Fix/bad varlena size (michelp#46)

* Add cassert and debug/gdb flags for test image builder. * all the fixes for bad varhdrz usage, and switch all _P to _PP macros * fix oversized base64 decoding bug. * Add vscode include path
ioguix · Nov 28, 2022 · 670082f · 670082f
1 parent a8aea8e
commit 670082f
Show file tree

Hide file tree

Showing 24 changed files with 621 additions and 396 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+Dockerfile
+test.sh
+psql.sh
+.dockerignore
+.git
+.cache
diff --git a/.vscode/c_cpp_properties.json b/.vscode/c_cpp_properties.json
@@ -0,0 +1,17 @@
+{
+    "configurations": [
+        {
+            "name": "Linux",
+            "includePath": [
+                "${workspaceFolder}/**",
+                "/usr/include/postgresql/**"
+            ],
+            "defines": [],
+            "compilerPath": "/usr/bin/clang",
+            "cStandard": "c17",
+            "cppStandard": "c++14",
+            "intelliSenseMode": "linux-clang-x64"
+        }
+    ],
+    "version": 4
+}
diff --git a/Dockerfile b/Dockerfile
@@ -1,13 +1,35 @@
+FROM ubuntu:latest
 ARG version
-FROM postgres:${version}
-ARG version
-
-RUN apt-get update && apt-get install -y make git postgresql-server-dev-${version} curl build-essential libreadline-dev zile
+ARG DEBIAN_FRONTEND=noninteractive
+
+# install base dependences
+RUN apt-get update && \
+    apt-get install -y make cmake git curl build-essential m4 sudo gdbserver \
+    gdb libreadline-dev bison flex zlib1g-dev tmux zile zip vim gawk wget
+
+# add postgres user and make data dir
+RUN groupadd -r postgres && useradd --no-log-init -r -m -s /bin/bash -g postgres -G sudo postgres
+ENV PGDATA /home/postgres/data
+RUN /bin/rm -Rf "$PGDATA" && mkdir "$PGDATA"
+WORKDIR "/home/postgres"
+
+# get postgres source and compile with debug and no optimization
+RUN git clone --branch REL_${version}_STABLE https://github.com/postgres/postgres.git --depth=1 && \
+    cd postgres && ./configure \
+    --prefix=/usr/ \
+    --enable-debug \
+    --enable-depend --enable-cassert --enable-profiling \
+    CFLAGS="-ggdb -Og -g3 -fno-omit-frame-pointer" \
+#    CFLAGS="-O3" \
+    && make -j 4 && make install
+
+RUN chown postgres:postgres /home/postgres
+
 RUN curl -s -L https://github.com/theory/pgtap/archive/v1.1.0.tar.gz | tar zxvf - && cd pgtap-1.1.0 && make && make install
-RUN curl -s -L https://download.libsodium.org/libsodium/releases/libsodium-1.0.18.tar.gz | tar zxvf - && cd libsodium-1.0.18 && ./configure && make check && make install
+RUN curl -s -L https://download.libsodium.org/libsodium/releases/libsodium-1.0.18.tar.gz | tar zxvf - && cd libsodium-1.0.18 && ./configure && make check && make -j 4 install
 RUN cpan App::cpanminus && cpan TAP::Parser::SourceHandler::pgTAP
-RUN mkdir "/pgsodium"
-WORKDIR "/pgsodium"
+RUN mkdir "/home/postgres/pgsodium"
+WORKDIR "/home/postgres/pgsodium"
 COPY . .
 RUN make -j 4 && make install
 RUN ldconfig
@@ -16,3 +38,17 @@ RUN cp getkey_scripts/pgsodium_getkey_urandom.sh `pg_config --sharedir`/extensio
 RUN sed -i 's/exit//g' `pg_config --sharedir`/extension/pgsodium_getkey
 RUN chmod +x `pg_config --sharedir`/extension/pgsodium_getkey
 RUN cp `pg_config --sharedir`/extension/pgsodium_getkey /getkey
+
+# chown just pggraphblas
+RUN chown -R postgres:postgres /home/postgres/pgsodium
+RUN chown -R postgres:postgres /home/postgres/data
+
+# make postgres a sudoer
+RUN echo "postgres ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/user && \
+    chmod 0440 /etc/sudoers.d/user
+
+# start the database
+USER postgres
+RUN initdb -D "$PGDATA"
+EXPOSE 5432
+CMD ["/usr/bin/postgres"]
diff --git a/pgsodium.control b/pgsodium.control
@@ -1,5 +1,5 @@
 # pgsodium extension
 comment = 'Postgres extension for libsodium functions'
-default_version = '3.0.7'
+default_version = '3.0.8'
 relocatable = false
 schema = pgsodium
diff --git a/psql.sh b/psql.sh
@@ -17,7 +17,7 @@ docker run \
        -p $EXPORT:5432 \
 	   -v `pwd`/example:/pgsodium/example \
 	   -e POSTGRES_HOST_AUTH_METHOD=trust \
-	   -d --name "$DB_HOST" $TAG $CONFIG
+	   -d --name "$DB_HOST" $TAG postgres $CONFIG
 
 echo waiting for database to accept connections
 until

diff --git a/sql/pgsodium--1.0.0--1.1.0.sql b/sql/pgsodium--1.0.0--1.1.0.sql
@@ -62,9 +62,6 @@ RETURNS bytea
 AS '$libdir/pgsodium', 'pgsodium_randombytes_buf_deterministic'
 LANGUAGE C IMMUTABLE STRICT;
 
-
--- Marc's hacks follow
-
 CREATE FUNCTION crypto_sign_init()
 RETURNS bytea
 AS '$libdir/pgsodium', 'pgsodium_crypto_sign_init'

diff --git a/sql/pgsodium--3.0.7--3.0.8.sql b/sql/pgsodium--3.0.7--3.0.8.sql
@@ -0,0 +1,65 @@
+CREATE OR REPLACE FUNCTION pgsodium.crypto_sign_update_agg1(state bytea, message bytea)
+ RETURNS bytea
+AS
+$$
+ SELECT pgsodium.crypto_sign_update(COALESCE(state, pgsodium.crypto_sign_init()), message);
+$$
+LANGUAGE SQL IMMUTABLE;
+
+COMMENT ON FUNCTION pgsodium.crypto_sign_update_agg1(bytea, bytea) IS
+'Internal helper function for crypto_sign_update_agg(bytea). This
+initializes state if it has not already been initialized.';
+
+CREATE OR REPLACE FUNCTION pgsodium.crypto_sign_update_agg2(cur_state bytea,
+                 initial_state bytea,
+				 message bytea)
+ RETURNS bytea
+as
+$$
+ SELECT pgsodium.crypto_sign_update(
+       COALESCE(cur_state, initial_state),
+	   message)
+$$
+LANGUAGE SQL IMMUTABLE;
+
+COMMENT ON FUNCTION pgsodium.crypto_sign_update_agg2(bytea, bytea, bytea) IS
+'Internal helper function for crypto_sign_update_agg(bytea, bytea). This
+initializes state to the state passed to the aggregate as a parameter,
+if it has not already been initialized.';
+
+CREATE OR REPLACE AGGREGATE pgsodium.crypto_sign_update_agg(message bytea)
+ (
+  SFUNC = pgsodium.crypto_sign_update_agg1,
+  STYPE = bytea,
+  PARALLEL = unsafe);
+
+COMMENT ON AGGREGATE pgsodium.crypto_sign_update_agg(bytea) IS
+'Multi-part message signing aggregate that returns a state which can
+then be finalised using crypto_sign_final() or to which other parts
+can be added crypto_sign_update() or another message signing aggregate
+function.
+
+Note that when signing mutli-part messages using aggregates, the order
+in which message parts is processed is critical. You *must* ensure
+that the order of messages passed to the aggregate is invariant.';
+
+CREATE OR REPLACE AGGREGATE pgsodium.crypto_sign_update_agg(state bytea, message bytea)
+ (
+  SFUNC = pgsodium.crypto_sign_update_agg2,
+  STYPE = bytea,
+  PARALLEL = unsafe);
+
+COMMENT ON AGGREGATE pgsodium.crypto_sign_update_agg(bytea, bytea) IS
+'Multi-part message signing aggregate that returns a state which can
+then be finalised using crypto_sign_final() or to which other parts
+can be added crypto_sign_update() or another message signing aggregate
+function.
+
+The first argument to this aggregate is the input state. This may be
+the result of a previous crypto_sign_update_agg(), a previous
+crypto_sign_update().
+
+Note that when signing mutli-part messages using aggregates, the order
+in which message parts is processed is critical. You *must* ensure
+that the order of messages passed to the aggregate is invariant.';
+