT_MAX.
Second, hash_create can go nuts with extremely large requested table sizes
(notably, my_log2 becomes an infinite loop for inputs larger than
LONG_MAX/2).  What seems most appropriate to avoid that is to bound the
initial table size request to work_mem.

This fixes bug #6035 reported by Daniel Schreiber.  Although the reported
case only occurs back to 8.4 since it involves WITH RECURSIVE, I think
it's a good idea to install the defenses in all supported branches.
2011-05-23 12:52:46 -04:00
Andrew Dunstan
a9b6519606 Remove spurious underscore in name of isolation tester on MSVC. 2011-05-22 21:51:18 -04:00
Andrew Dunstan
b08ddf8c76 Use the right pgsql for isolation tests. 2011-05-22 17:58:26 -04:00
Peter Eisentraut
60497722ac Put lists in sensible order 2011-05-22 22:38:53 +03:00
Tom Lane
219dfae4e1 Make plpgsql provide the typmods for its variables to the main parser.
Historically we didn't do this, even though we had the information, because
plpgsql passed its Params via SPI APIs that only include type OIDs not
typmods.  Now that plpgsql uses parser callbacks to create Params, it's
easy to insert the right typmod.  This should generally result in lower
surprise factors, because a plpgsql variable that is declared with a typmod
will now work more like a table column with the same typmod.  In particular
it's the "right" way to fix bug #6020, in which plpgsql's attempt to return
an anonymous record type is defeated by stricter record-type matching
checks that were added in 9.0.  However, it's not impossible that this
could result in subtle behavioral changes that could break somebody's
existing plpgsql code, so I'm afraid to back-patch this change into
released branches.  In those branches we'll have to lobotomize the
record-type checks instead.
2011-05-22 15:15:07 -04:00
Peter Eisentraut
fae625e7b9 Message style improvements 2011-05-22 20:04:07 +03:00
Peter Eisentraut
7920d033d8 Put documentation of backslash commands back in alphabetical order 2011-05-22 15:13:17 +03:00
Peter Eisentraut
51ad1784cc Clarify the documentation of the --with-ossp-uuid option 2011-05-22 14:29:36 +03:00
Peter Eisentraut
8932e28100 Message improvement 2011-05-22 00:37:27 +03:00
Heikki Linnakangas
30e98a7e6e Pull up isReset flag from AllocSetContext to MemoryContext struct. This
avoids the overhead of one function call when calling MemoryContextReset(),
and it seems like the isReset optimization would be applicable to any new
memory context we might invent in the future anyway.

This buys back the overhead I just added in previous patch to always call
MemoryContextReset() in ExecScan, even when there's no quals or projections.
2011-05-21 14:47:19 -04:00
Heikki Linnakangas
0319da638f Reset per-tuple memory context between every row in a scan node, even when
there's no quals or projections. Currently this only matters for foreign
scans, as none of the other scan nodes litter the per-tuple memory context
when there's no quals or projections.
2011-05-21 14:30:11 -04:00
Heikki Linnakangas
27c7875d95 In binary-upgrade mode, dump dropped attributes of composite types.
Noah Misch
2011-05-21 08:24:34 -04:00
Peter Eisentraut
bcf63a51e3 Message style improvements 2011-05-21 00:50:35 +03:00
Peter Eisentraut
c8e0c32119 Rename pg_dump --no-security-label to --no-security-labels
Other similar options also use the plural form.
2011-05-19 23:20:11 +03:00
Peter Eisentraut
fcd4575905 Fix untranslatable assembly of libpq connection failure message
Even though this only affects the insertion of a parenthesized word,
it's unwise to assume that parentheses can pass through untranslated.
And in any case, the new version is clearer in the code and for
translators.
2011-05-19 22:56:53 +03:00
Peter Eisentraut
8d89549380 Update config.guess and config.sub 2011-05-19 22:14:56 +03:00
Peter Eisentraut
bb46d42859 Consistent spacing for lengthy error messages
Also, we removed the display of the current value of
max_connections/MaxBackends from some messages earlier, because it was
confusing, so do that in the remaining one as well.
2011-05-19 21:38:24 +03:00
Magnus Hagander
a937b07121 Add example for replication in pg_hba.conf
Selena Deckelmann
2011-05-19 14:03:15 -04:00
Robert Haas
74aaa2136d Fix race condition in CheckTargetForConflictsIn.
Dan Ports
2011-05-19 12:12:04 -04:00
Alvaro Herrera
6b449d9051 Fix declaration of $_TD in "strict" trigger functions
This was broken in commit ef19dc6d39 by
the Bunce/Hunsaker/Dunstan team, which moved the declaration from
plperl_create_sub to plperl_call_perl_trigger_func.  This doesn't
actually work because the validator code would not find the variable
declared; and even if you manage to get past the validator, it still
doesn't work because get_sv("_TD", GV_ADD) doesn't have the expected
effect.  The only reason this got beyond testing is that it only fails
in strict mode.

We need to declare it as a global just like %_SHARED; it is simpler than
trying to actually do what the patch initially intended, and is said to
have the same performance benefit.

As a more serious issue, fix $_TD not being properly local()ized,
meaning nested trigger functions would clobber $_TD.

Alex Hunsaker, per test report from Greg Mullane
2011-05-18 23:56:18 -04:00
Heikki Linnakangas
ea896da394 Replace strdup() with pstrdup(), to avoid leaking memory.
It's been like this since the seg module was introduced, so backpatch to
8.2 which is the oldest supported version.
2011-05-18 22:49:22 -04:00
Bruce Momjian
1f35944607 In pg_upgrade, clean up handling of invalid directory specification by
checking the stat() errno value more strictly.
2011-05-18 22:22:40 -04:00
Bruce Momjian
772a5f1e5b Improve pg_upgrade error reporting if the bin or data directories do not
exist or are not directories.
2011-05-18 18:37:25 -04:00
Peter Eisentraut
4a6a5c86db Remove obsolete comment 2011-05-19 01:19:57 +03:00
Peter Eisentraut
c13dc6402b Spell checking and markup refinement 2011-05-19 01:14:45 +03:00
Peter Eisentraut
0ee391b77a /contrib/foo -> contrib/foo
Since contrib is a relative directory specification, a leading slash
is inappropriate.
2011-05-19 00:30:31 +03:00
Bruce Momjian
92ff915018 Improve pg_upgrade X_OK comment. 2011-05-18 12:25:34 -04:00
Bruce Momjian
6fbf4e0e7c Fix pg_upgrade build problem on Windows when using X_OK access
permission check on the current directory.
2011-05-18 12:13:37 -04:00
Tom Lane
b3bc63efbc Fix pg_dump's handling of extension-member casts and languages.
pg_dump has some heuristic rules for whether to dump casts and procedural
languages, since it's not all that easy to distinguish built-in ones from
user-defined ones.  However, we should not apply those rules to objects
that belong to an extension, but just use the perfectly well-defined rules
for what to do with extension member objects.  Otherwise we might
mistakenly lose extension member objects during a binary upgrade (which is
the only time that we'd want to dump extension members).
2011-05-16 16:41:52 -04:00
Bruce Momjian
e728701fb4 Update pg_upgrade directory check error message. 2011-05-16 12:32:36 -04:00
Bruce Momjian
8a849cdee4 Remove redundant privilege doc sentences. 2011-05-16 11:22:25 -04:00
Bruce Momjian
bda27e502f Add pg_upgrade check to make sure the user has full access permission in
the current directory;  if not, throw an error.
2011-05-16 11:01:29 -04:00
Bruce Momjian
6c19bd96bc Allow pg_upgrade to honor libpq environment variables. Add 'local'
checks for PGHOST and PGHOSTADDR.
2011-05-16 10:48:40 -04:00
Andrew Dunstan
78b66cff72 Quote isolationtester command name so Windows will not think dot is the command. 2011-05-15 23:42:12 -04:00
Andrew Dunstan
df15d11cb5 Add required psqldir setting for isolation checks. 2011-05-15 23:12:36 -04:00
Andrew Dunstan
ec645ef346 Fix bad macro call noticed by MSVC compiler. 2011-05-15 18:45:26 -04:00
Andrew Dunstan
20bacc9560 Add missing check function lookup. 2011-05-15 18:03:19 -04:00
Andrew Dunstan
840826e36c Build and run isolation test programs under MSVC. 2011-05-15 17:55:05 -04:00
Robert Haas
9bb6d97952 More cleanup of FOREIGN TABLE permissions handling.
This commit fixes psql, pg_dump, and the information schema to be
consistent with the backend changes which I made as part of commit
be90032e0d, and also includes a
related documentation tweak.

Shigeru Hanada, with slight adjustment.
2011-05-13 15:51:03 -04:00
Robert Haas
c5ab8425be Kill stray "not". 2011-05-12 17:10:30 -04:00
Tom Lane
8d0df2048f Fix write-past-buffer-end in ldapServiceLookup().
The code to assemble ldap_get_values_len's output into a single string
wrote the terminating null one byte past where it should.  Fix that,
and make some other cosmetic adjustments to make the code a trifle more
readable and more in line with usual Postgres coding style.

Also, free the "result" string when done with it, to avoid a permanent
memory leak.

Bug report and patch by Albe Laurenz, cosmetic adjustments by me.
2011-05-12 11:56:38 -04:00
Alvaro Herrera
c6eb5740b3 Fix assorted typos 2011-05-12 08:52:56 -04:00
Tom Lane
e05b866447 Split PGC_S_DEFAULT into two values, for true boot_val vs computed default.
Failure to distinguish these cases is the real cause behind the recent
reports of Windows builds crashing on 'infinity'::timestamp, which was
directly due to failure to establish a value of timezone_abbreviations
in postmaster child processes.  The postmaster had the desired value,
but write_one_nondefault_variable() didn't transmit it to backends.

To fix that, invent a new value PGC_S_DYNAMIC_DEFAULT, and be sure to use
that or PGC_S_ENV_VAR (as appropriate) for "default" settings that are
computed during initialization.  (We need both because there's at least
one variable that could receive a value from either source.)

This commit also fixes ProcessConfigFile's failure to restore the correct
default value for certain GUC variables if they are set in postgresql.conf
and then removed/commented out of the file.  We have to recompute and
reinstall the value for any GUC variable that could have received a value
from PGC_S_DYNAMIC_DEFAULT or PGC_S_ENV_VAR sources, and there were a
number of oversights.  (That whole thing is a crock that needs to be
redesigned, but not today.)

However, I intentionally didn't make it work "exactly right" for the cases
of timezone and log_timezone.  The exactly right behavior would involve
running select_default_timezone, which we'd have to do independently in
each postgres process, causing the whole database to become entirely
unresponsive for as much as several seconds.  That didn't seem like a good
idea, especially since the variable's removal from postgresql.conf might be
just an accidental edit.  Instead the behavior is to adopt the previously
active setting as if it were default.

Note that this patch creates an ABI break for extensions that use any of
the PGC_S_XXX constants; they'll need to be recompiled.
2011-05-11 19:57:38 -04:00
Tom Lane
6fc6686b48 Clean up parsing of CREATE TRIGGER's argument list.
Use ColLabel in place of ColId, so that reserved words are accepted as if
they were not reserved.  Also, remove BCONST and XCONST, which were never
documented as allowed.  Allowing those exposes to users an implementation
detail, namely the format in which the lexer outputs such constants, that
seems unwise to expose.

No documentation change needed, since this just makes the code act more
like you'd expect from reading the CREATE TRIGGER man page.

Per complaint from Szymon Guz and subsequent discussion.
2011-05-11 14:43:01 -04:00
Heikki Linnakangas
a0c8514149 Shut down WAL receiver if it's still running at end of recovery. We used to
just check that it's not running and PANIC if it was, but that can rightfully
happen if recovery stops at recovery target.
2011-05-11 12:46:08 +03:00
Tom Lane
ea964a451e Be more explicit about the meaning of the change in standard_conforming_strings. 2011-05-10 23:44:33 -04:00
Bruce Momjian
64cc297dc9 Mention "backslash" escape processing change in 9.1 release notes. 2011-05-10 20:57:19 -04:00
Tom Lane
2e82d0b396 Prevent datebsearch() from crashing on base == NULL && nel == 0.
Normally nel == 0 works okay because the initial value of "last" will be
less than "base"; but if "base" is zero then the calculation wraps around
and we have a very large (unsigned) value for "last", so that the loop can
be entered and we get a SIGSEGV on a bogus pointer.

This is certainly the proximate cause of the recent reports of Windows
builds crashing on 'infinity'::timestamp --- evidently, they're either not
setting an active timezonetktbl, or setting an empty one.  It's not yet
clear to me why it's only happening on Windows and not happening on any
buildfarm member.  But even if that's due to some bug elsewhere, it seems
wise for this function to not choke on the powerup values of
timezonetktbl/sztimezonetktbl.

I also changed the copy of this code in ecpglib, although I am not sure
whether it's exposed to a similar hazard.

Per report and stack trace from Richard Broersma.
2011-05-10 20:37:26 -04:00
Bruce Momjian
7ff7711919 For create/dropdb, only connect once to the server since we now have a
shared description table for pg_database comments.

Also update comments about database name selection.
2011-05-10 19:44:47 -04:00
Peter Eisentraut
87631ac98d Add some punctuation 2011-05-10 22:37:50 +03:00