| From: | Michael Fuhr <mike(at)fuhr(dot)org> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: PL/Python error checking |
| Date: | 2005-07-12 02:13:24 |
| Message-ID: | 20050712021324.GA79648@winnie.fuhr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
On Sun, Jul 10, 2005 at 12:58:24AM -0400, Bruce Momjian wrote:
> Michael Fuhr wrote:
> > The patch is against HEAD but the same changes should be applied
> > to earlier versions because they have the same problem. The patch
> > might not apply cleanly against earlier versions -- will the committer
> > take care of little differences or should I submit different versions
> > of the patch?
>
> I am unclear about backpatching this. We have to weigh the risks of
> applying or not applying to 8.0.X. Comments?
Since 7.4, PL/Python is only available as an untrusted language,
so only a database superuser could create an exploitable function.
However, it might be possible for an ordinary user to tickle the
bug by calling such a function and passing it certain data, either
as an argument or as table data. The code is buggy in any case:
PyObject_Str() is documented to return NULL on error, and
PyString_AsString() doesn't expect a NULL pointer so it segfaults
if passed one. Since the patch simply checks for that condition
and raises an error instead of calling a function that will segfault
and take down the backend, I can't think of what risk applying the
patch would have. The greater risk would seem to be in not applying
it.
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2005-07-12 03:29:20 | Re: thousands comma numeric formatting in psql |
| Previous Message | Kris Jurka | 2005-07-11 23:47:18 | Re: 4 pgcrypto regressions failures - 1 unsolved |