public inbox for [email protected]
help / color / mirror / Atom feedFrom: Amit Langote <[email protected]>
To: Lakshmi N <[email protected]>
Cc: [email protected] <[email protected]>
Cc: [email protected]
Subject: Re: Reject invalid databases in pg_get_database_ddl()
Date: Fri, 17 Apr 2026 08:46:07 +0900
Message-ID: <CA+HiwqFW7uY3Jknf8VzjWoXa1bf0-U6-+JgM+o1ggJ+onyOHHA@mail.gmail.com> (raw)
In-Reply-To: <CA+3i_M8Mq7fr6mUspSa2rLik9+oY4sOeD1qsB_-dvnUB4NrYbg@mail.gmail.com>
References: <CA+3i_M8m1k2gFch+tU0JmAQh9FRV+pFrfTXDrJo+BqmwsTmOhg@mail.gmail.com>
<CA+HiwqH+0rgMNQDog0AT9dVt0CGjXza_Li80njDhynWqzUwvZw@mail.gmail.com>
<CA+3i_M8Mq7fr6mUspSa2rLik9+oY4sOeD1qsB_-dvnUB4NrYbg@mail.gmail.com>
On Fri, Apr 17, 2026 at 1:46 AM Lakshmi N <[email protected]> wrote:
> On Thu, Apr 16, 2026 at 2:29 AM Amit Langote <[email protected]> wrote:
>>
>> Hi,
>>
>> On Thu, Apr 16, 2026 at 5:20 PM Lakshmi N <[email protected]> wrote:
>> > pg_get_database_ddl() is not checking for databases in an invalid state
>> > before producing ddl statements. This caused the function to emit
>> > CONNECTION_LIMIT = -2, which is invalid SQL that Postgres rejects.
>> > A database row can be in this inconsistent state longer, for example
>> > server crashed during a drop database.
>> >
>> > Attached patch to fix this issue by doing a database_is_invalid_form()
>> > check early in pg_get_database_ddl_internal().
>>
>> Thanks for the report.
>>
>> Hmm, I see that the function will happily emit datconnlimit = -2 and
>> your patch catches that at the top instead of down below near this
>> code:
>>
>> /* CONNECTION LIMIT */
>> if (dbform->datconnlimit != -1)
>> {
>> resetStringInfo(&buf);
>> appendStringInfo(&buf, "ALTER DATABASE %s CONNECTION LIMIT = %d;",
>> quote_identifier(dbname), dbform->datconnlimit);
>> statements = lappend(statements, pstrdup(buf.data));
>> }
>>
>> which, I guess, makes sense.
>>
>> The comment is correct but could be more explicit:
>>
>> /*
>> * Reject invalid databases: datconnlimit = -2 would be emitted as
>> * CONNECTION LIMIT = -2, which fails on replay.
>> */
>
> Thank you for reviewing! Please find the attached v2 addressing this.
Thanks. Will push the attached shortly.
--
Thanks, Amit Langote
Attachments:
[application/octet-stream] v2-0001-Reject-invalid-databases-in-pg_get_database_ddl.patch (1.6K, 2-v2-0001-Reject-invalid-databases-in-pg_get_database_ddl.patch)
download | inline diff:
From ca98087734df0cddefd9610b7c23be8d1b758969 Mon Sep 17 00:00:00 2001
From: Amit Langote <[email protected]>
Date: Fri, 17 Apr 2026 08:42:19 +0900
Subject: [PATCH v2] Reject invalid databases in pg_get_database_ddl()
An invalid database has datconnlimit set to -2. pg_get_database_ddl()
emits this verbatim as CONNECTION LIMIT = -2, which ALTER DATABASE
rejects. Error out early instead.
Reported-by: Lakshmi N <[email protected]>
Author: Lakshmi N <[email protected]>
Reviewed-by: Amit Langote <[email protected]>
Discussion: https://postgr.es/m/CA+3i_M8m1k2gFch+tU0JmAQh9FRV+pFrfTXDrJo+BqmwsTmOhg@mail.gmail.com
---
src/backend/utils/adt/ddlutils.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/backend/utils/adt/ddlutils.c b/src/backend/utils/adt/ddlutils.c
index c4f9f86c43e..3921ed1fa6a 100644
--- a/src/backend/utils/adt/ddlutils.c
+++ b/src/backend/utils/adt/ddlutils.c
@@ -887,6 +887,17 @@ pg_get_database_ddl_internal(Oid dbid, bool pretty,
dbform = (Form_pg_database) GETSTRUCT(tuple);
dbname = pstrdup(NameStr(dbform->datname));
+ /*
+ * Reject invalid databases: datconnlimit = -2 would be emitted as
+ * CONNECTION LIMIT = -2, which cannot be executed.
+ */
+ if (database_is_invalid_form(dbform))
+ ereport(ERROR,
+ (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
+ errmsg("cannot generate DDL for invalid database \"%s\"",
+ dbname),
+ errhint("Use DROP DATABASE to drop invalid databases.")));
+
/*
* We don't support generating DDL for system databases. The primary
* reason for this is that users shouldn't be recreating them.
--
2.47.3
view thread (13+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: Reject invalid databases in pg_get_database_ddl()
In-Reply-To: <CA+HiwqFW7uY3Jknf8VzjWoXa1bf0-U6-+JgM+o1ggJ+onyOHHA@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox