Commit f06b1c59 authored by Peter Eisentraut's avatar Peter Eisentraut

pg_upgrade: Check version of target cluster binaries

This expands the binary validation in pg_upgrade with a version
check per binary to ensure that the target cluster installation
only contains binaries from the target version.

In order to reduce duplication, validate_exec is exported from
port.h and the local copy in pg_upgrade is removed.

Author: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/flat/9328.1552952117@sss.pgh.pa.us
parent 8af3c233
...@@ -11,12 +11,13 @@ ...@@ -11,12 +11,13 @@
#include <fcntl.h> #include <fcntl.h>
#include "common/string.h"
#include "pg_upgrade.h" #include "pg_upgrade.h"
static void check_data_dir(ClusterInfo *cluster); static void check_data_dir(ClusterInfo *cluster);
static void check_bin_dir(ClusterInfo *cluster); static void check_bin_dir(ClusterInfo *cluster);
static void get_bin_version(ClusterInfo *cluster); static void get_bin_version(ClusterInfo *cluster);
static void validate_exec(const char *dir, const char *cmdName); static void check_exec(const char *dir, const char *program);
#ifdef WIN32 #ifdef WIN32
static int win32_check_directory_write_permissions(void); static int win32_check_directory_write_permissions(void);
...@@ -375,9 +376,9 @@ check_bin_dir(ClusterInfo *cluster) ...@@ -375,9 +376,9 @@ check_bin_dir(ClusterInfo *cluster)
report_status(PG_FATAL, "\"%s\" is not a directory\n", report_status(PG_FATAL, "\"%s\" is not a directory\n",
cluster->bindir); cluster->bindir);
validate_exec(cluster->bindir, "postgres"); check_exec(cluster->bindir, "postgres");
validate_exec(cluster->bindir, "pg_controldata"); check_exec(cluster->bindir, "pg_controldata");
validate_exec(cluster->bindir, "pg_ctl"); check_exec(cluster->bindir, "pg_ctl");
/* /*
* Fetch the binary version after checking for the existence of pg_ctl. * Fetch the binary version after checking for the existence of pg_ctl.
...@@ -388,9 +389,9 @@ check_bin_dir(ClusterInfo *cluster) ...@@ -388,9 +389,9 @@ check_bin_dir(ClusterInfo *cluster)
/* pg_resetxlog has been renamed to pg_resetwal in version 10 */ /* pg_resetxlog has been renamed to pg_resetwal in version 10 */
if (GET_MAJOR_VERSION(cluster->bin_version) <= 906) if (GET_MAJOR_VERSION(cluster->bin_version) <= 906)
validate_exec(cluster->bindir, "pg_resetxlog"); check_exec(cluster->bindir, "pg_resetxlog");
else else
validate_exec(cluster->bindir, "pg_resetwal"); check_exec(cluster->bindir, "pg_resetwal");
if (cluster == &new_cluster) if (cluster == &new_cluster)
{ {
...@@ -399,63 +400,46 @@ check_bin_dir(ClusterInfo *cluster) ...@@ -399,63 +400,46 @@ check_bin_dir(ClusterInfo *cluster)
* pg_dumpall are used to dump the old cluster, but must be of the * pg_dumpall are used to dump the old cluster, but must be of the
* target version. * target version.
*/ */
validate_exec(cluster->bindir, "initdb"); check_exec(cluster->bindir, "initdb");
validate_exec(cluster->bindir, "pg_dump"); check_exec(cluster->bindir, "pg_dump");
validate_exec(cluster->bindir, "pg_dumpall"); check_exec(cluster->bindir, "pg_dumpall");
validate_exec(cluster->bindir, "pg_restore"); check_exec(cluster->bindir, "pg_restore");
validate_exec(cluster->bindir, "psql"); check_exec(cluster->bindir, "psql");
validate_exec(cluster->bindir, "vacuumdb"); check_exec(cluster->bindir, "vacuumdb");
} }
} }
/*
* validate_exec()
*
* validate "path" as an executable file
*/
static void static void
validate_exec(const char *dir, const char *cmdName) check_exec(const char *dir, const char *program)
{ {
char path[MAXPGPATH]; char path[MAXPGPATH];
struct stat buf; char line[MAXPGPATH];
char cmd[MAXPGPATH];
char versionstr[128];
int ret;
snprintf(path, sizeof(path), "%s/%s", dir, cmdName); snprintf(path, sizeof(path), "%s/%s", dir, program);
#ifdef WIN32 ret = validate_exec(path);
/* Windows requires a .exe suffix for stat() */
if (strlen(path) <= strlen(EXE_EXT) ||
pg_strcasecmp(path + strlen(path) - strlen(EXE_EXT), EXE_EXT) != 0)
strlcat(path, EXE_EXT, sizeof(path));
#endif
/* if (ret == -1)
* Ensure that the file exists and is a regular file.
*/
if (stat(path, &buf) < 0)
pg_fatal("check for \"%s\" failed: %s\n",
path, strerror(errno));
else if (!S_ISREG(buf.st_mode))
pg_fatal("check for \"%s\" failed: not a regular file\n", pg_fatal("check for \"%s\" failed: not a regular file\n",
path); path);
else if (ret == -2)
/* pg_fatal("check for \"%s\" failed: cannot execute (permission denied)\n",
* Ensure that the file is both executable and readable (required for
* dynamic loading).
*/
#ifndef WIN32
if (access(path, R_OK) != 0)
#else
if ((buf.st_mode & S_IRUSR) == 0)
#endif
pg_fatal("check for \"%s\" failed: cannot read file (permission denied)\n",
path); path);
#ifndef WIN32 snprintf(cmd, sizeof(cmd), "\"%s\" -V", path);
if (access(path, X_OK) != 0)
#else if (!pipe_read_line(cmd, line, sizeof(line)))
if ((buf.st_mode & S_IXUSR) == 0) pg_fatal("check for \"%s\" failed: cannot execute\n",
#endif
pg_fatal("check for \"%s\" failed: cannot execute (permission denied)\n",
path); path);
pg_strip_crlf(line);
snprintf(versionstr, sizeof(versionstr), "%s (PostgreSQL) " PG_VERSION, program);
if (strcmp(line, versionstr) != 0)
pg_fatal("check for \"%s\" failed: incorrect version: found \"%s\", expected \"%s\"\n",
path, line, versionstr);
} }
...@@ -49,7 +49,6 @@ ...@@ -49,7 +49,6 @@
#define getcwd(cwd,len) GetCurrentDirectory(len, cwd) #define getcwd(cwd,len) GetCurrentDirectory(len, cwd)
#endif #endif
static int validate_exec(const char *path);
static int resolve_symlinks(char *path); static int resolve_symlinks(char *path);
#ifdef WIN32 #ifdef WIN32
...@@ -63,7 +62,7 @@ static BOOL GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser); ...@@ -63,7 +62,7 @@ static BOOL GetTokenUser(HANDLE hToken, PTOKEN_USER *ppTokenUser);
* -1 if the regular file "path" does not exist or cannot be executed. * -1 if the regular file "path" does not exist or cannot be executed.
* -2 if the file is otherwise valid but cannot be read. * -2 if the file is otherwise valid but cannot be read.
*/ */
static int int
validate_exec(const char *path) validate_exec(const char *path)
{ {
struct stat buf; struct stat buf;
......
...@@ -125,6 +125,7 @@ extern void pgfnames_cleanup(char **filenames); ...@@ -125,6 +125,7 @@ extern void pgfnames_cleanup(char **filenames);
extern void set_pglocale_pgservice(const char *argv0, const char *app); extern void set_pglocale_pgservice(const char *argv0, const char *app);
/* Portable way to find and execute binaries (in exec.c) */ /* Portable way to find and execute binaries (in exec.c) */
extern int validate_exec(const char *path);
extern int find_my_exec(const char *argv0, char *retpath); extern int find_my_exec(const char *argv0, char *retpath);
extern int find_other_exec(const char *argv0, const char *target, extern int find_other_exec(const char *argv0, const char *target,
const char *versionstr, char *retpath); const char *versionstr, char *retpath);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment