| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Window functions can be created with defaults, but they don't work |
| Date: | 2013-08-30 22:37:42 |
| Message-ID: | 21722.1377902262@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Aug 30, 2013 at 6:14 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> The reason this crashes is that the planner doesn't apply
>> default-insertion to WindowFunc nodes, only to FuncExprs.
> I'm not sure I agree. Under that approach, any functions that have
> already been created like that will still crash the server. A
> malicious user could create a function like this now and wait to
> crontab it until the day he's leaving the company. Or there are more
> accidental scenarios as well.
The crash is only possible because the underlying internal-language
function doesn't sanity-check its input enough to catch the case of too
few arguments. As such, it's not that different from hundreds of other
cases where a superuser can cause a crash by misdeclaring the arguments to
an internal-language function. So I don't find your argument compelling.
I'd even say this was user error, except that it's not obvious that this
case shouldn't work.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2013-08-30 22:40:15 | Re: INSERT...ON DUPLICATE KEY IGNORE |
| Previous Message | Merlin Moncure | 2013-08-30 22:35:04 | operator precedence issues |