| From: | Sergey Shinderuk <s(dot)shinderuk(at)postgrespro(dot)ru> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, Amit Langote <amitlangote09(at)gmail(dot)com> |
| Cc: | o(dot)tselebrovskiy(at)postgrespro(dot)ru, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: A bug with ExecCheckPermissions |
| Date: | 2023-02-09 09:14:44 |
| Message-ID: | 03cac228-9bcc-00ee-ff76-c097c7dea493@postgrespro.ru |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 08.02.2023 21:23, Alvaro Herrera wrote:
> On 2023-Feb-08, Amit Langote wrote:
>
>> On Wed, Feb 8, 2023 at 16:19 Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> wrote:
>
>>> I think we should also patch ExecCheckPermissions to use forboth(),
>>> scanning the RTEs as it goes over the perminfos, and make sure that the
>>> entries are consistent.
>>
>> Hmm, we can’t use forboth here, because not all RTEs have the corresponding
>> RTEPermissionInfo, inheritance children RTEs, for example.
>
> Doh, of course.
>
>> Also, it doesn’t make much sense to reinstate the original loop over
>> range table and fetch the RTEPermissionInfo for the RTEs with non-0
>> perminfoindex, because the main goal of the patch was to make
>> ExecCheckPermissions() independent of range table length.
>
> Yeah, I'm thinking in a mechanism that would allow us to detect bugs in
> development builds — no need to have it run in production builds.
> However, I can't see any useful way to implement it.
>
Maybe something like the attached would do?
--
Sergey Shinderuk https://postgrespro.com/
| Attachment | Content-Type | Size |
|---|---|---|
| check-rteperminfos.diff | text/plain | 1.9 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Guo | 2023-02-09 09:16:15 | Inconsistent nullingrels due to oversight in deconstruct_distribute_oj_quals |
| Previous Message | Pavel Stehule | 2023-02-09 09:11:21 | Re: proposal: psql: psql variable BACKEND_PID |