Skip site navigation (1) Skip section navigation (2)

Re: Range Types - typo + NULL string constructor

From: Jeff Davis <pgsql(at)j-davis(dot)com>
To: Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>
Cc: Alexander Korotkov <aekorotkov(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Range Types - typo + NULL string constructor
Date: 2011-10-25 16:37:12
Message-ID: 1319560632.27819.16.camel@jdavis (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
On Mon, 2011-10-24 at 13:15 +0300, Heikki Linnakangas wrote:
> Hmm, I don't think that's safe. After Oid wraparound, a range type oid 
> might get reused for some other range type, and the cache would return 
> stale values. Extremely unlikely to happen by accident, but could be 
> exploited by an attacker.

Any ideas on how to remedy that? I don't have another plan for making it
perform well. Plugging it into the cache invalidation mechanism seems
like overkill, but I suppose that would solve the problem.

Aren't there a few other cases like this floating around the code? I
know the single-xid cache is potentially vulnerable to xid wraparound
for the same reason.

	Jeff Davis

In response to


pgsql-hackers by date

Next:From: Sushant SinhaDate: 2011-10-25 16:47:25
Subject: Re: lexemes in prefix search going through dictionary modifications
Previous:From: Alvaro HerreraDate: 2011-10-25 16:33:23
Subject: Re: isolationtester's "dry run" mode

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group