| From: | Andrey Lepikhov <a(dot)lepikhov(at)postgrespro(dot)ru> |
|---|---|
| To: | PostgreSQL-Dev <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Insecure initialization of required_relids field |
| Date: | 2019-07-15 06:12:35 |
| Message-ID: | 5c21029d-81a2-c999-6744-6a898fcc9a19@postgrespro.ru |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
commit a31ad27fc5d introduced required_relids field. By default, it
links to the clause_relids.
It works good while we do not modify clause_relids or required_relids.
But in the case of modification such initialization demands us to
remember, that this field is shared. And we need to do bms_copy() before
making any changes (see [1] for example).
Also, we make some changes of the RestrictInfo fields (see patch [2])
during removing of unneeded self joins.
I propose to do more secure initialization way of required_relids (see
patch in attachment).
[1] commit 4e97631e6a9, analyzejoins.c, line 434,435:
rinfo->required_relids = bms_copy(rinfo->required_relids);
rinfo->required_relids = bms_del_member(rinfo->required_relids, relid);
[2] https://commitfest.postgresql.org/23/1712/
--
Andrey Lepikhov
Postgres Professional
https://postgrespro.com
The Russian Postgres Company
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-More-secure-initialization-of-required_relids-field.patch | text/x-patch | 949 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Konstantin Knizhnik | 2019-07-15 07:09:42 | Re: Built-in connection pooler |
| Previous Message | Edmund Horner | 2019-07-15 05:54:15 | Re: Tid scan improvements |