Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

neon extension: add neon_pgdump_schema function #7492

Closed
wants to merge 1 commit into from
Closed

neon extension: add neon_pgdump_schema function #7492

wants to merge 1 commit into from

Conversation

prepor
Copy link
Contributor

@prepor prepor commented Apr 24, 2024

Adds neon_pgdump_schema function

It can be used to execute pg_dump utility in the containerized environment of compute

@prepor
neon extension: add neon_pgdump_schema function
87c53cd 
it can be used to execute pg_dump utility in the containerized environment of compute
@prepor prepor requested review from a team as code owners April 24, 2024 08:41
@prepor prepor requested review from knizhnik and jcsp April 24, 2024 08:41
arnica-github-connector[bot]
arnica-github-connector bot reviewed Apr 24, 2024
View reviewed changes
pgxn/neon/neon_pgdump.c
errmsg("Failed to build command")));
}

pipe = popen(command, "r");
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Static Code Analysis Risk: CWE 78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - Command injection

Command injection vulnerability in C/C++ allows attackers to execute arbitrary OS commands by manipulating externally-influenced input due to improper sanitization. Avoid using external input in OS commands. If unavoidable, strictly validate and sanitize the input against a predefined whitelist before execution.

Severity: High 🚨
Status: Open 🔴

References:

  1. https://cwe.mitre.org/data/definitions/676
  2. https://cwe.mitre.org/data/definitions/78
  3. https://cwe.mitre.org/data/definitions/88
  4. https://www.sei.cmu.edu/downloads/sei-cert-c-coding-standard-2016-v01.pdf

You received this notification because a new code risk has been identified

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@prepor this code snippet looks vulnerable to OS injection, did you have a chance to look at this alert?

@hlinnaka
Copy link
Contributor

I'd suggest putting this in compute_ctl instead. The Rust code and compute_ctl HTTP API seems nicer to work with.

hlinnaka
hlinnaka reviewed Apr 24, 2024
View reviewed changes
pgxn/neon/neon_pgdump.c
Comment on lines +58 to +60
text *ret = cstring_to_text(buf.data);
pfree(buf.data);
PG_RETURN_TEXT_P(ret);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a 1 GB limit on the size of one datum in Postgres, so this will fail if the output was larger than 1 GB. That'd a large schema, but not impossible.

hlinnaka
hlinnaka reviewed Apr 24, 2024
View reviewed changes
pgxn/neon/neon_pgdump.c

const char *port = GetConfigOptionByName("port", NULL, false);

int command_res = snprintf(command, sizeof(command), "pg_dump --schema-only -h %s -p %s -U %s -d %s", COMPUTEHOST, port, COMPUTEROLE, dbname);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'dbname' needs escaping / quoting

@github-actions GitHub Actions
Copy link

2766 tests run: 2627 passed, 18 failed, 121 skipped (full report)

Failures on Postgres 16

Failures on Postgres 15

Failures on Postgres 14

# Run all failed tests locally:
scripts/pytest -vv -n $(nproc) -k "test_neon_extension_auto_upgrade[release-pg14] or test_neon_extension_auto_upgrade[debug-pg14] or test_neon_extension[release-pg14] or test_neon_extension[debug-pg14] or test_neon_extension_compatibility[release-pg14] or test_neon_extension_compatibility[debug-pg14] or test_neon_extension[release-pg15] or test_neon_extension[debug-pg15] or test_neon_extension_auto_upgrade[release-pg15] or test_neon_extension_auto_upgrade[debug-pg15] or test_neon_extension_compatibility[release-pg15] or test_neon_extension_compatibility[debug-pg15] or test_neon_extension_compatibility[release-pg16] or test_neon_extension_compatibility[debug-pg16] or test_neon_extension[release-pg16] or test_neon_extension[debug-pg16] or test_neon_extension_auto_upgrade[release-pg16] or test_neon_extension_auto_upgrade[debug-pg16]"

Test coverage report is not available

The comment gets automatically updated with the latest test results
87c53cd at 2024-04-24T09:19:57.768Z :recycle:

@jcsp jcsp requested review from petuhovskiy and removed request for jcsp April 24, 2024 11:49
@prepor
Copy link
Contributor Author

prepor commented Apr 29, 2024

We decided to go with a different approach, because we can't rely on extension functions during read-only time travel

@prepor prepor closed this Apr 29, 2024
@prepor prepor deleted the neon_pgdump branch April 29, 2024 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hlinnaka hlinnaka hlinnaka left review comments

@areyou1or0 areyou1or0 areyou1or0 left review comments

@arnica-github-connector Arnica GitHub Connector arnica-github-connector left review comments

@knizhnik knizhnik Awaiting requested review from knizhnik knizhnik is a code owner automatically assigned from neondatabase/compute

@petuhovskiy petuhovskiy Awaiting requested review from petuhovskiy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@prepor @hlinnaka @areyou1or0