| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Tighten pg_get_object_address argument checking |
| Date: | 2022-09-20 17:44:12 |
| Message-ID: | caaef70b-a874-1088-92ef-5ac38269c33b@enterprisedb.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
For publication schemas (OBJECT_PUBLICATION_NAMESPACE) and user
mappings (OBJECT_USER_MAPPING), pg_get_object_address() checked the
array length of the second argument, but not of the first argument.
If the first argument was too long, it would just silently ignore
everything but the first argument. Fix that by checking the length of
the first argument as well.
I wouldn't be surprised if there were more holes like this in this area.
I just happened to find these while working on something related.
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Tighten-pg_get_object_address-argument-checking.patch | text/plain | 5.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jacob Champion | 2022-09-20 17:45:36 | Re: CFM Manager |
| Previous Message | James Coleman | 2022-09-20 17:34:10 | Auto explain after query timeout |