]> git.ipfire.org Git - thirdparty/postgresql.git/commitdiff
Reject bogus output from uuid_create(3).
authorTom Lane <tgl@sss.pgh.pa.us>
Fri, 9 Sep 2022 16:41:36 +0000 (12:41 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Fri, 9 Sep 2022 16:41:36 +0000 (12:41 -0400)
When using the BSD UUID functions, contrib/uuid-ossp expects
uuid_create() to produce a version-1 UUID.  FreeBSD still does so,
but in recent NetBSD releases that function produces a version-4
(random) UUID instead.  That's not acceptable for our purposes:
if the user wanted v4 she would have asked for v4, not v1.
Hence, check the version digit and complain if it's not '1'.

Also drop the documentation's claim that the NetBSD implementation
is usable.  It might be, depending on which OS version you're using,
but we're not going to get into that kind of detail.

(Maybe someday we should ditch all these external libraries
and just write our own UUID code, but today is not that day.)

Nazir Bilal Yavuz, with cosmetic adjustments and docs by me.
Backpatch to all supported versions.

Discussion: https://postgr.es/m/3848059.1661038772@sss.pgh.pa.us
Discussion: https://postgr.es/m/17358-89806e7420797025@postgresql.org

contrib/uuid-ossp/uuid-ossp.c
doc/src/sgml/installation.sgml
doc/src/sgml/uuid-ossp.sgml

index f5ae915f2438224194983f1703656fe88e707a63..ff0aede859d53222412dbad747892ce322719218 100644 (file)
@@ -292,6 +292,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len)
                                        {
                                                strlcpy(strbuf, str, 37);
 
+                                               /*
+                                                * In recent NetBSD, uuid_create() has started
+                                                * producing v4 instead of v1 UUIDs.  Check the
+                                                * version field and complain if it's not v1.
+                                                */
+                                               if (strbuf[14] != '1')
+                                                       ereport(ERROR,
+                                                                       (errcode(ERRCODE_EXTERNAL_ROUTINE_EXCEPTION),
+                                                       /* translator: %c will be a hex digit */
+                                                                        errmsg("uuid_create() produced a version %c UUID instead of the expected version 1",
+                                                                                       strbuf[14])));
+
                                                /*
                                                 * PTR, if set, replaces the trailing characters of
                                                 * the uuid; this is to support v1mc, where a random
index 809db168cfa74378e3afdabfcc386c1455490156..f723533619ad3767cefc253b3e6a60175ac2e0ac 100644 (file)
@@ -952,7 +952,7 @@ su - postgres
         <itemizedlist>
          <listitem>
           <para>
-           <option>bsd</option> to use the UUID functions found in FreeBSD, NetBSD,
+           <option>bsd</option> to use the UUID functions found in FreeBSD
            and some other BSD-derived systems
           </para>
          </listitem>
index b3b816c372572d4881a3b726b68aecf51d4517a5..41d35e8d360f010ec6953292d5fa612ee88ff181 100644 (file)
@@ -167,7 +167,7 @@ SELECT uuid_generate_v3(uuid_ns_url(), 'http://www.postgresql.org');
    at <ulink url="http://www.ossp.org/pkg/lib/uuid/"></ulink>, it is not well
    maintained, and is becoming increasingly difficult to port to newer
    platforms.  <filename>uuid-ossp</filename> can now be built without the OSSP
-   library on some platforms.  On FreeBSD, NetBSD, and some other BSD-derived
+   library on some platforms.  On FreeBSD and some other BSD-derived
    platforms, suitable UUID creation functions are included in the
    core <filename>libc</filename> library.  On Linux, macOS, and some other
    platforms, suitable functions are provided in the <filename>libuuid</filename>