pgsql: Properly handle Win32 paths of 'E:abc', which can be either abso

Properly handle Win32 paths of 'E:abc', which can be either absolute or
relative, by creating a function path_is_relative_and_below_cwd() to
check for specific requirements. It is unclear if this fixes a security
problem or not but the new code is more robust.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/0de0cc150af46122238f2fe03605bf14e1a7c276

Modified Files
--------------
contrib/adminpack/adminpack.c | 40 ++++++++++++++++++--------------------
src/backend/utils/adt/genfile.c | 39 ++++++++++++++++++-------------------
src/include/port.h | 9 +------
src/port/path.c | 33 ++++++++++++++++++++++++++++++++
4 files changed, 73 insertions(+), 48 deletions(-)

Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Properly handle Win32 paths of 'E:abc', which can be either absolute or
> relative, by creating a function path_is_relative_and_below_cwd() to
> check for specific requirements. It is unclear if this fixes a security
> problem or not but the new code is more robust.

Surely this test is backwards?

+bool
+path_is_relative_and_below_cwd(const char *path)
+{
+ if (!is_absolute_path(path))
+ return false;

regards, tom lane

Tom Lane wrote:
> Bruce Momjian <bruce(at)momjian(dot)us> writes:
> > Properly handle Win32 paths of 'E:abc', which can be either absolute or
> > relative, by creating a function path_is_relative_and_below_cwd() to
> > check for specific requirements. It is unclear if this fixes a security
> > problem or not but the new code is more robust.
>
> Surely this test is backwards?
>
> +bool
> +path_is_relative_and_below_cwd(const char *path)
> +{
> + if (!is_absolute_path(path))
> + return false;

Yes, sorry, corrected.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ It's impossible for everything to be true. +