NotificationsYou must be signed in to change notification settings
Fork5
Star26

Commit6d06049

committed

Adjust postgres_fdw's search path handling.

Set the remote session's search path to exactly "pg_catalog" at sessionstart, then schema-qualify only names that aren't in that schema. Thisgreatly reduces clutter in the generated SQL commands, as seen in theregression test changes. Per discussion.Also, rethink use of FirstNormalObjectId as the "built-in object" cutoff--- FirstBootstrapObjectId is safer, since the former will acceptobjects in information_schema for instance.

1 parentabf5c5c commit6d06049Copy full SHA for 6d06049

File tree

3 files changed

+180

-114

lines changed

contrib/postgres_fdw
- connection.c
- deparse.c
- expected
  - postgres_fdw.out

3 files changed

+180

-114

lines changed

`‎contrib/postgres_fdw/connection.c`

Lines changed: 29 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -63,6 +63,7 @@ static bool xact_got_connection = false;`
`63`	`63`	`/* prototypes of private functions */`
`64`	`64`	`staticPGconnconnect_pg_server(ForeignServerserver,UserMapping*user);`
`65`	`65`	`staticvoidcheck_conn_params(constcharkeywords,constcharvalues);`
	`66`	`+staticvoidconfigure_remote_session(PGconn*conn);`
`66`	`67`	`staticvoidbegin_remote_xact(ConnCacheEntry*entry);`
`67`	`68`	`staticvoidpgfdw_xact_callback(XactEventevent,void*arg);`
`68`	`69`	`staticvoidpgfdw_subxact_callback(SubXactEventevent,`
`@@ -237,6 +238,9 @@ connect_pg_server(ForeignServer server, UserMapping user)`
`237`	`238`	`errdetail("Non-superuser cannot connect if the server does not request a password."),`
`238`	`239`	`errhint("Target server's authentication method must be changed.")));`
`239`	`240`
	`241`	`+/* Prepare new session for use */`
	`242`	`+configure_remote_session(conn);`
	`243`	`+`
`240`	`244`	`pfree(keywords);`
`241`	`245`	`pfree(values);`
`242`	`246`	`}`
`@@ -281,6 +285,31 @@ check_conn_params(const char keywords, const char values)`
`281`	`285`	`errdetail("Non-superusers must provide a password in the user mapping.")));`
`282`	`286`	`}`
`283`	`287`
	`288`	`+/*`
	`289`	`+ * Issue SET commands to make sure remote session is configured properly.`
	`290`	`+ *`
	`291`	`+ * We do this just once at connection, assuming nothing will change the`
	`292`	`+ * values later. Since we'll never send volatile function calls to the`
	`293`	`+ * remote, there shouldn't be any way to break this assumption from our end.`
	`294`	`+ * It's possible to think of ways to break it at the remote end, eg making`
	`295`	`+ * a foreign table point to a view that includes a set_config call ---`
	`296`	`+ * but once you admit the possibility of a malicious view definition,`
	`297`	`+ * there are any number of ways to break things.`
	`298`	`+ */`
	`299`	`+staticvoid`
	`300`	`+configure_remote_session(PGconn*conn)`
	`301`	`+{`
	`302`	`+constchar*sql;`
	`303`	`+PGresult*res;`
	`304`	`+`
	`305`	`+/* Force the search path to contain only pg_catalog (see deparse.c) */`
	`306`	`+sql="SET search_path = pg_catalog";`
	`307`	`+res=PQexec(conn,sql);`
	`308`	`+if (PQresultStatus(res)!=PGRES_COMMAND_OK)`
	`309`	`+pgfdw_report_error(ERROR,res, true,sql);`
	`310`	`+PQclear(res);`
	`311`	`+}`
	`312`	`+`
`284`	`313`	`/*`
`285`	`314`	`* Start remote transaction or subtransaction, if needed.`
`286`	`315`	`*`

`‎contrib/postgres_fdw/deparse.c`

Lines changed: 69 additions & 32 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,6 +11,9 @@`
`11`	`11`	`* One saving grace is that we only need deparse logic for node types that`
`12`	`12`	`* we consider safe to send.`
`13`	`13`	`*`
	`14`	`+ * We assume that the remote session's search_path is exactly "pg_catalog",`
	`15`	`+ * and thus we need schema-qualify all and only names outside pg_catalog.`
	`16`	`+ *`
`14`	`17`	`* Portions Copyright (c) 2012-2013, PostgreSQL Global Development Group`
`15`	`18`	`*`
`16`	`19`	`* IDENTIFICATION`
`@@ -25,6 +28,7 @@`
`25`	`28`	`#include"access/htup_details.h"`
`26`	`29`	`#include"access/sysattr.h"`
`27`	`30`	`#include"access/transam.h"`
	`31`	`+#include"catalog/pg_namespace.h"`
`28`	`32`	`#include"catalog/pg_operator.h"`
`29`	`33`	`#include"catalog/pg_proc.h"`
`30`	`34`	`#include"catalog/pg_type.h"`
`@@ -73,6 +77,7 @@ static void deparseParam(StringInfo buf, Param node, PlannerInfo root);`
`73`	`77`	`staticvoiddeparseArrayRef(StringInfobuf,ArrayRefnode,PlannerInforoot);`
`74`	`78`	`staticvoiddeparseFuncExpr(StringInfobuf,FuncExprnode,PlannerInforoot);`
`75`	`79`	`staticvoiddeparseOpExpr(StringInfobuf,OpExprnode,PlannerInforoot);`
	`80`	`+staticvoiddeparseOperatorName(StringInfobuf,Form_pg_operatoropform);`
`76`	`81`	`staticvoiddeparseDistinctExpr(StringInfobuf,DistinctExpr*node,`
`77`	`82`	`PlannerInfo*root);`
`78`	`83`	`staticvoiddeparseScalarArrayOpExpr(StringInfobuf,ScalarArrayOpExpr*node,`
`@@ -321,6 +326,18 @@ foreign_expr_walker(Node node, foreign_expr_cxt context)`
`321`	`326`	`/*`
`322`	`327`	`* Return true if given object is one of PostgreSQL's built-in objects.`
`323`	`328`	`*`
	`329`	`+ * We use FirstBootstrapObjectId as the cutoff, so that we only consider`
	`330`	`+ * objects with hand-assigned OIDs to be "built in", not for instance any`
	`331`	`+ * function or type defined in the information_schema.`
	`332`	`+ *`
	`333`	`+ * Our constraints for dealing with types are tighter than they are for`
	`334`	`+ * functions or operators: we want to accept only types that are in pg_catalog`
	`335`	`+ * (else format_type might incorrectly fail to schema-qualify their names),`
	`336`	`+ * and we want to be sure that the remote server will use the same OID as`
	`337`	`+ * we do (since we must transmit a numeric type OID when passing a value of`
	`338`	`+ * the type as a query parameter). Both of these are reasons to reject`
	`339`	`+ * objects created post-bootstrap.`
	`340`	`+ *`
`324`	`341`	`* XXX there is a problem with this, which is that the set of built-in`
`325`	`342`	`* objects expands over time. Something that is built-in to us might not`
`326`	`343`	`* be known to the remote server, if it's of an older version. But keeping`
`@@ -329,7 +346,7 @@ foreign_expr_walker(Node node, foreign_expr_cxt context)`
`329`	`346`	`staticbool`
`330`	`347`	`is_builtin(Oidoid)`
`331`	`348`	`{`
`332`		`-return (oid<FirstNormalObjectId);`
	`349`	`+return (oid<FirstBootstrapObjectId);`
`333`	`350`	`}`
`334`	`351`
`335`	`352`
`@@ -563,6 +580,10 @@ deparseRelation(StringInfo buf, Oid relid)`
`563`	`580`	`relname=defGetString(def);`
`564`	`581`	`}`
`565`	`582`
	`583`	`+/*`
	`584`	`+ * Note: we could skip printing the schema name if it's pg_catalog,`
	`585`	`+ * but that doesn't seem worth the trouble.`
	`586`	`+ */`
`566`	`587`	`if (nspname==NULL)`
`567`	`588`	`nspname=get_namespace_name(get_rel_namespace(relid));`
`568`	`589`	`if (relname==NULL)`
`@@ -832,17 +853,13 @@ deparseArrayRef(StringInfo buf, ArrayRef node, PlannerInfo root)`
`832`	`853`	`* Here not only explicit function calls and explicit casts but also implicit`
`833`	`854`	`* casts are deparsed to avoid problems caused by different cast settings`
`834`	`855`	`* between local and remote.`
`835`		`- *`
`836`		`- * Function name is always qualified by schema name to avoid problems caused`
`837`		`- * by different setting of search_path on remote side.`
`838`	`856`	`*/`
`839`	`857`	`staticvoid`
`840`	`858`	`deparseFuncExpr(StringInfobuf,FuncExprnode,PlannerInforoot)`
`841`	`859`	`{`
`842`	`860`	`HeapTupleproctup;`
`843`	`861`	`Form_pg_procprocform;`
`844`	`862`	`constchar*proname;`
`845`		`-constchar*schemaname;`
`846`	`863`	`booluse_variadic;`
`847`	`864`	`boolfirst;`
`848`	`865`	`ListCell*arg;`
`@@ -851,7 +868,6 @@ deparseFuncExpr(StringInfo buf, FuncExpr node, PlannerInfo root)`
`851`	`868`	`if (!HeapTupleIsValid(proctup))`
`852`	`869`	`elog(ERROR,"cache lookup failed for function %u",node->funcid);`
`853`	`870`	`procform= (Form_pg_proc)GETSTRUCT(proctup);`
`854`		`-proname=NameStr(procform->proname);`
`855`	`871`
`856`	`872`	`/* Check if need to print VARIADIC (cf. ruleutils.c) */`
`857`	`873`	`if (OidIsValid(procform->provariadic))`
`@@ -864,11 +880,18 @@ deparseFuncExpr(StringInfo buf, FuncExpr node, PlannerInfo root)`
`864`	`880`	`else`
`865`	`881`	`use_variadic= false;`
`866`	`882`
	`883`	`+/* Print schema name only if it's not pg_catalog */`
	`884`	`+if (procform->pronamespace!=PG_CATALOG_NAMESPACE)`
	`885`	`+{`
	`886`	`+constchar*schemaname;`
	`887`	`+`
	`888`	`+schemaname=get_namespace_name(procform->pronamespace);`
	`889`	`+appendStringInfo(buf,"%s.",quote_identifier(schemaname));`
	`890`	`+}`
	`891`	`+`
`867`	`892`	`/* Deparse the function name ... */`
`868`		`-schemaname=get_namespace_name(procform->pronamespace);`
`869`		`-appendStringInfo(buf,"%s.%s(",`
`870`		`-quote_identifier(schemaname),`
`871`		`-quote_identifier(proname));`
	`893`	`+proname=NameStr(procform->proname);`
	`894`	`+appendStringInfo(buf,"%s(",quote_identifier(proname));`
`872`	`895`	`/* ... and all the arguments */`
`873`	`896`	`first= true;`
`874`	`897`	`foreach(arg,node->args)`
`@@ -887,16 +910,13 @@ deparseFuncExpr(StringInfo buf, FuncExpr node, PlannerInfo root)`
`887`	`910`
`888`	`911`	`/*`
`889`	`912`	`* Deparse given operator expression into buf.To avoid problems around`
`890`		`- * priority of operations, we always parenthesize the arguments. Also we use`
`891`		`- * OPERATOR(schema.operator) notation to determine remote operator exactly.`
	`913`	`+ * priority of operations, we always parenthesize the arguments.`
`892`	`914`	`*/`
`893`	`915`	`staticvoid`
`894`	`916`	`deparseOpExpr(StringInfobuf,OpExprnode,PlannerInforoot)`
`895`	`917`	`{`
`896`	`918`	`HeapTupletuple;`
`897`	`919`	`Form_pg_operatorform;`
`898`		`-constchar*opnspname;`
`899`		`-char*opname;`
`900`	`920`	`charoprkind;`
`901`	`921`	`ListCell*arg;`
`902`	`922`
`@@ -905,10 +925,6 @@ deparseOpExpr(StringInfo buf, OpExpr node, PlannerInfo root)`
`905`	`925`	`if (!HeapTupleIsValid(tuple))`
`906`	`926`	`elog(ERROR,"cache lookup failed for operator %u",node->opno);`
`907`	`927`	`form= (Form_pg_operator)GETSTRUCT(tuple);`
`908`		`-`
`909`		`-opnspname=quote_identifier(get_namespace_name(form->oprnamespace));`
`910`		`-/* opname is not a SQL identifier, so we don't need to quote it. */`
`911`		`-opname=NameStr(form->oprname);`
`912`	`928`	`oprkind=form->oprkind;`
`913`	`929`
`914`	`930`	`/* Sanity check. */`
`@@ -927,8 +943,8 @@ deparseOpExpr(StringInfo buf, OpExpr node, PlannerInfo root)`
`927`	`943`	`appendStringInfoChar(buf,' ');`
`928`	`944`	`}`
`929`	`945`
`930`		`-/* Deparsefully qualifiedoperator name. */`
`931`		`-appendStringInfo(buf,"OPERATOR(%s.%s)",opnspname,opname);`
	`946`	`+/* Deparse operator name. */`
	`947`	`+deparseOperatorName(buf,form);`
`932`	`948`
`933`	`949`	`/* Deparse right operand. */`
`934`	`950`	`if (oprkind=='l'\|\|oprkind=='b')`
`@@ -943,6 +959,34 @@ deparseOpExpr(StringInfo buf, OpExpr node, PlannerInfo root)`
`943`	`959`	`ReleaseSysCache(tuple);`
`944`	`960`	`}`
`945`	`961`
	`962`	`+/*`
	`963`	`+ * Print the name of an operator.`
	`964`	`+ */`
	`965`	`+staticvoid`
	`966`	`+deparseOperatorName(StringInfobuf,Form_pg_operatoropform)`
	`967`	`+{`
	`968`	`+char*opname;`
	`969`	`+`
	`970`	`+/* opname is not a SQL identifier, so we should not quote it. */`
	`971`	`+opname=NameStr(opform->oprname);`
	`972`	`+`
	`973`	`+/* Print schema name only if it's not pg_catalog */`
	`974`	`+if (opform->oprnamespace!=PG_CATALOG_NAMESPACE)`
	`975`	`+{`
	`976`	`+constchar*opnspname;`
	`977`	`+`
	`978`	`+opnspname=get_namespace_name(opform->oprnamespace);`
	`979`	`+/* Print fully qualified operator name. */`
	`980`	`+appendStringInfo(buf,"OPERATOR(%s.%s)",`
	`981`	`+quote_identifier(opnspname),opname);`
	`982`	`+}`
	`983`	`+else`
	`984`	`+{`
	`985`	`+/* Just print operator name. */`
	`986`	`+appendStringInfo(buf,"%s",opname);`
	`987`	`+}`
	`988`	`+}`
	`989`	`+`
`946`	`990`	`/*`
`947`	`991`	`* Deparse IS DISTINCT FROM.`
`948`	`992`	`*/`
`@@ -960,9 +1004,7 @@ deparseDistinctExpr(StringInfo buf, DistinctExpr node, PlannerInfo root)`
`960`	`1004`
`961`	`1005`	`/*`
`962`	`1006`	`* Deparse given ScalarArrayOpExpr expression into buf. To avoid problems`
`963`		`- * around priority of operations, we always parenthesize the arguments. Also`
`964`		`- * we use OPERATOR(schema.operator) notation to determine remote operator`
`965`		`- * exactly.`
	`1007`	`+ * around priority of operations, we always parenthesize the arguments.`
`966`	`1008`	`*/`
`967`	`1009`	`staticvoid`
`968`	`1010`	`deparseScalarArrayOpExpr(StringInfobuf,`
`@@ -971,8 +1013,6 @@ deparseScalarArrayOpExpr(StringInfo buf,`
`971`	`1013`	`{`
`972`	`1014`	`HeapTupletuple;`
`973`	`1015`	`Form_pg_operatorform;`
`974`		`-constchar*opnspname;`
`975`		`-char*opname;`
`976`	`1016`	`Expr*arg1;`
`977`	`1017`	`Expr*arg2;`
`978`	`1018`
`@@ -982,10 +1022,6 @@ deparseScalarArrayOpExpr(StringInfo buf,`
`982`	`1022`	`elog(ERROR,"cache lookup failed for operator %u",node->opno);`
`983`	`1023`	`form= (Form_pg_operator)GETSTRUCT(tuple);`
`984`	`1024`
`985`		`-opnspname=quote_identifier(get_namespace_name(form->oprnamespace));`
`986`		`-/* opname is not a SQL identifier, so we don't need to quote it. */`
`987`		`-opname=NameStr(form->oprname);`
`988`		`-`
`989`	`1025`	`/* Sanity check. */`
`990`	`1026`	`Assert(list_length(node->args)==2);`
`991`	`1027`
`@@ -995,10 +1031,11 @@ deparseScalarArrayOpExpr(StringInfo buf,`
`995`	`1031`	`/* Deparse left operand. */`
`996`	`1032`	`arg1=linitial(node->args);`
`997`	`1033`	`deparseExpr(buf,arg1,root);`
	`1034`	`+appendStringInfoChar(buf,' ');`
`998`	`1035`
`999`		`-/* Deparsefully qualifiedoperator name plus decoration. */`
`1000`		`-appendStringInfo(buf," OPERATOR(%s.%s) %s (",`
`1001`		`-opnspname,opname,node->useOr ?"ANY" :"ALL");`
	`1036`	`+/* Deparse operator name plus decoration. */`
	`1037`	`+deparseOperatorName(buf,form);`
	`1038`	`+appendStringInfo(buf," %s (",node->useOr ?"ANY" :"ALL");`
`1002`	`1039`
`1003`	`1040`	`/* Deparse right operand. */`
`1004`	`1041`	`arg2=lsecond(node->args);`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit6d06049

File tree

3 files changed

3 files changed

`‎contrib/postgres_fdw/connection.c`

`‎contrib/postgres_fdw/deparse.c`

0 commit comments