Block reserved catalog names and fix prefix-match comparisons

Block CREATE SERVER with a name that case-insensitively matches the
extension-owned catalog names (postgres, object_store, rest) on the
iceberg_catalog FDW. Also block ALTER SERVER ... RENAME TO a reserved
name.

Fix a latent bug across multiple files where pg_strncasecmp was used
with a partial length, causing prefix-only matching: e.g. "rest_1" would
match "rest". Replaced all instances with pg_strcasecmp for exact
case-insensitive comparison.

Signed-off-by: sfc-gh-npuka <naisila.puka@snowflake.com>

Author: sfc-gh-npuka

pg_lake_engine/src/utils/catalog_type.c

@@ -90,7 +90,7 @@ HasObjectStoreCatalogTableOption(List *options)
 {
 	char	   *catalog = GetStringOption(options, "catalog", false);
 
-	return catalog ? pg_strncasecmp(catalog, OBJECT_STORE_CATALOG_NAME, strlen(catalog)) == 0 : false;
+	return catalog ? pg_strcasecmp(catalog, OBJECT_STORE_CATALOG_NAME) == 0 : false;
 }
 
 
@@ -114,9 +114,9 @@ HasReadOnlyOption(List *options)
 bool
 IsCatalogOwnedByExtension(const char *catalog)
 {
-	return pg_strncasecmp(catalog, REST_CATALOG_NAME, strlen(REST_CATALOG_NAME)) == 0 ||
-		pg_strncasecmp(catalog, OBJECT_STORE_CATALOG_NAME, strlen(OBJECT_STORE_CATALOG_NAME)) == 0 ||
-		pg_strncasecmp(catalog, POSTGRES_CATALOG_NAME, strlen(POSTGRES_CATALOG_NAME)) == 0;
+	return pg_strcasecmp(catalog, REST_CATALOG_NAME) == 0 ||
+		pg_strcasecmp(catalog, OBJECT_STORE_CATALOG_NAME) == 0 ||
+		pg_strcasecmp(catalog, POSTGRES_CATALOG_NAME) == 0;
 }
 
 
@@ -131,7 +131,7 @@ IsRestCatalog(const char *catalog)
 	if (catalog == NULL)
 		return false;
 
-	if (pg_strncasecmp(catalog, REST_CATALOG_NAME, strlen(REST_CATALOG_NAME)) == 0)
+	if (pg_strcasecmp(catalog, REST_CATALOG_NAME) == 0)
 		return true;
 
 	/* Try to look up a server with this name */
@@ -148,7 +148,7 @@ IsRestCatalog(const char *catalog)
 
 	/* Check server TYPE if set */
 	if (server->servertype != NULL && *server->servertype != '\0')
-		return pg_strncasecmp(server->servertype, "rest", strlen("rest")) == 0;
+		return pg_strcasecmp(server->servertype, "rest") == 0;
 
 	/* No TYPE specified, assume rest */
 	return true;

pg_lake_iceberg/src/init.c

@@ -367,9 +367,9 @@ IcebergDefaultCatalogCheckHook(char **newvalue, void **extra, GucSource source)
 {
 	char	   *newCatalog = *newvalue;
 
-	if (pg_strncasecmp(newCatalog, POSTGRES_CATALOG_NAME, strlen(newCatalog)) == 0 ||
-		pg_strncasecmp(newCatalog, REST_CATALOG_NAME, strlen(newCatalog)) == 0 ||
-		pg_strncasecmp(newCatalog, OBJECT_STORE_CATALOG_NAME, strlen(newCatalog)) == 0)
+	if (pg_strcasecmp(newCatalog, POSTGRES_CATALOG_NAME) == 0 ||
+		pg_strcasecmp(newCatalog, REST_CATALOG_NAME) == 0 ||
+		pg_strcasecmp(newCatalog, OBJECT_STORE_CATALOG_NAME) == 0)
 		return true;
 
 	GUC_check_errdetail("pg_lake_iceberg: allowed iceberg catalog options are '" POSTGRES_CATALOG_NAME "', "

pg_lake_iceberg/src/rest_catalog/rest_catalog.c

@@ -230,6 +230,13 @@ BlockDDLOnExtensionCatalogs(ProcessUtilityParams *processUtilityParams,
 			strcmp(stmt->fdwname, ICEBERG_CATALOG_FDW_NAME) != 0)
 			return false;
 
+		if (IsCatalogOwnedByExtension(stmt->servername))
+			ereport(ERROR,
+					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
+					 errmsg("server name \"%s\" is reserved for the extension-owned catalog",
+							stmt->servername),
+					 errhint("Choose a different server name.")));
+
 		if (stmt->servertype != NULL &&
 			(pg_strcasecmp(stmt->servertype, POSTGRES_CATALOG_NAME) == 0 ||
 			 pg_strcasecmp(stmt->servertype, OBJECT_STORE_CATALOG_NAME) == 0))
@@ -295,6 +302,13 @@ BlockDDLOnExtensionCatalogs(ProcessUtilityParams *processUtilityParams,
 					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
 					 errmsg("cannot rename the extension-owned \"%s\" catalog server",
 							serverName)));
+
+		if (IsCatalogOwnedByExtension(stmt->newname))
+			ereport(ERROR,
+					(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
+					 errmsg("server name \"%s\" is reserved for the extension-owned catalog",
+							stmt->newname),
+					 errhint("Choose a different server name.")));
 	}
 	else if (IsA(parsetree, AlterOwnerStmt))
 	{

pg_lake_table/src/fdw/option.c

@@ -751,7 +751,7 @@ pg_lake_iceberg_validator(PG_FUNCTION_ARGS)
 				 */
 				icebergCatalogType = REST_CATALOG_READ_ONLY;
 			}
-			else if (pg_strncasecmp(icebergCatalogName, OBJECT_STORE_CATALOG_NAME, strlen(icebergCatalogName)) == 0)
+			else if (pg_strcasecmp(icebergCatalogName, OBJECT_STORE_CATALOG_NAME) == 0)
 			{
 				/*
 				 * at this point, we cannot tell whether it's read only or
@@ -760,7 +760,7 @@ pg_lake_iceberg_validator(PG_FUNCTION_ARGS)
 				 */
 				icebergCatalogType = OBJECT_STORE_READ_ONLY;
 			}
-			else if (pg_strncasecmp(icebergCatalogName, POSTGRES_CATALOG_NAME, strlen(icebergCatalogName)) == 0)
+			else if (pg_strcasecmp(icebergCatalogName, POSTGRES_CATALOG_NAME) == 0)
 				icebergCatalogType = POSTGRES_CATALOG;
 			else
 				ereport(ERROR,

pg_lake_table/tests/pytests/test_iceberg_catalog_server.py

@@ -518,6 +518,27 @@ def test_reject_create_server_type_object_store(superuser_conn, extension):
     superuser_conn.rollback()
 
 
+def test_reject_create_server_reserved_name(superuser_conn, extension):
+    """CREATE SERVER with a reserved catalog name (case-insensitive) is blocked."""
+    reserved_names = [
+        "Postgres",
+        "OBJECT_STORE",
+        "ReSt",
+    ]
+    for name in reserved_names:
+        err = run_command(
+            f"""
+            CREATE SERVER "{name}" TYPE 'rest'
+                FOREIGN DATA WRAPPER iceberg_catalog
+            """,
+            superuser_conn,
+            raise_error=False,
+        )
+        assert err is not None, f"Expected error for reserved name '{name}'"
+        assert "reserved for the extension-owned catalog" in str(err)
+        superuser_conn.rollback()
+
+
 def test_reject_alter_postgres_server(superuser_conn, extension):
     """ALTER SERVER on the extension-owned 'postgres' server is blocked."""
     err = run_command(
@@ -627,6 +648,36 @@ def test_reject_rename_rest_server(superuser_conn, extension):
     superuser_conn.rollback()
 
 
+def test_reject_rename_to_reserved_name(superuser_conn, extension):
+    """Renaming a user-created server TO a reserved name is blocked."""
+    run_command(
+        """
+        CREATE SERVER tmp_rename_srv TYPE 'rest'
+            FOREIGN DATA WRAPPER iceberg_catalog
+            OPTIONS (rest_endpoint 'http://localhost:8181')
+        """,
+        superuser_conn,
+    )
+    for reserved in ["POSTGRES", "Object_Store", "REST"]:
+        err = run_command(
+            f'ALTER SERVER tmp_rename_srv RENAME TO "{reserved}"',
+            superuser_conn,
+            raise_error=False,
+        )
+        assert err is not None, f"Expected error for renaming to '{reserved}'"
+        assert "reserved for the extension-owned catalog" in str(err)
+        superuser_conn.rollback()
+        run_command(
+            """
+            CREATE SERVER tmp_rename_srv TYPE 'rest'
+                FOREIGN DATA WRAPPER iceberg_catalog
+                OPTIONS (rest_endpoint 'http://localhost:8181')
+            """,
+            superuser_conn,
+        )
+    superuser_conn.rollback()
+
+
 def test_reject_owner_change_postgres_server(superuser_conn, extension):
     """ALTER SERVER ... OWNER TO on the extension-owned 'postgres' server is blocked."""
     err = run_command(