From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Kris Jurka <books(at)ejurka(dot)com>, Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, Rushabh Lathia <rushabh(dot)lathia(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Rushabh Lathia <rushabh(dot)lathia(at)enterprisedb(dot)com> |
Subject: | Re: [BUGS] Server crash while trying to read expression using pg_get_expr() |
Date: | 2010-06-09 18:04:44 |
Message-ID: | 28398.1276106684@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Wed, Jun 9, 2010 at 1:34 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Yes, it's not a trivial fix either. We'll have to provide functions or
>> views that replace the current usages without letting the user insert
>> untrusted strings.
> Maybe I'm all wet here, but don't we need to come up with something we
> can back-patch?
Well, ideally yes, but if it's not actually *secure* then there's no
point --- and I don't believe that the approach of making readfuncs.c
secure against malicious input has the proverbial snowball's chance
of ever being bulletproof.
[ thinks for awhile... ] I wonder whether there is any way of locking
down pg_get_expr so that it throws an error if called with anything
except a suitable field from one of the system catalogs. There are only
a few usage patterns that we need to allow, no? At least in recent PG
versions it is possible for the function to check that its input
expression is a Var. If we had some (probably horridly ugly) way to
obtain the rangetable entry the Var refers to, we could put code into
pg_get_expr to barf if it's not used in a context like
"select pg_get_expr(adbin) from pg_attrdef".
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2010-06-09 18:50:23 | Re: Invalid YAML output from EXPLAIN |
Previous Message | Robert Haas | 2010-06-09 17:40:35 | Re: [BUGS] Server crash while trying to read expression using pg_get_expr() |
From | Date | Subject | |
---|---|---|---|
Next Message | Carsten Kropf | 2010-06-09 18:28:53 | Re: Custom index structure and strange count problem |
Previous Message | Alvaro Herrera | 2010-06-09 17:48:57 | Re: Out of date docs: DISABLE/ENABLE TRIGGER |