Strip psql meta-commands on load (#736)

Strip psql meta-commands from schema files to fix `dbmate load` failures
on newer PostgreSQL versions.

PostgreSQL 15.14+/16.10+/17.6+ `pg_dump` outputs `\restrict` and
`\unrestrict` commands as a security measure (CVE-2025-8714). These are
`psql` client meta-commands, not SQL statements, causing `sqlDB.Exec()`
to fail with a syntax error when `dbmate load` attempts to execute them
directly against the database server. This PR adds a filter to remove
these lines before execution.

Fixes #735

Author: amacneil

pkg/dbmate/db.go

@@ -247,6 +247,13 @@ func (db *DB) LoadSchema() error {
 		return err
 	}
 
+	// Strip psql meta-commands (e.g., \restrict, \unrestrict) that cannot be
+	// executed directly against the database server.
+	bytes, err = dbutil.StripPsqlMetaCommands(bytes)
+	if err != nil {
+		return err
+	}
+
 	result, err := sqlDB.Exec(string(bytes))
 	if err != nil {
 		return err

pkg/dbutil/dbutil.go

@@ -97,6 +97,48 @@ func TrimLeadingSQLComments(data []byte) ([]byte, error) {
 	return out.Bytes(), nil
 }
 
+// StripPsqlMetaCommands removes psql meta-commands (backslash commands) from SQL.
+// PostgreSQL 15.14+/16.10+/17.6+ pg_dump adds \restrict and \unrestrict commands
+// to schema dumps as a security measure (CVE-2025-8714). These are psql client
+// commands that cannot be executed directly against the PostgreSQL server.
+//
+// Note: This is a naive line-based implementation that does not parse SQL properly.
+// It will incorrectly strip lines inside multi-line string literals if they start
+// with a backslash, e.g.: INSERT INTO t VALUES ('line1\n\line2');
+// In practice this is not an issue because:
+//   - This function is only used to process pg_dump schema output
+//   - pg_dump generates DDL statements which rarely contain multi-line string literals
+//   - pg_dump uses proper escaping (E'...' or $$...$$) for complex strings
+func StripPsqlMetaCommands(data []byte) ([]byte, error) {
+	out := bytes.NewBuffer(make([]byte, 0, len(data)))
+
+	scanner := bufio.NewScanner(bytes.NewReader(data))
+	for scanner.Scan() {
+		line := scanner.Bytes()
+
+		// Skip lines that are psql meta-commands (\restrict, \unrestrict, etc.)
+		// This naive approach works for pg_dump output but could theoretically
+		// break on hand-crafted SQL with multi-line strings containing backslashes.
+		trimmed := bytes.TrimLeftFunc(line, unicode.IsSpace)
+		if len(trimmed) > 0 && trimmed[0] == '\\' {
+			continue
+		}
+
+		// copy line to output buffer
+		if _, err := out.Write(line); err != nil {
+			return nil, err
+		}
+		if _, err := out.WriteString("\n"); err != nil {
+			return nil, err
+		}
+	}
+	if err := scanner.Err(); err != nil {
+		return nil, err
+	}
+
+	return out.Bytes(), nil
+}
+
 // QueryColumn runs a SQL statement and returns a slice of strings
 // it is assumed that the statement returns only one column
 // e.g. schema_migrations table

pkg/dbutil/dbutil_test.go

@@ -36,6 +36,56 @@ func TestTrimLeadingSQLComments(t *testing.T) {
 	require.Equal(t, "real stuff\n-- end\n", string(out))
 }
 
+func TestStripPsqlMetaCommands(t *testing.T) {
+	t.Run("strips restrict and unrestrict", func(t *testing.T) {
+		in := "\\restrict dbmate\n" +
+			"-- comment\n" +
+			"SET statement_timeout = 0;\n" +
+			"CREATE TABLE users (id int);\n" +
+			"\\unrestrict dbmate\n"
+		out, err := dbutil.StripPsqlMetaCommands([]byte(in))
+		require.NoError(t, err)
+		expected := "-- comment\n" +
+			"SET statement_timeout = 0;\n" +
+			"CREATE TABLE users (id int);\n"
+		require.Equal(t, expected, string(out))
+	})
+
+	t.Run("strips indented backslash commands", func(t *testing.T) {
+		in := "  \\restrict dbmate\n" +
+			"SELECT 1;\n" +
+			"\t\\unrestrict dbmate\n"
+		out, err := dbutil.StripPsqlMetaCommands([]byte(in))
+		require.NoError(t, err)
+		require.Equal(t, "SELECT 1;\n", string(out))
+	})
+
+	t.Run("preserves non-backslash content", func(t *testing.T) {
+		in := "-- This is a comment\n" +
+			"CREATE TABLE test (name varchar(100));\n" +
+			"INSERT INTO test VALUES ('hello\\world');\n"
+		out, err := dbutil.StripPsqlMetaCommands([]byte(in))
+		require.NoError(t, err)
+		require.Equal(t, in, string(out))
+	})
+
+	t.Run("handles empty input", func(t *testing.T) {
+		out, err := dbutil.StripPsqlMetaCommands([]byte(""))
+		require.NoError(t, err)
+		require.Equal(t, "", string(out))
+	})
+
+	t.Run("strips all backslash commands", func(t *testing.T) {
+		// Any line starting with backslash is a psql meta-command
+		in := "\\connect dbname\n" +
+			"SELECT 1;\n" +
+			"\\quit\n"
+		out, err := dbutil.StripPsqlMetaCommands([]byte(in))
+		require.NoError(t, err)
+		require.Equal(t, "SELECT 1;\n", string(out))
+	})
+}
+
 // connect to in-memory sqlite database for testing
 const sqliteMemoryDB = "file:dbutil.sqlite3?mode=memory&cache=shared"