Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit5c4d139

Browse files
committed
Back out SET AUTHORIZATION patch until security is resolved.
1 parentfb45d4a commit5c4d139

File tree

6 files changed

+8
-129
lines changed

6 files changed

+8
-129
lines changed

‎src/pl/plpgsql/src/gram.y‎

Lines changed: 2 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* procedural language
55
*
66
* IDENTIFICATION
7-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.23 2001/07/1201:19:40 momjian Exp $
7+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.24 2001/07/1217:42:07 momjian Exp $
88
*
99
* This software is copyrighted by Jan Wieck - Hamburg.
1010
*
@@ -122,13 +122,11 @@ staticPLpgSQL_expr*make_tupret_expr(PLpgSQL_row *row);
122122
%type<stmts>proc_sect,proc_stmts,stmt_else,loop_body
123123
%type<stmt>proc_stmt,pl_block
124124
%type<stmt>stmt_assign,stmt_if,stmt_loop,stmt_while,stmt_exit
125-
%type<stmt>stmt_return,stmt_raise,stmt_execsql,stmt_fori,stmt_setauth
125+
%type<stmt>stmt_return,stmt_raise,stmt_execsql,stmt_fori
126126
%type<stmt>stmt_fors,stmt_select,stmt_perform
127127
%type<stmt>stmt_dynexecute,stmt_dynfors,stmt_getdiag
128128
%type<stmt>stmt_open,stmt_fetch,stmt_close
129129

130-
%type<ival>auth_level
131-
132130
%type<intlist>raise_params
133131
%type<ival>raise_level,raise_param
134132
%type<str>raise_msg
@@ -174,10 +172,6 @@ staticPLpgSQL_expr*make_tupret_expr(PLpgSQL_row *row);
174172
%tokenK_PERFORM
175173
%tokenK_ROW_COUNT
176174
%tokenK_RAISE
177-
%tokenK_SET
178-
%tokenK_AUTHORIZATION
179-
%tokenK_INVOKER
180-
%tokenK_DEFINER
181175
%tokenK_RECORD
182176
%tokenK_RENAME
183177
%tokenK_RESULT_OID
@@ -732,8 +726,6 @@ proc_stmt: pl_block
732726
{$$ =$1; }
733727
|stmt_raise
734728
{$$ =$1; }
735-
|stmt_setauth
736-
{$$ =$1; }
737729
|stmt_execsql
738730
{$$ =$1; }
739731
|stmt_dynexecute
@@ -1251,29 +1243,6 @@ stmt_return: K_RETURN lno
12511243
}
12521244
;
12531245

1254-
stmt_setauth:K_SETK_AUTHORIZATIONauth_levellno';'
1255-
{
1256-
PLpgSQL_stmt_setauth *new;
1257-
1258-
new=malloc(sizeof(PLpgSQL_stmt_setauth));
1259-
1260-
new->cmd_type = PLPGSQL_STMT_SETAUTH;
1261-
new->auth_level =$3;
1262-
new->lineno =$4;
1263-
1264-
$$ = (PLpgSQL_stmt *)new;
1265-
}
1266-
1267-
auth_level :K_DEFINER
1268-
{
1269-
$$=PLPGSQL_AUTH_DEFINER;
1270-
}
1271-
|K_INVOKER
1272-
{
1273-
$$=PLPGSQL_AUTH_INVOKER;
1274-
}
1275-
;
1276-
12771246
stmt_raise:K_RAISElnoraise_levelraise_msgraise_params';'
12781247
{
12791248
PLpgSQL_stmt_raise*new;

‎src/pl/plpgsql/src/pl_comp.c‎

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* procedural language
44
*
55
* IDENTIFICATION
6-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.32 2001/07/11 18:54:18 momjian Exp $
6+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.33 2001/07/12 17:42:07 momjian Exp $
77
*
88
* This software is copyrighted by Jan Wieck - Hamburg.
99
*
@@ -169,7 +169,6 @@ plpgsql_compile(Oid fn_oid, int functype)
169169

170170
function->fn_functype=functype;
171171
function->fn_oid=fn_oid;
172-
function->definer_uid=procStruct->proowner;
173172
function->fn_name=strdup(DatumGetCString(DirectFunctionCall1(nameout,
174173
NameGetDatum(&(procStruct->proname)))));
175174

‎src/pl/plpgsql/src/pl_exec.c‎

Lines changed: 2 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* procedural language
44
*
55
* IDENTIFICATION
6-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_exec.c,v 1.45 2001/07/11 18:54:18 momjian Exp $
6+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_exec.c,v 1.46 2001/07/12 17:42:07 momjian Exp $
77
*
88
* This software is copyrighted by Jan Wieck - Hamburg.
99
*
@@ -47,7 +47,6 @@
4747
#include"plpgsql.h"
4848
#include"pl.tab.h"
4949

50-
#include"miscadmin.h"
5150
#include"access/heapam.h"
5251
#include"catalog/pg_proc.h"
5352
#include"catalog/pg_type.h"
@@ -106,8 +105,6 @@ static int exec_stmt_exit(PLpgSQL_execstate * estate,
106105
PLpgSQL_stmt_exit*stmt);
107106
staticintexec_stmt_return(PLpgSQL_execstate*estate,
108107
PLpgSQL_stmt_return*stmt);
109-
staticintexec_stmt_setauth(PLpgSQL_execstate*estate,
110-
PLpgSQL_stmt_setauth*stmt);
111108
staticintexec_stmt_raise(PLpgSQL_execstate*estate,
112109
PLpgSQL_stmt_raise*stmt);
113110
staticintexec_stmt_execsql(PLpgSQL_execstate*estate,
@@ -229,9 +226,6 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
229226
casePLPGSQL_STMT_RETURN:
230227
stmttype="return";
231228
break;
232-
casePLPGSQL_STMT_SETAUTH:
233-
stmttype="setauth";
234-
break;
235229
casePLPGSQL_STMT_RAISE:
236230
stmttype="raise";
237231
break;
@@ -283,10 +277,7 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
283277
estate.retistuple=func->fn_retistuple;
284278
estate.retisset=func->fn_retset;
285279
estate.exitlabel=NULL;
286-
estate.invoker_uid=GetUserId();
287-
estate.definer_uid=func->definer_uid;
288-
estate.auth_level=PLPGSQL_AUTH_INVOKER;
289-
280+
290281
estate.found_varno=func->found_varno;
291282
estate.ndatums=func->ndatums;
292283
estate.datums=palloc(sizeof(PLpgSQL_datum*)*estate.ndatums);
@@ -406,9 +397,6 @@ plpgsql_exec_function(PLpgSQL_function * func, FunctionCallInfo fcinfo)
406397
elog(ERROR,"control reaches end of function without RETURN");
407398
}
408399

409-
if (estate.auth_level!=PLPGSQL_AUTH_INVOKER)
410-
SetUserId(estate.invoker_uid);
411-
412400
/*
413401
* We got a return value - process it
414402
*/
@@ -589,9 +577,6 @@ plpgsql_exec_trigger(PLpgSQL_function * func,
589577
estate.retistuple=func->fn_retistuple;
590578
estate.retisset=func->fn_retset;
591579
estate.exitlabel=NULL;
592-
estate.invoker_uid=GetUserId();
593-
estate.definer_uid=func->definer_uid;
594-
estate.auth_level=PLPGSQL_AUTH_INVOKER;
595580

596581
estate.found_varno=func->found_varno;
597582
estate.ndatums=func->ndatums;
@@ -775,9 +760,6 @@ plpgsql_exec_trigger(PLpgSQL_function * func,
775760
elog(ERROR,"control reaches end of trigger procedure without RETURN");
776761
}
777762

778-
if (estate.auth_level!=PLPGSQL_AUTH_INVOKER)
779-
SetUserId(estate.invoker_uid);
780-
781763
/*
782764
* Check that the returned tuple structure has the same attributes,
783765
* the relation that fired the trigger has.
@@ -1040,10 +1022,6 @@ exec_stmt(PLpgSQL_execstate * estate, PLpgSQL_stmt * stmt)
10401022
rc=exec_stmt_return(estate, (PLpgSQL_stmt_return*)stmt);
10411023
break;
10421024

1043-
casePLPGSQL_STMT_SETAUTH:
1044-
rc=exec_stmt_setauth(estate, (PLpgSQL_stmt_setauth*)stmt);
1045-
break;
1046-
10471025
casePLPGSQL_STMT_RAISE:
10481026
rc=exec_stmt_raise(estate, (PLpgSQL_stmt_raise*)stmt);
10491027
break;
@@ -1667,29 +1645,6 @@ exec_stmt_return(PLpgSQL_execstate * estate, PLpgSQL_stmt_return * stmt)
16671645
returnPLPGSQL_RC_RETURN;
16681646
}
16691647

1670-
/* ----------
1671-
* exec_stmt_setauth Changes user ID to/from
1672-
* that of the function owner's
1673-
* ----------
1674-
*/
1675-
1676-
staticint
1677-
exec_stmt_setauth(PLpgSQL_execstate*estate,PLpgSQL_stmt_setauth*stmt)
1678-
{
1679-
switch(stmt->auth_level)
1680-
{
1681-
casePLPGSQL_AUTH_DEFINER:
1682-
SetUserId(estate->definer_uid);
1683-
break;
1684-
casePLPGSQL_AUTH_INVOKER:
1685-
SetUserId(estate->invoker_uid);
1686-
break;
1687-
}
1688-
1689-
estate->auth_level=stmt->auth_level;
1690-
returnPLPGSQL_RC_OK;
1691-
}
1692-
16931648

16941649
/* ----------
16951650
* exec_stmt_raiseBuild a message and throw it with

‎src/pl/plpgsql/src/pl_funcs.c‎

Lines changed: 1 addition & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* procedural language
44
*
55
* IDENTIFICATION
6-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_funcs.c,v 1.14 2001/07/11 18:54:18 momjian Exp $
6+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_funcs.c,v 1.15 2001/07/12 17:42:08 momjian Exp $
77
*
88
* This software is copyrighted by Jan Wieck - Hamburg.
99
*
@@ -382,7 +382,6 @@ static void dump_fors(PLpgSQL_stmt_fors * stmt);
382382
staticvoiddump_select(PLpgSQL_stmt_select*stmt);
383383
staticvoiddump_exit(PLpgSQL_stmt_exit*stmt);
384384
staticvoiddump_return(PLpgSQL_stmt_return*stmt);
385-
staticvoiddump_setauth(PLpgSQL_stmt_setauth*stmt);
386385
staticvoiddump_raise(PLpgSQL_stmt_raise*stmt);
387386
staticvoiddump_execsql(PLpgSQL_stmt_execsql*stmt);
388387
staticvoiddump_dynexecute(PLpgSQL_stmt_dynexecute*stmt);
@@ -439,9 +438,6 @@ dump_stmt(PLpgSQL_stmt * stmt)
439438
casePLPGSQL_STMT_RETURN:
440439
dump_return((PLpgSQL_stmt_return*)stmt);
441440
break;
442-
casePLPGSQL_STMT_SETAUTH:
443-
dump_setauth((PLpgSQL_stmt_setauth*)stmt);
444-
break;
445441
casePLPGSQL_STMT_RAISE:
446442
dump_raise((PLpgSQL_stmt_raise*)stmt);
447443
break;
@@ -725,21 +721,6 @@ dump_return(PLpgSQL_stmt_return * stmt)
725721
printf("\n");
726722
}
727723

728-
staticvoid
729-
dump_setauth(PLpgSQL_stmt_setauth*stmt)
730-
{
731-
dump_ind();
732-
switch (stmt->auth_level)
733-
{
734-
casePLPGSQL_AUTH_DEFINER:
735-
printf("SET AUTHORIZATION DEFINER\n");
736-
break;
737-
casePLPGSQL_AUTH_INVOKER:
738-
printf("SET AUTHORIZATION INVOKER\n");
739-
break;
740-
}
741-
}
742-
743724
staticvoid
744725
dump_raise(PLpgSQL_stmt_raise*stmt)
745726
{

‎src/pl/plpgsql/src/plpgsql.h‎

Lines changed: 1 addition & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* procedural language
44
*
55
* IDENTIFICATION
6-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/plpgsql.h,v 1.15 2001/07/11 18:54:19 momjian Exp $
6+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/plpgsql.h,v 1.16 2001/07/12 17:42:08 momjian Exp $
77
*
88
* This software is copyrighted by Jan Wieck - Hamburg.
99
*
@@ -95,7 +95,6 @@ enum
9595
PLPGSQL_STMT_DYNEXECUTE,
9696
PLPGSQL_STMT_DYNFORS,
9797
PLPGSQL_STMT_GETDIAG,
98-
PLPGSQL_STMT_SETAUTH,
9998
PLPGSQL_STMT_OPEN,
10099
PLPGSQL_STMT_FETCH,
101100
PLPGSQL_STMT_CLOSE
@@ -113,16 +112,6 @@ enum
113112
PLPGSQL_RC_RETURN
114113
};
115114

116-
/* ---------
117-
* Authorization levels
118-
* ---------
119-
*/
120-
enum
121-
{
122-
PLPGSQL_AUTH_INVOKER,
123-
PLPGSQL_AUTH_DEFINER,
124-
};
125-
126115
/* ----------
127116
* GET DIAGNOSTICS system attrs
128117
* ----------
@@ -436,12 +425,6 @@ typedef struct
436425
intretrecno;
437426
}PLpgSQL_stmt_return;
438427

439-
typedefstruct
440-
{/* SET AUTHORIZATION statement */
441-
intcmd_type;
442-
intlineno;
443-
intauth_level;
444-
}PLpgSQL_stmt_setauth;
445428

446429
typedefstruct
447430
{/* RAISE statement*/
@@ -497,7 +480,6 @@ typedef struct PLpgSQL_function
497480
inttg_nargs_varno;
498481

499482
intndatums;
500-
Oiddefiner_uid;
501483
PLpgSQL_datum**datums;
502484
PLpgSQL_stmt_block*action;
503485
structPLpgSQL_function*next;
@@ -520,9 +502,6 @@ typedef struct
520502
intfound_varno;
521503
intndatums;
522504
PLpgSQL_datum**datums;
523-
Oidinvoker_uid;
524-
Oiddefiner_uid;
525-
intauth_level;
526505
}PLpgSQL_execstate;
527506

528507

‎src/pl/plpgsql/src/scan.l‎

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* procedural language
55
*
66
* IDENTIFICATION
7-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.13 2001/07/11 18:54:19 momjian Exp $
7+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/Attic/scan.l,v 1.14 2001/07/12 17:42:08 momjian Exp $
88
*
99
* This software is copyrighted by Jan Wieck - Hamburg.
1010
*
@@ -121,10 +121,6 @@ null{ return K_NULL;}
121121
open{return K_OPEN;}
122122
perform{return K_PERFORM;}
123123
raise{return K_RAISE;}
124-
set{return K_SET;}
125-
authorization{return K_AUTHORIZATION;}
126-
invoker{return K_INVOKER;}
127-
definer{return K_DEFINER;}
128124
record{return K_RECORD;}
129125
rename{return K_RENAME;}
130126
result_oid{return K_RESULT_OID;}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp