| From: | Andreas Seltenreich <seltenreich(at)gmx(dot)de> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_upgrade in 9.5 broken for adminpack |
| Date: | 2016-01-03 20:48:50 |
| Message-ID: | 87y4c6crt9.fsf@credativ.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian writes:
> On Thu, Apr 16, 2015 at 11:29:07PM -0700, Jeff Janes wrote:
>> Of course after sending that it became obvious. The C function is not getting
>> called because the SQL function is marked as being strict, yet is called with
>> NULL arguments.
>>
>> Trivial patch attached to unset strict flag in pg_proc.h.
>>
>> But CATALOG_VERSION_NO probably needs another bump as well.
>
> Patch applied and catversion bumped. Thanks.
Shouldn't there be some validation of arguments now that the function is
no longer marked strict? Currently, unprivileged users can crash the
server calling binary_upgrade_create_empty_extension with null
arguments. Found using sqlsmith.
regards,
Andreas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2016-01-03 21:12:16 | Re: pg_upgrade in 9.5 broken for adminpack |
| Previous Message | Pavel Stehule | 2016-01-03 20:37:41 | Re: count_nulls(VARIADIC "any") |