| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | luza(dot)mbox(at)gmail(dot)com, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: BUG #16212: subquery block allows to overwrite table alias defined earlier |
| Date: | 2020-01-17 00:16:45 |
| Message-ID: | CAKFQuwbrretXNPdQdh99ZrahqDsaBh5Uk5U54r1MBigOxfu2fw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Thu, Jan 16, 2020 at 3:37 PM PG Bug reporting form <
noreply(at)postgresql(dot)org> wrote:
> The following bug has been logged on the website:
>
> Bug reference: 16212
> Logged by: Denis Girko
> Email address: luza(dot)mbox(at)gmail(dot)com
> PostgreSQL version: 9.6.16
> Operating system: Linux
> Description:
>
These are just examples of poorly written queries where sub-query
correlated value injection results in an arbitrary edge case: specifically,
when a query can resolve a name as either a column or a table it chooses
the column. Your choice of encoding your expected and actual output
doesn't help you here as you are not distinguishing between a scalar column
result and a composite table result being present.
select a from (values(1)) a; -- yields (1); the parens denote the result is
a composite with a single field (whose name is "column1" since it was not
given a name explicitly)
select a from (values(1)) a (a); -- yields 1; no parens denote the scalar
result of 1 since the column named "a" exists and is preferred over the
table named "a"
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | vignesh C | 2020-01-17 02:12:35 | Re: Reorderbuffer crash during recovery |
| Previous Message | Michael Paquier | 2020-01-17 00:12:16 | Re: BUG #16208: background worker "logical replication worker" was terminated by signal 11: Segmentation |