Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit56d30fb

Browse files
committed
Disallow converting a table to a view within an outer SQL command.
We have long disallowed all forms of ALTER TABLE if the table isalready opened by some outer SQL command in the same session.This has the same purpose as obtaining AccessExclusiveLock, butsince a session's own locks don't conflict the lock only blocks useof the table by other sessions, not our own. Without this check,the ALTER might confuse the outer SQL command since any previousinspection of the table would potentially become invalid.However, the RelisBecomingView code path in DefineQueryRewrite nevergot that memo, and assumed that AccessExclusiveLock is sufficientfor performing something morally equivalent to a rather invasiveALTER TABLE. Unsurprisingly, this can confuse an outer commandthat is trying to do something with the table.This was submitted as a security issue, but the security teamhas been unable to identify any consequence worse than a nullpointer dereference (from trying to access rd_tableam methodsthat the relation no longer has). Therefore, in accordancewith our usual policy, it's not security material and shouldjust be fixed as a routine bug.Fix by disallowing the operation if the table is open locally,exactly as ALTER TABLE does it.Per an anonymous security researcher, via Bundesamt für Sicherheitin der Informationstechnik.Patch v12-v15 only. In v16 and later, we removed this codealtogether (cf. commitb23cd18), so that there's no issue.
1 parentf222349 commit56d30fb

File tree

1 file changed

+6
-0
lines changed

1 file changed

+6
-0
lines changed

‎src/backend/rewrite/rewriteDefine.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@
3030
#include"catalog/pg_rewrite.h"
3131
#include"catalog/storage.h"
3232
#include"commands/policy.h"
33+
#include"commands/tablecmds.h"
3334
#include"miscadmin.h"
3435
#include"nodes/nodeFuncs.h"
3536
#include"parser/parse_utilcmd.h"
@@ -422,6 +423,9 @@ DefineQueryRewrite(const char *rulename,
422423
* whole business of converting relations to views is just an obsolete
423424
* kluge to allow dump/reload of views that participate in circular
424425
* dependencies.)
426+
*
427+
* Also ensure the relation isn't being manipulated in any outer SQL
428+
* command of our own session.
425429
*/
426430
if (event_relation->rd_rel->relkind!=RELKIND_VIEW&&
427431
event_relation->rd_rel->relkind!=RELKIND_MATVIEW)
@@ -430,6 +434,8 @@ DefineQueryRewrite(const char *rulename,
430434
Snapshotsnapshot;
431435
TupleTableSlot*slot;
432436

437+
CheckTableNotInUse(event_relation,"CREATE RULE");
438+
433439
if (event_relation->rd_rel->relkind==RELKIND_PARTITIONED_TABLE)
434440
ereport(ERROR,
435441
(errcode(ERRCODE_WRONG_OBJECT_TYPE),

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp