| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Mark unconditionally-safe implicit coercions as leakproof |
| Date: | 2020-07-24 16:32:09 |
| Message-ID: | CA+TgmoZVXsyUv74FBedY=jg4+Pp8jNHv_BC3gVfkso8wrJU5ow@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Jul 24, 2020 at 12:17 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> I went through the system's built-in implicit coercions to see
> which ones are unconditionally successful. These could all be
> marked leakproof, as per attached patch. This came up in the
> context of the nearby discussion about CASE, but it seems like
> an independent improvement. If you have a function f(int8)
> that is leakproof, you don't want it to effectively become
> non-leakproof when you apply it to an int4 or int2 column.
>
> One that I didn't mark leakproof is rtrim1(), which is the
> infrastructure for char(n) to text coercion. It looks like it
> actually does qualify right now, but the code is long enough and
> complex enough that I think such a marking would be a bit unsafe.
>
> Any objections?
IMHO, this is a nice improvement.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2020-07-24 16:48:05 | Re: Missing CFI in hlCover()? |
| Previous Message | Robert Haas | 2020-07-24 16:31:05 | Re: Making CASE error handling less surprising |