Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9f1e642

Browse files
committed
Fix incorrect handling of lookahead constraints in pg_regprefix().
pg_regprefix was doing nothing with lookahead constraints, which wouldbe fine if it were the right kind of nothing, but it isn't: we have toterminate our search for a fixed prefix, not just pretend the LACON arcisn't there. Otherwise, if the current state has both a LACON outarc and asingle plain-color outarc, we'd falsely conclude that the color representsan addition to the fixed prefix, and generate an extracted index conditionthat restricts the indexscan too much. (See added regression test case.)Terminating the search is conservative: we could traverse the LACON arc(thus assuming that the constraint can be satisfied at runtime) and thenexamine the outarcs of the linked-to state. But that would be a lot morework than it seems worth, because writing a LACON followed by a singleplain character is a pretty silly thing to do.This makes a difference only in rather contrived cases, but it's a bug,so back-patch to all supported branches.
1 parentee7ca55 commit9f1e642

File tree

3 files changed

+13
-6
lines changed

3 files changed

+13
-6
lines changed

‎src/backend/regex/regprefix.c

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -162,14 +162,12 @@ findprefix(struct cnfa * cnfa,
162162
thiscolor=COLORLESS;
163163
for (ca=cnfa->states[st];ca->co!=COLORLESS;ca++)
164164
{
165-
/* We ignore lookahead constraints */
166-
if (ca->co >=cnfa->ncolors)
167-
continue;
168-
/* We can also ignore BOS/BOL arcs */
165+
/* We can ignore BOS/BOL arcs */
169166
if (ca->co==cnfa->bos[0]||ca->co==cnfa->bos[1])
170167
continue;
171-
/* ... but EOS/EOL arcs terminate the search */
172-
if (ca->co==cnfa->eos[0]||ca->co==cnfa->eos[1])
168+
/* ... but EOS/EOL arcs terminate the search, as do LACONs */
169+
if (ca->co==cnfa->eos[0]||ca->co==cnfa->eos[1]||
170+
ca->co >=cnfa->ncolors)
173171
{
174172
thiscolor=COLORLESS;
175173
break;

‎src/test/regress/expected/regex.out

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -153,6 +153,14 @@ explain (costs off) select * from pg_proc where proname ~ '^(abc)?d';
153153
Filter: (proname ~ '^(abc)?d'::text)
154154
(2 rows)
155155

156+
explain (costs off) select * from pg_proc where proname ~ '^abcd(x|(?=\w\w)q)';
157+
QUERY PLAN
158+
------------------------------------------------------------------------
159+
Index Scan using pg_proc_proname_args_nsp_index on pg_proc
160+
Index Cond: ((proname >= 'abcd'::name) AND (proname < 'abce'::name))
161+
Filter: (proname ~ '^abcd(x|(?=\w\w)q)'::text)
162+
(3 rows)
163+
156164
-- Test for infinite loop in pullback() (CVE-2007-4772)
157165
select 'a' ~ '($|^)*';
158166
?column?

‎src/test/regress/sql/regex.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@ explain (costs off) select * from pg_proc where proname ~ '^abc+d';
3434
explain (costs off)select*from pg_procwhere proname ~'^(abc)(def)';
3535
explain (costs off)select*from pg_procwhere proname ~'^(abc)$';
3636
explain (costs off)select*from pg_procwhere proname ~'^(abc)?d';
37+
explain (costs off)select*from pg_procwhere proname ~'^abcd(x|(?=\w\w)q)';
3738

3839
-- Test for infinite loop in pullback() (CVE-2007-4772)
3940
select'a' ~'($|^)*';

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp