Assert fcinfo has enough args before allowing parameter access (was: Re: generate_series for timestamptz and time zone problem)

From: Gurjeet Singh <gurjeet(at)singh(dot)im>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Przemysław Sztoch <przemyslaw(at)sztoch(dot)pl>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Assert fcinfo has enough args before allowing parameter access (was: Re: generate_series for timestamptz and time zone problem)
Date: 2023-01-31 07:58:28
Message-ID: CABwTF4X+gmYDf0mknyu0VjAuqpTuxEDjx16=VAuDZdLWHJYyoA@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, Jan 30, 2023 at 11:50 PM Gurjeet Singh <gurjeet(at)singh(dot)im> wrote:
> It was the classical case of out-of-bounds access.

> This mistake would've been caught early if there were assertions
> preventing access beyond the number of arguments passed to the
> function. I'll send the assert_enough_args.patch, that adds these
> checks, in a separate thread to avoid potentially confusing cfbot.

Please see attached the patch to that ensures we don't accidentally
access more parameters than that are passed to a SQL callable
function.

Best regards,
Gurjeet
http://Gurje.et

Attachment Content-Type Size
assert_enough_args.patch application/x-patch 1.0 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Joel Jacobson 2023-01-31 07:59:22 Re: [PATCH] Fix old thinko in formula to compute sweight in numeric_sqrt().
Previous Message Gurjeet Singh 2023-01-31 07:50:46 Re: generate_series for timestamptz and time zone problem