From 2cabc708fbb2aab8e0f6d90155bd253041767f39 Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Thu, 21 Mar 2024 18:59:36 +0100 Subject: [PATCH] fix(DB): Sanitize `host` parameter for postgres databases when IPv6 address is passed Doctrine is using `pg_connect` with the `host` parameter, this does not allow IPv6 addresses in URI notation. So we need to extract the IP address and pass it directly Signed-off-by: Ferdinand Thiessen --- config/config.sample.php | 6 +++--- lib/private/DB/ConnectionFactory.php | 10 ++++++++++ 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 3ee52c0fd73..fa9f178524b 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -112,9 +112,9 @@ $CONFIG = [ /** * Your host server name, for example ``localhost``, ``hostname``, - * ``hostname.example.com``, or the IP address. To specify a port use - * ``hostname:####``; to specify a Unix socket use - * ``/path/to/directory/containing/socket`` e.g. ``/run/postgresql/``. + * ``hostname.example.com``, or the IP address. + * To specify a port use ``hostname:####``, for IPv6 addresses use the URI notation ``[ip]:port``. + * To specify a Unix socket use ``/path/to/directory/containing/socket``, e.g. ``/run/postgresql/``. */ 'dbhost' => '', diff --git a/lib/private/DB/ConnectionFactory.php b/lib/private/DB/ConnectionFactory.php index 4b286ff5442..11b17795634 100644 --- a/lib/private/DB/ConnectionFactory.php +++ b/lib/private/DB/ConnectionFactory.php @@ -132,6 +132,7 @@ class ConnectionFactory { $eventManager->addEventSubscriber( new SQLSessionInit("SET SESSION AUTOCOMMIT=1")); break; + case 'oci': $eventManager->addEventSubscriber(new OracleSessionInit); // the driverOptions are unused in dbal and need to be mapped to the parameters @@ -151,6 +152,15 @@ class ConnectionFactory { unset($additionalConnectionParams['host']); break; + case 'pgsql': + // pg_connect used by Doctrine DBAL does not support URI notation (enclosed in brackets) + $matches = []; + if (preg_match('/^\[([^\]]+)\]$/', $additionalConnectionParams['host'], $matches)) { + // Host variable carries a port or socket. + $additionalConnectionParams['host'] = $matches[1]; + } + break; + case 'sqlite3': $journalMode = $additionalConnectionParams['sqlite.journal_mode']; $additionalConnectionParams['platform'] = new OCSqlitePlatform();