Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm
Precedence: bulk
Reply-To: <derby-dev@db.apache.org>
Date: Fri, 2 Mar 2012 01:32:57 +0000 (UTC)
From: "Dag H. Wanvik (Updated) (JIRA)" <jira@apache.org>
To: derby-dev@db.apache.org
Message-ID: 
 <1459776864.10145.1330651977658.JavaMail.tomcat@hel.zones.apache.org>
In-Reply-To: 
 <85520529.15364.1311853389536.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Updated] (DERBY-5357) SQLJ.INSTALL_JAR shouldn't use
 identifier as file name
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


     [ https://issues.apache.org/jira/browse/DERBY-5357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dag H. Wanvik updated DERBY-5357:
---------------------------------

    Attachment: derby-5357.stat
                derby-5357.diff

Uploading a patch which replaces '/' or '\' with underscore when mapping SQL identifiers (schema, jarname) to filename.  The patch introduces a new method in FileUtil: sanitizeSqlIdAsFilename

>From its Javadoc: "Since quoted SQL identifiers may contain any character, we cannot use an SQL identifier as a file name unconditionally. Return a safe (unexploitable) file name by replacing '/' or '\' with underscore, so one can't access a non-intended directory. <em>Note</em>: we need to replace both to make database portable from Windows to *nix or vice versa."

I don't think we need any upgrade logic here: It seems very unlikely anybody relies on this error. If they do, e.g. a '/' on a Windows system, the workaround is simple, just rename the affected jars. 

No tests yet beyond manual, running regressions.


> SQLJ.INSTALL_JAR shouldn't use identifier as file name
> ------------------------------------------------------
>
>                 Key: DERBY-5357
>                 URL: https://issues.apache.org/jira/browse/DERBY-5357
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.9.0.0
>            Reporter: Knut Anders Hatlen
>              Labels: derby_triage10_9
>         Attachments: derby-5357.diff, derby-5357.stat
>
>
> When installing a jar file with the SQLJ.INSTALL_JAR procedure, it will copy the jar file to a subdirectory of the database directory. The name of the stored jar file is based on the qualified name specified by the second parameter in the procedure, and becomes something like: <DBDIR>/jar/<SCHEMA>/<JAR_NAME>.jar.<VERSION>
> This naming scheme is problematic because the qualified name of the jar file is an SQL identifier and may contain any characters, also characters with special meaning to the underlying file system.
> One example is this call:
> ij> call sqlj.install_jar('/path/to/toursdb.jar', 'APP."../../../x/jar"', 0);
> 0 rows inserted/updated/deleted
> On Unix-like systems, this will install the jar in a subdirectory of the database directory's parent directory, which is clearly unfortunate as the database directory should be self-contained (an assumption used when taking backup of a database using operating system commands, or when moving the database to another location).
> There's probably also a possibility that INSTALL_JAR fails if the identifier contains a character that's not allowed in file names on the platform.
> It would be better if the jars were stored in a file whose name is independent of the identifier used, so that any valid SQL identifier could be used to name a jar file in the database without causing problems.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira