Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite0c3d51

Browse files
committed
pg_freespacemap: Fix declaration of pg_freespace(regclass)
This function called generate_series() without enforcing its inputargument types, making possible for an attacker to catch this call, bydefining for example a generate_series(int,bigint).The internals of pg_freespace(regclass) are changed to force the use ofbigint for the inputs of generate_series(). A more consistent style isapplied for all its hardcoded values, while on it.Issue introduced in3f323eb.Reported-by: Noah MischReviewed-by: Noah MischDiscussion:https://postgr.es/m/20250106190428.ec.nmisch@google.com
1 parent3f48294 commite0c3d51

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

‎contrib/pg_freespacemap/pg_freespacemap--1.2--1.3.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,5 @@ RETURNS SETOF RECORD
99
LANGUAGE SQL PARALLEL SAFE
1010
BEGIN ATOMIC
1111
SELECT blkno, pg_freespace($1, blkno)AS avail
12-
FROM generate_series(0, pg_relation_size($1)/ current_setting('block_size')::bigint-1)AS blkno;
12+
FROM generate_series('0'::bigint, pg_relation_size($1)/ current_setting('block_size'::text)::bigint-'1'::bigint)AS blkno;
1313
END;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp