projects / users / simon / postgres.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 901d0be)
Check that connection limit is within valid range. IOW, not < -1.
authorHeikki Linnakangas <heikki@enterprisedb.com>
Fri, 30 Jan 2009 17:24:47 +0000 (17:24 +0000)
committerHeikki Linnakangas <heikki@enterprisedb.com>
Fri, 30 Jan 2009 17:24:47 +0000 (17:24 +0000)
It's missing in older versions too, but it doesn't seem worth
back-porting. All negative are just harmlessly treated as "no limit", and
tightening the check might even brake an application that relies on it.

src/backend/commands/dbcommands.c patch | blob | blame | history
src/backend/commands/user.c patch | blob | blame | history

diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index 7e065762a84856679e5e39609950ebed18251b44..d08e3d0853999fadbc24def415f4aea8b3dcf607 100644 (file)
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -244,7 +244,13 @@ createdb(const CreatedbStmt *stmt)
                dbctype = strVal(dctype->arg);
 
        if (dconnlimit && dconnlimit->arg)
+       {
                dbconnlimit = intVal(dconnlimit->arg);
+               if (dbconnlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", dbconnlimit)));
+       }
 
        /* obtain OID of proposed owner */
        if (dbowner)
@@ -1319,7 +1325,13 @@ AlterDatabase(AlterDatabaseStmt *stmt, bool isTopLevel)
        }
 
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
 
        /*
         * Get the old tuple.  We don't need a lock on the database per se,
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c
index 783de0246a3b76f2badb7fe778a8fb4cc685fddd..065fce7421ac9d763d3d99307e153fbadc6c5e81 100644 (file)
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@@ -242,7 +242,13 @@ CreateRole(CreateRoleStmt *stmt)
        if (dcanlogin)
                canlogin = intVal(dcanlogin->arg) != 0;
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
        if (daddroleto)
                addroleto = (List *) daddroleto->arg;
        if (drolemembers)
@@ -533,7 +539,13 @@ AlterRole(AlterRoleStmt *stmt)
        if (dcanlogin)
                canlogin = intVal(dcanlogin->arg);
        if (dconnlimit)
+       {
                connlimit = intVal(dconnlimit->arg);
+               if (connlimit < -1)
+                       ereport(ERROR,
+                                       (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+                                        errmsg("invalid connection limit: %d", connlimit)));
+       }
        if (drolemembers)
                rolemembers = (List *) drolemembers->arg;
        if (dvalidUntil)
Simon's dev repository