Reject bogus output from uuid_create(3).

When using the BSD UUID functions, contrib/uuid-ossp expects
uuid_create() to produce a version-1 UUID.  FreeBSD still does so,
but in recent NetBSD releases that function produces a version-4
(random) UUID instead.  That's not acceptable for our purposes:
if the user wanted v4 she would have asked for v4, not v1.
Hence, check the version digit and complain if it's not '1'.

Also drop the documentation's claim that the NetBSD implementation
is usable.  It might be, depending on which OS version you're using,
but we're not going to get into that kind of detail.

(Maybe someday we should ditch all these external libraries
and just write our own UUID code, but today is not that day.)

Nazir Bilal Yavuz, with cosmetic adjustments and docs by me.
Backpatch to all supported versions.

Discussion: https://postgr.es/m/3848059.1661038772@sss.pgh.pa.us
Discussion: https://postgr.es/m/17358-89806e7420797025@postgresql.org

diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index b868812358df56a987fa5a4900162d4ff5281b84..1245af3abb3e322f657b2fa95bdfc4600a5ef8de 100644 (file)
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -284,6 +284,18 @@ uuid_generate_internal(int v, unsigned char *ns, const char *ptr, int len)
                                        {
                                                strlcpy(strbuf, str, 37);
 
+                                               /*
+                                                * In recent NetBSD, uuid_create() has started
+                                                * producing v4 instead of v1 UUIDs.  Check the
+                                                * version field and complain if it's not v1.
+                                                */
+                                               if (strbuf[14] != '1')
+                                                       ereport(ERROR,
+                                                                       (errcode(ERRCODE_EXTERNAL_ROUTINE_EXCEPTION),
+                                                       /* translator: %c will be a hex digit */
+                                                                        errmsg("uuid_create() produced a version %c UUID instead of the expected version 1",
+                                                                                       strbuf[14])));
+
                                                /*
                                                 * PTR, if set, replaces the trailing characters of
                                                 * the uuid; this is to support v1mc, where a random

diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml
index 9daa656a048f2c4b426c59a80c8ec11d54aaeac0..7c79608e5517d6c9448015c6a05a68700a820477 100644 (file)
--- a/doc/src/sgml/installation.sgml
+++ b/doc/src/sgml/installation.sgml
@@ -1125,7 +1125,7 @@ build-postgresql:
         <itemizedlist>
          <listitem>
           <para>
-           <option>bsd</option> to use the UUID functions found in FreeBSD, NetBSD,
+           <option>bsd</option> to use the UUID functions found in FreeBSD
            and some other BSD-derived systems
           </para>
          </listitem>

diff --git a/doc/src/sgml/uuid-ossp.sgml b/doc/src/sgml/uuid-ossp.sgml
index 359d3c0128953e73c45fbf4ad56ea151e174d2bb..26bfb908daea184aaede42a7f6044e3e9da1cdc0 100644 (file)
--- a/doc/src/sgml/uuid-ossp.sgml
+++ b/doc/src/sgml/uuid-ossp.sgml
@@ -214,7 +214,7 @@ SELECT uuid_generate_v3(uuid_ns_url(), 'http://www.postgresql.org');
    at <ulink url="http://www.ossp.org/pkg/lib/uuid/"></ulink>, it is not well
    maintained, and is becoming increasingly difficult to port to newer
    platforms.  <filename>uuid-ossp</filename> can now be built without the OSSP
-   library on some platforms.  On FreeBSD, NetBSD, and some other BSD-derived
+   library on some platforms.  On FreeBSD and some other BSD-derived
    platforms, suitable UUID creation functions are included in the
    core <filename>libc</filename> library.  On Linux, macOS, and some other
    platforms, suitable functions are provided in the <filename>libuuid</filename>