Re: Reject invalid databases in pg_get_database_ddl()

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Amit Langote <[email protected]>
To: Hu Xunqi <[email protected]>
Cc: Euler Taveira <[email protected]>
Cc: Lakshmi N <[email protected]>
Cc: [email protected] <[email protected]>
Cc: Andrew Dunstan <[email protected]>
Subject: Re: Reject invalid databases in pg_get_database_ddl()
Date: Fri, 17 Apr 2026 12:30:59 +0900
Message-ID: <CA+HiwqGf_eQNK_bqJzL7YZvXKhpCWsbxxa6pwYVAhQLcPS0rAQ@mail.gmail.com> (raw)
In-Reply-To: <CAE4_qQacVuwviLN3qKMUp20e5B11hJ5rc5qUCLmHENixO1xWhQ@mail.gmail.com>
References: <CA+3i_M8m1k2gFch+tU0JmAQh9FRV+pFrfTXDrJo+BqmwsTmOhg@mail.gmail.com>
	<CA+HiwqH+0rgMNQDog0AT9dVt0CGjXza_Li80njDhynWqzUwvZw@mail.gmail.com>
	<CA+3i_M8Mq7fr6mUspSa2rLik9+oY4sOeD1qsB_-dvnUB4NrYbg@mail.gmail.com>
	<CA+HiwqFW7uY3Jknf8VzjWoXa1bf0-U6-+JgM+o1ggJ+onyOHHA@mail.gmail.com>
	<[email protected]>
	<CA+HiwqFenEgD4W1QWnHM0whbzWYH=uS6qQzxvKNH7z503HWvxw@mail.gmail.com>
	<CAE4_qQacVuwviLN3qKMUp20e5B11hJ5rc5qUCLmHENixO1xWhQ@mail.gmail.com>

Hi,

On Fri, Apr 17, 2026 at 11:49 AM Hu Xunqi <[email protected]> wrote:
> On Fri, Apr 17, 2026 at 10:16 AM Amit Langote <[email protected]> wrote:
> +       /*
> +        * Reject invalid databases: datconnlimit = -2 would be emitted as
> +        * CONNECTION LIMIT = -2, which cannot be executed.
> +        */
>
> This comment looks a bit too centered on datconnlimit=-2, but the real issue is that an invalid pg_database row should not be deparsed into DDL. So, maybe rephrase like:
>
> /*
> * Reject invalid databases. Deparsing a pg_database row in invalid state
> * can produce SQL that is not executable, such as CONNECTION LIMIT = -2.
> */

I was trying to be precise about datconnlimit = -2 being the thing
that produces invalid SQL. But your version covers that with the "such
as CONNECTION LIMIT = -2" example, and it's closer to the original,
which was on the right track, just needed to be more precise. Let's go
with it.

-- 
Thanks, Amit Langote


Attachments:

  [application/octet-stream] v4-0001-Reject-invalid-databases-in-pg_get_database_ddl.patch (1.7K, 2-v4-0001-Reject-invalid-databases-in-pg_get_database_ddl.patch)
  download | inline diff:
From 3d8899093a0f07e023711c96c4741d6fb40ecba9 Mon Sep 17 00:00:00 2001
From: Amit Langote <[email protected]>
Date: Fri, 17 Apr 2026 12:26:22 +0900
Subject: [PATCH v4] Reject invalid databases in pg_get_database_ddl()

An invalid database has datconnlimit set to -2.  pg_get_database_ddl()
emits this verbatim as CONNECTION LIMIT = -2, which ALTER DATABASE
rejects.  Error out early instead.

Reported-by: Lakshmi N <[email protected]>
Author: Lakshmi N <[email protected]>
Reviewed-by: Amit Langote <[email protected]>
Reviewed-by: Euler Taveira <[email protected]>
Reviewed-by: Hu Xunqi <[email protected]>
Discussion: https://postgr.es/m/CA+3i_M8m1k2gFch+tU0JmAQh9FRV+pFrfTXDrJo+BqmwsTmOhg@mail.gmail.com
---
 src/backend/utils/adt/ddlutils.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/backend/utils/adt/ddlutils.c b/src/backend/utils/adt/ddlutils.c
index c4f9f86c43e..d83cda3342e 100644
--- a/src/backend/utils/adt/ddlutils.c
+++ b/src/backend/utils/adt/ddlutils.c
@@ -887,6 +887,16 @@ pg_get_database_ddl_internal(Oid dbid, bool pretty,
 	dbform = (Form_pg_database) GETSTRUCT(tuple);
 	dbname = pstrdup(NameStr(dbform->datname));
 
+	/*
+	 * Reject invalid databases. Deparsing a pg_database row in invalid state
+	 * can produce SQL that is not executable, such as CONNECTION LIMIT = -2.
+	 */
+	if (database_is_invalid_form(dbform))
+		ereport(ERROR,
+				(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
+				 errmsg("cannot generate DDL for invalid database \"%s\"",
+						dbname)));
+
 	/*
 	 * We don't support generating DDL for system databases.  The primary
 	 * reason for this is that users shouldn't be recreating them.
-- 
2.47.3

view thread (13+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: Reject invalid databases in pg_get_database_ddl()
  In-Reply-To: <CA+HiwqGf_eQNK_bqJzL7YZvXKhpCWsbxxa6pwYVAhQLcPS0rAQ@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox