From 11e486f96dbcc632bf6518688bfaa7a9949e9e56 Mon Sep 17 00:00:00 2001
From: Surinder Kumar <surinder.kumar@enterprisedb.com>
Date: Tue, 18 Oct 2016 11:32:43 +0100
Subject: [PATCH] Fix unsafe schema lookups for types. Fixes #1728

---
 .../servers/databases/schemas/types/__init__.py   | 15 ++++++++-------
 .../templates/type/sql/9.1_plus/get_scid.sql      | 11 ++++++++++-
 2 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/web/pgadmin/browser/server_groups/servers/databases/schemas/types/__init__.py b/web/pgadmin/browser/server_groups/servers/databases/schemas/types/__init__.py
index e6b7f3c0d..24b016a6c 100644
--- a/web/pgadmin/browser/server_groups/servers/databases/schemas/types/__init__.py
+++ b/web/pgadmin/browser/server_groups/servers/databases/schemas/types/__init__.py
@@ -906,12 +906,13 @@ class TypeView(PGChildNodeView, DataTypeReader):
             if not status:
                 return internal_server_error(errormsg=res)
 
-            # we need scid to update in browser tree
-            SQL = render_template("/".join([self.template_path,
-                                  'get_scid.sql']), tname=data['name'])
-            status, scid = self.conn.execute_scalar(SQL)
-            if not status:
-                return internal_server_error(errormsg=scid)
+            if 'schema' in data:
+                # we need scid to update in browser tree
+                SQL = render_template("/".join([self.template_path,
+                                      'get_scid.sql']), schema=data['schema'])
+                status, scid = self.conn.execute_scalar(SQL)
+                if not status:
+                    return internal_server_error(errormsg=scid)
 
             # we need oid to to add object in tree at browser
             SQL = render_template("/".join([self.template_path,
@@ -956,7 +957,7 @@ class TypeView(PGChildNodeView, DataTypeReader):
                 return internal_server_error(errormsg=res)
 
             SQL = render_template("/".join([self.template_path,
-                                  'get_scid.sql']), tname=data['name'])
+                                  'get_scid.sql']), tid=tid)
 
             # Get updated schema oid
             status, scid = self.conn.execute_scalar(SQL)
diff --git a/web/pgadmin/browser/server_groups/servers/databases/schemas/types/templates/type/sql/9.1_plus/get_scid.sql b/web/pgadmin/browser/server_groups/servers/databases/schemas/types/templates/type/sql/9.1_plus/get_scid.sql
index 696a205a8..067a9865f 100644
--- a/web/pgadmin/browser/server_groups/servers/databases/schemas/types/templates/type/sql/9.1_plus/get_scid.sql
+++ b/web/pgadmin/browser/server_groups/servers/databases/schemas/types/templates/type/sql/9.1_plus/get_scid.sql
@@ -1,6 +1,15 @@
+{% if tid %}
 SELECT
     t.typnamespace as scid
 FROM
     pg_type t
 WHERE
-    t.typname = {{tname|qtLiteral}}::text;
+    t.oid = {{tid}}::oid;
+{% else %}
+SELECT
+    ns.oid as scid
+FROM
+    pg_namespace ns
+WHERE
+    ns.nspname = {{schema|qtLiteral}}::text;
+{% endif %}