| From: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
|---|---|
| To: | Lukas Fittl <lukas(at)fittl(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Maciek Sakrejda <m(dot)sakrejda(at)gmail(dot)com> |
| Subject: | Re: pg_get_constraintdef: Schema qualify foreign tables unless pretty printing is enabled |
| Date: | 2022-08-10 08:58:50 |
| Message-ID: | 20220810085850.ghwvrkcqzimif5ok@alvherre.pgsql |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2022-Aug-09, Lukas Fittl wrote:
> But I wonder, why do we have an explicit pretty printing flag on these
> functions, and PRETTYFLAG_SCHEMA in the code to represent this behavior.
> If we don't want pretty printing to affect schema qualification, why
> does that flag exist?
Because of CVE-2018-1058. See commit 815172ba8068.
I imagine that that commit only touched the minimum necessary to solve
the immediate security problem, but that further work is needed to make
PRETTYFLAG_SCHEMA become a fully functional gadget; but that would
require that the whole of ruleutils.c (and everything downstream from
it) behaves sanely. In other words, I think your patch is too small.
--
Álvaro Herrera Breisgau, Deutschland — https://www.EnterpriseDB.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2022-08-10 09:22:36 | Re: hash_xlog_split_allocate_page: failed to acquire cleanup lock |
| Previous Message | Daniel Gustafsson | 2022-08-10 08:55:57 | Small typo in OAT README |