|From:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>|
|Cc:||Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>|
|Subject:||Converting contrib SQL functions to new style|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
Attached are some draft patches to convert almost all of the
contrib modules' SQL functions to use SQL-standard function bodies.
The point of this is to remove the residual search_path security
hazards that we couldn't fix in commits 7eeb1d986 et al. Since
a SQL-style function body is fully parsed at creation time,
its object references are not subject to capture by the run-time
search path. Possibly there are small performance benefits too,
though I've not tried to measure that.
I've not touched the documentation yet. I suppose that we can
tone down the warnings added by 7eeb1d986 quite a bit, maybe
replacing them with just "be sure to use version x.y or later".
However I think we may still need an assumption that earthdistance
and cube are in the same schema --- any comments on that?
I'd like to propose squeezing these changes into v14, even though
we're past feature freeze. Reason one is that this is less a
new feature than a security fix; reason two is that this provides
some non-artificial test coverage for the SQL-function-body feature.
BTW, there still remain a couple of old-style SQL functions in
contrib/adminpack and contrib/lo. AFAICS those are unconditionally
secure, so I didn't bother with them.
regards, tom lane
|Next Message||Tomas Vondra||2021-04-13 22:55:55||Re: Uninitialized scalar variable (UNINIT) (src/backend/statistics/extended_stats.c)|
|Previous Message||Jehan-Guillaume de Rorthais||2021-04-13 20:57:40||Re: Retry in pgbench|