Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit0e314d7

Browse files
committed
Add safety check on expression nesting depth. Default value is set by
a config.h #define, and the runtime value can be controlled via SET.
1 parent341b328 commit0e314d7

File tree

7 files changed

+143
-37
lines changed

7 files changed

+143
-37
lines changed

‎doc/src/sgml/ref/set.sgml

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/set.sgml,v 1.31 2000/02/27 21:07:03 tgl Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/set.sgml,v 1.32 2000/03/17 05:29:03 tgl Exp $
33
Postgres documentation
44
-->
55

@@ -770,6 +770,30 @@ SET TRANSACTION ISOLATION LEVEL { READ COMMITTED | SERIALIZABLE }
770770
</listitem>
771771
</varlistentry>
772772

773+
<varlistentry>
774+
<term>MAX_EXPR_DEPTH</term>
775+
<listitem>
776+
<para>
777+
Sets the maximum expression nesting depth that the parser will
778+
accept. The default value is high enough for any normal query,
779+
but you can raise it if you need to. (But if you raise it too high,
780+
you run the risk of backend crashes due to stack overflow.)
781+
782+
<variablelist>
783+
<varlistentry>
784+
<term><replaceable class="parameter">integer</replaceable></term>
785+
<term>ON</term>
786+
<listitem>
787+
<para>
788+
Maximum depth.
789+
</para>
790+
</listitem>
791+
</varlistentry>
792+
</variablelist>
793+
</para>
794+
</listitem>
795+
</varlistentry>
796+
773797
</variablelist>
774798
</para>
775799
</refsect2>

‎src/backend/commands/variable.c

Lines changed: 47 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
*
1010
*
1111
* IDENTIFICATION
12-
* $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.31 2000/02/27 21:10:41 tgl Exp $
12+
* $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.32 2000/03/17 05:29:04 tgl Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -25,6 +25,7 @@
2525
#include"miscadmin.h"
2626
#include"optimizer/cost.h"
2727
#include"optimizer/paths.h"
28+
#include"parser/parse_expr.h"
2829
#include"utils/builtins.h"
2930
#include"utils/tqual.h"
3031
#include"utils/trace.h"
@@ -86,6 +87,9 @@ static bool parse_geqo(char *);
8687
staticboolshow_ksqo(void);
8788
staticboolreset_ksqo(void);
8889
staticboolparse_ksqo(char*);
90+
staticboolreset_max_expr_depth(void);
91+
staticboolshow_max_expr_depth(void);
92+
staticboolparse_max_expr_depth(char*);
8993
staticboolshow_XactIsoLevel(void);
9094
staticboolreset_XactIsoLevel(void);
9195
staticboolparse_XactIsoLevel(char*);
@@ -935,6 +939,44 @@ reset_ksqo()
935939
return TRUE;
936940
}
937941

942+
/*
943+
* MAX_EXPR_DEPTH
944+
*/
945+
staticbool
946+
parse_max_expr_depth(char*value)
947+
{
948+
intnewval;
949+
950+
if (value==NULL)
951+
{
952+
reset_max_expr_depth();
953+
return TRUE;
954+
}
955+
956+
newval=pg_atoi(value,sizeof(int),'\0');
957+
958+
if (newval<10)/* somewhat arbitrary limit */
959+
elog(ERROR,"Bad value for MAX_EXPR_DEPTH (%s)",value);
960+
961+
max_expr_depth=newval;
962+
963+
return TRUE;
964+
}
965+
966+
staticbool
967+
show_max_expr_depth()
968+
{
969+
elog(NOTICE,"MAX_EXPR_DEPTH is %d",max_expr_depth);
970+
return TRUE;
971+
}
972+
973+
staticbool
974+
reset_max_expr_depth(void)
975+
{
976+
max_expr_depth=DEFAULT_MAX_EXPR_DEPTH;
977+
return TRUE;
978+
}
979+
938980
/* SET TRANSACTION */
939981

940982
staticbool
@@ -1103,6 +1145,10 @@ static struct VariableParsers
11031145
{
11041146
"ksqo",parse_ksqo,show_ksqo,reset_ksqo
11051147
},
1148+
{
1149+
"max_expr_depth",parse_max_expr_depth,
1150+
show_max_expr_depth,reset_max_expr_depth
1151+
},
11061152
{
11071153
"XactIsoLevel",parse_XactIsoLevel,show_XactIsoLevel,reset_XactIsoLevel
11081154
},

‎src/backend/parser/parse_expr.c

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/parser/parse_expr.c,v 1.73 2000/03/14 23:06:32 thomas Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/parser/parse_expr.c,v 1.74 2000/03/17 05:29:05 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -32,6 +32,11 @@
3232
#include"utils/builtins.h"
3333
#include"utils/syscache.h"
3434

35+
36+
intmax_expr_depth=DEFAULT_MAX_EXPR_DEPTH;
37+
38+
staticintexpr_depth_counter=0;
39+
3540
staticNode*parser_typecast_constant(Value*expr,TypeName*typename);
3641
staticNode*parser_typecast_expression(ParseState*pstate,
3742
Node*expr,TypeName*typename);
@@ -40,6 +45,20 @@ static Node *transformIdent(ParseState *pstate, Ident *ident, int precedence);
4045
staticNode*transformIndirection(ParseState*pstate,Node*basenode,
4146
List*indirection);
4247

48+
49+
/*
50+
* Initialize for parsing a new query.
51+
*
52+
* We reset the expression depth counter here, in case it was left nonzero
53+
* due to elog()'ing out of the last parsing operation.
54+
*/
55+
void
56+
parse_expr_init(void)
57+
{
58+
expr_depth_counter=0;
59+
}
60+
61+
4362
/*
4463
* transformExpr -
4564
* analyze and transform expressions. Type checking and type casting is
@@ -55,6 +74,17 @@ transformExpr(ParseState *pstate, Node *expr, int precedence)
5574
if (expr==NULL)
5675
returnNULL;
5776

77+
/*
78+
* Guard against an overly complex expression leading to coredump
79+
* due to stack overflow here, or in later recursive routines that
80+
* traverse expression trees. Note that this is very unlikely to
81+
* happen except with pathological queries; but we don't want someone
82+
* to be able to crash the backend quite that easily...
83+
*/
84+
if (++expr_depth_counter>max_expr_depth)
85+
elog(ERROR,"Expression too complex: nesting depth exceeds max_expr_depth = %d",
86+
max_expr_depth);
87+
5888
switch (nodeTag(expr))
5989
{
6090
caseT_Attr:
@@ -532,6 +562,8 @@ transformExpr(ParseState *pstate, Node *expr, int precedence)
532562
break;
533563
}
534564

565+
expr_depth_counter--;
566+
535567
returnresult;
536568
}
537569

‎src/backend/parser/parser.c

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/parser/parser.c,v 1.43 2000/01/26 05:56:43 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/parser/parser.c,v 1.44 2000/03/17 05:29:05 tgl Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -16,6 +16,7 @@
1616
#include"parser/analyze.h"
1717
#include"parser/gramparse.h"
1818
#include"parser/parser.h"
19+
#include"parser/parse_expr.h"
1920

2021
#if defined(FLEX_SCANNER)
2122
externvoidDeleteBuffer(void);
@@ -46,6 +47,8 @@ parser(char *str, Oid *typev, int nargs)
4647
parsetree=NIL;/* in case parser forgets to set it */
4748

4849
parser_init(typev,nargs);
50+
parse_expr_init();
51+
4952
yyresult=yyparse();
5053

5154
#if defined(FLEX_SCANNER)

‎src/bin/psql/tab-complete.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
*
44
* Copyright 2000 by PostgreSQL Global Development Group
55
*
6-
* $Header: /cvsroot/pgsql/src/bin/psql/tab-complete.c,v 1.15 2000/03/05 13:30:19 petere Exp $
6+
* $Header: /cvsroot/pgsql/src/bin/psql/tab-complete.c,v 1.16 2000/03/17 05:29:06 tgl Exp $
77
*/
88

99
/*-----------
@@ -195,6 +195,7 @@ char ** psql_completion(char *text, int start, int end)
195195
"client_encoding",
196196
"server_encoding",
197197
"KSQO",
198+
"max_expr_depth",
198199
"XactIsoLevel",
199200
"PG_Options",
200201
NULL

‎src/include/config.h.in

Lines changed: 28 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,14 @@
1-
2-
3-
/* the purpose of this file is to reduce the use of #ifdef's through
4-
* the code base by those porting the software, and to facilitate the
5-
* eventual use of autoconf to build the server
1+
/*
2+
* PostgreSQL configuration-settings file.
3+
*
4+
* config.h.in is processed by configure to produce config.h.
5+
*
6+
* If you want to modify any of the tweakable settings in the first part
7+
* of this file, you can do it in config.h.in before running configure,
8+
* or in config.h afterwards. Of course, if you edit config.h, then your
9+
* changes will be overwritten the next time you run configure.
10+
*
11+
* $Id: config.h.in,v 1.110 2000/03/17 05:29:06 tgl Exp $
612
*/
713

814
#ifndefCONFIG_H
@@ -11,7 +17,7 @@
1117
/*
1218
* Default runtime limit on number of backend server processes per postmaster;
1319
* this is just the default setting for the postmaster's -N switch.
14-
* (Actual value is set by configure script.)
20+
* (Actual value isnowset by configure script.)
1521
*/
1622
#undef DEF_MAXBACKENDS
1723

@@ -70,17 +76,11 @@
7076
/*
7177
* DEF_PGPORT is the TCP port number on which the Postmaster listens by
7278
* default. This can be overriden by command options, environment variables,
73-
* and the postconfig hook. (set by configure script)
79+
* and the postconfig hook. (nowset by configure script)
7480
*/
7581

7682
#undef DEF_PGPORT
7783

78-
/*
79-
* If you do not plan to use Host based authentication,
80-
* comment out the following line (set by build script)
81-
*/
82-
#undef HBA
83-
8484
/*
8585
* As soon as the backend blocks on a lock, it waits this number of seconds
8686
* before checking for a deadlock.
@@ -89,12 +89,6 @@
8989
*/
9090
#defineDEADLOCK_CHECK_TIMER 1
9191

92-
/*
93-
* This flag enables the use of indexes in plans generated for function
94-
* executions which normally are always executed with sequential scans.
95-
*/
96-
#defineINDEXSCAN_PATCH
97-
9892
/*
9993
* Maximum number of columns in an index and maximum number of arguments
10094
* to a function. They must be the same value.
@@ -121,16 +115,6 @@
121115
*/
122116
/* #define UNSAFE_FLOATS */
123117

124-
/*
125-
* There is a bug in the function executor. The backend crashes while trying to
126-
* execute an sql function containing an utility command (create, notify, ...).
127-
* The bug is part in the planner, which returns a number of plans different
128-
* than the number of commands if there are utility commands in the query, and
129-
* in part in the function executor which assumes that all commands are normal
130-
* query commands and causes a SIGSEGV trying to execute commands without plan.
131-
*/
132-
#defineFUNC_UTIL_PATCH
133-
134118
/*
135119
* Define this to make libpgtcl's "pg_result -assign" command process C-style
136120
* backslash sequences in returned tuple data and convert Postgres array
@@ -188,7 +172,7 @@
188172
#defineFASTBUILD/* access/nbtree/nbtsort.c */
189173

190174
/*
191-
* TBL_FREE_CMD_MEMORY: free memory allocated foran user query inside
175+
* TBL_FREE_CMD_MEMORY: free memory allocated fora user query inside
192176
* transaction block after this query is done.
193177
*/
194178
#defineTBL_FREE_CMD_MEMORY
@@ -232,9 +216,22 @@
232216
*/
233217
#defineMAXPGPATH1024
234218

219+
/*
220+
* DEFAULT_MAX_EXPR_DEPTH: default value of max_expr_depth SET variable.
221+
*/
222+
#defineDEFAULT_MAX_EXPR_DEPTH10000
223+
224+
/*
225+
* Leftover cruft for enabling long-since-verified patches.
226+
* You don't want to touch these.
227+
*/
228+
#defineINDEXSCAN_PATCH
229+
#define FUNC_UTIL_PATCH
230+
231+
235232
/*
236233
*------------------------------------------------------------------------
237-
*The followingis setusingconfigure.
234+
*Everything past hereis setby theconfigure script.
238235
*------------------------------------------------------------------------
239236
*/
240237

‎src/include/parser/parse_expr.h

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
* Portions Copyright (c) 1996-2000, PostgreSQL, Inc
88
* Portions Copyright (c) 1994, Regents of the University of California
99
*
10-
* $Id: parse_expr.h,v 1.17 2000/02/26 21:11:09 tgl Exp $
10+
* $Id: parse_expr.h,v 1.18 2000/03/17 05:29:07 tgl Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -20,9 +20,12 @@
2020
#defineEXPR_COLUMN_FIRST1
2121
#defineEXPR_RELATION_FIRST 2
2222

23+
externintmax_expr_depth;
24+
2325
externNode*transformExpr(ParseState*pstate,Node*expr,intprecedence);
2426
externOidexprType(Node*expr);
2527
externint32exprTypmod(Node*expr);
2628
externboolexprIsLengthCoercion(Node*expr,int32*coercedTypmod);
29+
externvoidparse_expr_init(void);
2730

2831
#endif/* PARSE_EXPR_H */

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp