Skip to content

Commit b620fda

Browse files
robertmhaasrobertmhaas
committed
sepgql: Use getObjectIdentity rather than getObjectDescription.
KaiGai Kohei, based on a suggestion from Álvaro Herrera
1 parent be55f3b commit b620fda

File tree

7 files changed

+351
-330
lines changed

7 files changed

+351
-330
lines changed

contrib/sepgsql/database.c

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
#include "catalog/indexing.h"
2020
#include "commands/dbcommands.h"
2121
#include "commands/seclabel.h"
22+
#include "utils/builtins.h"
2223
#include "utils/fmgroids.h"
2324
#include "utils/tqual.h"
2425
#include "sepgsql.h"
@@ -38,9 +39,9 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
3839
HeapTuple tuple;
3940
char *tcontext;
4041
char *ncontext;
41-
char audit_name[NAMEDATALEN + 20];
4242
ObjectAddress object;
4343
Form_pg_database datForm;
44+
StringInfoData audit_name;
4445

4546
/*
4647
* Oid of the source database is not saved in pg_database catalog, so we
@@ -61,11 +62,12 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
6162
/*
6263
* check db_database:{getattr} permission
6364
*/
64-
snprintf(audit_name, sizeof(audit_name), "database %s", dtemplate);
65+
initStringInfo(&audit_name);
66+
appendStringInfo(&audit_name, "%s", quote_identifier(dtemplate));
6567
sepgsql_avc_check_perms_label(tcontext,
6668
SEPG_CLASS_DB_DATABASE,
6769
SEPG_DB_DATABASE__GETATTR,
68-
audit_name,
70+
audit_name.data,
6971
true);
7072

7173
/*
@@ -98,12 +100,13 @@ sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
98100
/*
99101
* check db_database:{create} permission
100102
*/
101-
snprintf(audit_name, sizeof(audit_name),
102-
"database %s", NameStr(datForm->datname));
103+
resetStringInfo(&audit_name);
104+
appendStringInfo(&audit_name, "%s",
105+
quote_identifier(NameStr(datForm->datname)));
103106
sepgsql_avc_check_perms_label(ncontext,
104107
SEPG_CLASS_DB_DATABASE,
105108
SEPG_DB_DATABASE__CREATE,
106-
audit_name,
109+
audit_name.data,
107110
true);
108111

109112
systable_endscan(sscan);
@@ -139,7 +142,7 @@ sepgsql_database_drop(Oid databaseId)
139142
object.classId = DatabaseRelationId;
140143
object.objectId = databaseId;
141144
object.objectSubId = 0;
142-
audit_name = getObjectDescription(&object);
145+
audit_name = getObjectIdentity(&object);
143146

144147
sepgsql_avc_check_perms(&object,
145148
SEPG_CLASS_DB_DATABASE,
@@ -166,7 +169,7 @@ sepgsql_database_setattr(Oid databaseId)
166169
object.classId = DatabaseRelationId;
167170
object.objectId = databaseId;
168171
object.objectSubId = 0;
169-
audit_name = getObjectDescription(&object);
172+
audit_name = getObjectIdentity(&object);
170173

171174
sepgsql_avc_check_perms(&object,
172175
SEPG_CLASS_DB_DATABASE,
@@ -190,7 +193,7 @@ sepgsql_database_relabel(Oid databaseId, const char *seclabel)
190193
object.classId = DatabaseRelationId;
191194
object.objectId = databaseId;
192195
object.objectSubId = 0;
193-
audit_name = getObjectDescription(&object);
196+
audit_name = getObjectIdentity(&object);
194197

195198
/*
196199
* check db_database:{setattr relabelfrom} permission

contrib/sepgsql/dml.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ check_relation_privileges(Oid relOid,
187187
object.classId = RelationRelationId;
188188
object.objectId = relOid;
189189
object.objectSubId = 0;
190-
audit_name = getObjectDescription(&object);
190+
audit_name = getObjectIdentity(&object);
191191
switch (relkind)
192192
{
193193
case RELKIND_RELATION:

contrib/sepgsql/expected/alter.out

Lines changed: 84 additions & 84 deletions
Large diffs are not rendered by default.

contrib/sepgsql/expected/ddl.out

Lines changed: 195 additions & 195 deletions
Large diffs are not rendered by default.

contrib/sepgsql/proc.c

Lines changed: 15 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
#include "catalog/indexing.h"
1919
#include "catalog/pg_namespace.h"
2020
#include "catalog/pg_proc.h"
21+
#include "catalog/pg_type.h"
2122
#include "commands/seclabel.h"
2223
#include "lib/stringinfo.h"
2324
#include "utils/builtins.h"
@@ -41,6 +42,7 @@ sepgsql_proc_post_create(Oid functionId)
4142
ScanKeyData skey;
4243
SysScanDesc sscan;
4344
HeapTuple tuple;
45+
char *nsp_name;
4446
char *scontext;
4547
char *tcontext;
4648
char *ncontext;
@@ -79,7 +81,7 @@ sepgsql_proc_post_create(Oid functionId)
7981
sepgsql_avc_check_perms(&object,
8082
SEPG_CLASS_DB_SCHEMA,
8183
SEPG_DB_SCHEMA__ADD_NAME,
82-
getObjectDescription(&object),
84+
getObjectIdentity(&object),
8385
true);
8486

8587
/*
@@ -102,14 +104,18 @@ sepgsql_proc_post_create(Oid functionId)
102104
* check db_procedure:{create (install)} permission
103105
*/
104106
initStringInfo(&audit_name);
105-
appendStringInfo(&audit_name, "function %s(", NameStr(proForm->proname));
107+
nsp_name = get_namespace_name(proForm->pronamespace);
108+
appendStringInfo(&audit_name, "%s(",
109+
quote_qualified_identifier(nsp_name, NameStr(proForm->proname)));
106110
for (i = 0; i < proForm->pronargs; i++)
107111
{
108-
Oid typeoid = proForm->proargtypes.values[i];
109-
110112
if (i > 0)
111113
appendStringInfoChar(&audit_name, ',');
112-
appendStringInfoString(&audit_name, format_type_be(typeoid));
114+
115+
object.classId = TypeRelationId;
116+
object.objectId = proForm->proargtypes.values[i];
117+
object.objectSubId = 0;
118+
appendStringInfoString(&audit_name, getObjectIdentity(&object));
113119
}
114120
appendStringInfoChar(&audit_name, ')');
115121

@@ -159,7 +165,7 @@ sepgsql_proc_drop(Oid functionId)
159165
object.classId = NamespaceRelationId;
160166
object.objectId = get_func_namespace(functionId);
161167
object.objectSubId = 0;
162-
audit_name = getObjectDescription(&object);
168+
audit_name = getObjectIdentity(&object);
163169

164170
sepgsql_avc_check_perms(&object,
165171
SEPG_CLASS_DB_SCHEMA,
@@ -174,7 +180,7 @@ sepgsql_proc_drop(Oid functionId)
174180
object.classId = ProcedureRelationId;
175181
object.objectId = functionId;
176182
object.objectSubId = 0;
177-
audit_name = getObjectDescription(&object);
183+
audit_name = getObjectIdentity(&object);
178184

179185
sepgsql_avc_check_perms(&object,
180186
SEPG_CLASS_DB_PROCEDURE,
@@ -199,7 +205,7 @@ sepgsql_proc_relabel(Oid functionId, const char *seclabel)
199205
object.classId = ProcedureRelationId;
200206
object.objectId = functionId;
201207
object.objectSubId = 0;
202-
audit_name = getObjectDescription(&object);
208+
audit_name = getObjectIdentity(&object);
203209

204210
/*
205211
* check db_procedure:{setattr relabelfrom} permission
@@ -287,7 +293,7 @@ sepgsql_proc_setattr(Oid functionId)
287293
object.classId = ProcedureRelationId;
288294
object.objectId = functionId;
289295
object.objectSubId = 0;
290-
audit_name = getObjectDescription(&object);
296+
audit_name = getObjectIdentity(&object);
291297

292298
sepgsql_avc_check_perms(&object,
293299
SEPG_CLASS_DB_PROCEDURE,

contrib/sepgsql/relation.c

Lines changed: 35 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@
2020
#include "catalog/pg_class.h"
2121
#include "catalog/pg_namespace.h"
2222
#include "commands/seclabel.h"
23+
#include "lib/stringinfo.h"
24+
#include "utils/builtins.h"
2325
#include "utils/fmgroids.h"
2426
#include "utils/catcache.h"
2527
#include "utils/lsyscache.h"
@@ -49,9 +51,9 @@ sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
4951
char *scontext;
5052
char *tcontext;
5153
char *ncontext;
52-
char audit_name[2 * NAMEDATALEN + 20];
5354
ObjectAddress object;
5455
Form_pg_attribute attForm;
56+
StringInfoData audit_name;
5557

5658
/*
5759
* Only attributes within regular relation have individual security
@@ -94,12 +96,18 @@ sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
9496
/*
9597
* check db_column:{create} permission
9698
*/
97-
snprintf(audit_name, sizeof(audit_name), "table %s column %s",
98-
get_rel_name(relOid), NameStr(attForm->attname));
99+
object.classId = RelationRelationId;
100+
object.objectId = relOid;
101+
object.objectSubId = 0;
102+
103+
initStringInfo(&audit_name);
104+
appendStringInfo(&audit_name, "%s.%s",
105+
getObjectIdentity(&object),
106+
quote_identifier(NameStr(attForm->attname)));
99107
sepgsql_avc_check_perms_label(ncontext,
100108
SEPG_CLASS_DB_COLUMN,
101109
SEPG_DB_COLUMN__CREATE,
102-
audit_name,
110+
audit_name.data,
103111
true);
104112

105113
/*
@@ -137,7 +145,7 @@ sepgsql_attribute_drop(Oid relOid, AttrNumber attnum)
137145
object.classId = RelationRelationId;
138146
object.objectId = relOid;
139147
object.objectSubId = attnum;
140-
audit_name = getObjectDescription(&object);
148+
audit_name = getObjectIdentity(&object);
141149

142150
sepgsql_avc_check_perms(&object,
143151
SEPG_CLASS_DB_COLUMN,
@@ -168,7 +176,7 @@ sepgsql_attribute_relabel(Oid relOid, AttrNumber attnum,
168176
object.classId = RelationRelationId;
169177
object.objectId = relOid;
170178
object.objectSubId = attnum;
171-
audit_name = getObjectDescription(&object);
179+
audit_name = getObjectIdentity(&object);
172180

173181
/*
174182
* check db_column:{setattr relabelfrom} permission
@@ -211,7 +219,7 @@ sepgsql_attribute_setattr(Oid relOid, AttrNumber attnum)
211219
object.classId = RelationRelationId;
212220
object.objectId = relOid;
213221
object.objectSubId = attnum;
214-
audit_name = getObjectDescription(&object);
222+
audit_name = getObjectIdentity(&object);
215223

216224
sepgsql_avc_check_perms(&object,
217225
SEPG_CLASS_DB_COLUMN,
@@ -236,12 +244,12 @@ sepgsql_relation_post_create(Oid relOid)
236244
Form_pg_class classForm;
237245
ObjectAddress object;
238246
uint16 tclass;
239-
const char *tclass_text;
240247
char *scontext; /* subject */
241248
char *tcontext; /* schema */
242249
char *rcontext; /* relation */
243250
char *ccontext; /* column */
244-
char audit_name[2 * NAMEDATALEN + 20];
251+
char *nsp_name;
252+
StringInfoData audit_name;
245253

246254
/*
247255
* Fetch catalog record of the new relation. Because pg_class entry is not
@@ -277,22 +285,19 @@ sepgsql_relation_post_create(Oid relOid)
277285
sepgsql_avc_check_perms(&object,
278286
SEPG_CLASS_DB_SCHEMA,
279287
SEPG_DB_SCHEMA__ADD_NAME,
280-
getObjectDescription(&object),
288+
getObjectIdentity(&object),
281289
true);
282290

283291
switch (classForm->relkind)
284292
{
285293
case RELKIND_RELATION:
286294
tclass = SEPG_CLASS_DB_TABLE;
287-
tclass_text = "table";
288295
break;
289296
case RELKIND_SEQUENCE:
290297
tclass = SEPG_CLASS_DB_SEQUENCE;
291-
tclass_text = "sequence";
292298
break;
293299
case RELKIND_VIEW:
294300
tclass = SEPG_CLASS_DB_VIEW;
295-
tclass_text = "view";
296301
break;
297302
case RELKIND_INDEX:
298303
/* deal with indexes specially; no need for tclass */
@@ -316,12 +321,15 @@ sepgsql_relation_post_create(Oid relOid)
316321
/*
317322
* check db_xxx:{create} permission
318323
*/
319-
snprintf(audit_name, sizeof(audit_name), "%s %s",
320-
tclass_text, NameStr(classForm->relname));
324+
nsp_name = get_namespace_name(classForm->relnamespace);
325+
initStringInfo(&audit_name);
326+
appendStringInfo(&audit_name, "%s.%s",
327+
quote_identifier(nsp_name),
328+
quote_identifier(NameStr(classForm->relname)));
321329
sepgsql_avc_check_perms_label(rcontext,
322330
tclass,
323331
SEPG_DB_DATABASE__CREATE,
324-
audit_name,
332+
audit_name.data,
325333
true);
326334

327335
/*
@@ -358,10 +366,11 @@ sepgsql_relation_post_create(Oid relOid)
358366
{
359367
attForm = (Form_pg_attribute) GETSTRUCT(atup);
360368

361-
snprintf(audit_name, sizeof(audit_name), "%s %s column %s",
362-
tclass_text,
363-
NameStr(classForm->relname),
364-
NameStr(attForm->attname));
369+
resetStringInfo(&audit_name);
370+
appendStringInfo(&audit_name, "%s.%s.%s",
371+
quote_identifier(nsp_name),
372+
quote_identifier(NameStr(classForm->relname)),
373+
quote_identifier(NameStr(attForm->attname)));
365374

366375
ccontext = sepgsql_compute_create(scontext,
367376
rcontext,
@@ -374,7 +383,7 @@ sepgsql_relation_post_create(Oid relOid)
374383
sepgsql_avc_check_perms_label(ccontext,
375384
SEPG_CLASS_DB_COLUMN,
376385
SEPG_DB_COLUMN__CREATE,
377-
audit_name,
386+
audit_name.data,
378387
true);
379388

380389
object.classId = RelationRelationId;
@@ -436,7 +445,7 @@ sepgsql_relation_drop(Oid relOid)
436445
object.classId = NamespaceRelationId;
437446
object.objectId = get_rel_namespace(relOid);
438447
object.objectSubId = 0;
439-
audit_name = getObjectDescription(&object);
448+
audit_name = getObjectIdentity(&object);
440449

441450
sepgsql_avc_check_perms(&object,
442451
SEPG_CLASS_DB_SCHEMA,
@@ -458,7 +467,7 @@ sepgsql_relation_drop(Oid relOid)
458467
object.classId = RelationRelationId;
459468
object.objectId = relOid;
460469
object.objectSubId = 0;
461-
audit_name = getObjectDescription(&object);
470+
audit_name = getObjectIdentity(&object);
462471

463472
sepgsql_avc_check_perms(&object,
464473
tclass,
@@ -489,7 +498,7 @@ sepgsql_relation_drop(Oid relOid)
489498
object.classId = RelationRelationId;
490499
object.objectId = relOid;
491500
object.objectSubId = attForm->attnum;
492-
audit_name = getObjectDescription(&object);
501+
audit_name = getObjectIdentity(&object);
493502

494503
sepgsql_avc_check_perms(&object,
495504
SEPG_CLASS_DB_COLUMN,
@@ -531,7 +540,7 @@ sepgsql_relation_relabel(Oid relOid, const char *seclabel)
531540
object.classId = RelationRelationId;
532541
object.objectId = relOid;
533542
object.objectSubId = 0;
534-
audit_name = getObjectDescription(&object);
543+
audit_name = getObjectIdentity(&object);
535544

536545
/*
537546
* check db_xxx:{setattr relabelfrom} permission
@@ -641,7 +650,7 @@ sepgsql_relation_setattr(Oid relOid)
641650
object.classId = RelationRelationId;
642651
object.objectId = relOid;
643652
object.objectSubId = 0;
644-
audit_name = getObjectDescription(&object);
653+
audit_name = getObjectIdentity(&object);
645654

646655
sepgsql_avc_check_perms(&object,
647656
tclass,

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy