Re: Regression test PANICs with master-standby setup on same machine

Hi,

On 2019-04-24 17:02:28 +0900, Kyotaro HORIGUCHI wrote:
> +/*
> + * Check if the path is in the data directory strictly.
> + */
> +static bool
> +is_in_data_directory(const char *path)
> +{
> +    char cwd[MAXPGPATH];
> +    char abspath[MAXPGPATH];
> +    char absdatadir[MAXPGPATH];
> +
> +    getcwd(cwd, MAXPGPATH);
> +    if (chdir(path) < 0)
> +        ereport(ERROR,
> +                (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
> +                 errmsg("invalid directory \"%s\": %m", path)));
> +
> +    /* getcwd is defined as returning absolute path */
> +    getcwd(abspath, MAXPGPATH);
> +
> +    /* DataDir needs to be canonicalized */
> +    if (chdir(DataDir))
> +        ereport(FATAL,
> +                (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
> +                 errmsg("could not chdir to the data directory \"%s\": %m",
> +                        DataDir)));
> +    getcwd(absdatadir, MAXPGPATH);
> +
> +    /* this must succeed */
> +    if (chdir(cwd))
> +        ereport(FATAL,
> +                (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
> +                 errmsg("could not chdir to the current working directory \"%s\": %m",
> +                     cwd)));
> +
> +    return path_is_prefix_of_path(absdatadir, abspath);
> +}

This seems like a bad idea to me. Why don't we just use
make_absolute_path() on the proposed tablespace path, and then check
path_is_prefix_of() or such? Sure, that can be tricked using symlinks
etc, but that's already the case.

Greetings,

Andres Freund