Re: Fixed issue "Error Message is displayed when the Package is Clicked"

Reason for the error:

REL-9_1_STABLE branch (PostgreSQL repository):

commit 303696c3b47e6719e983e93da5896ddc4a2e0dbb
Author: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Date: Fri Sep 3 01:34:55 2010 +0000

Install a data-type-based solution for protecting pg_get_expr().

Since the code underlying pg_get_expr() is not secure against malformed
input, and can't practically be made so, we need to prevent miscreants
from feeding arbitrary data to it. We can do this securely by declaring
pg_get_expr() to take a new datatype "pg_node_tree" and declaring the
system catalog columns that hold nodeToString output to be of that type.
There is no way at SQL level to create a non-null value of type
pg_node_tree.
Since the backend-internal operations that fill those catalog columns
operate below the SQL level, they are oblivious to the datatype
relabeling
and don't need any changes.

--

Thanks & Regards,

Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company<http://www.enterprisedb.com>

*http://www.linkedin.com/in/asheshvashi*

On Tue, Mar 20, 2012 at 12:32 PM, Akshay Joshi <
akshay(dot)joshi(at)enterprisedb(dot)com> wrote:

>
>
> On Mon, Mar 19, 2012 at 8:12 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>> On Mon, Mar 19, 2012 at 2:35 PM, Akshay Joshi
>> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>> > Hi
>> >
>> > On Mon, Mar 19, 2012 at 7:29 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>> >>
>> >> Hi
>> >>
>> >> On Thu, Mar 15, 2012 at 2:59 PM, Akshay Joshi
>> >> <akshay(dot)joshi(at)enterprisedb(dot)com> wrote:
>> >> > Hi Dave
>> >> >
>> >> > I have fixed one issue "Error Message is displayed when the Package
>> is
>> >> > Clicked". I have performed the following on enterprisedb database
>> >> >
>> >> > create or replace package pkgFoo is
>> >> > procedure foo(
>> >> > arg1 IN varchar default 'Nothing',
>> >> > arg2 IN integer default 100
>> >> > );
>> >> > end pkgFoo;
>> >> >
>> >> > create or replace package body pkgFoo is
>> >> > procedure foo(
>> >> > arg1 IN varchar default 'Nothing',
>> >> > arg2 IN integer default 100
>> >> > ) is
>> >> > begin
>> >> > dbms_output.put_line(arg1);
>> >> > dbms_output.put_line(arg2);
>> >> > end;
>> >> > end pkgFoo;
>> >> >
>> >> > Now click on pkgFoo, we will get the error message.It only happens
>> the
>> >> > first
>> >> > time.
>> >>
>> >> I cannot reproduce the error, using GIT Master with PPAS 9.0 on CentOS
>> 5.
>> >
>> >
>> > I am able to reproduce this every first time after launching pgAdmin
>> using
>> > GIT Master with PPAS9.1 on Windows 7. Attached is the screen shot.
>> >>
>> >>
>> >> > Attached is the patch file, please review it. If it looks good then
>> >> > please
>> >> > commit it.
>> >>
>> >> The patch is wrong. The restriction is supposed to be " = 'void'" for
>> >> procedures, and " != 'void'" for functions, as it already is.
>> >
>> >
>> > OK. I am not much aware of that code, but we have to provide some
>> other
>> > fix for the mentioned issue.
>>
>> Hmm, that looks like something changed in 9.1 that needs handling
>> differently. Can you work out exactly what the query that causes the
>> error is? We may need to check with one of the server guys.
>>
>
> I am able to reproduce the same issue with PPAS 9.0. Below is the query
> for PPAS 9.0 and 9.1 which causes the error
>
> *PPAS 9.0 :-* SELECT pg_get_expr('{CONST :consttype 1043 :consttypmod
> -1 :constcollid 100 :constlen -1 :constbyval false :constisnull false
> :location 283 :constvalue 11 [ 44 0 0 0 78 111 116 104 105 110 103 ]}
> {CONST :consttype 23 :consttypmod -1 :constcollid 0 :constlen 4 :constbyval
> true :constisnull false :location 334 :constvalue 4 [ 100 0 0 0 ]}',
> 'pg_catalog.pg_class'::regclass)
>
> *PPAS 9.1* :- SELECT pg_get_expr('{CONST :consttype 1043 :consttypmod
> -1 :constcollid 100 :constlen -1 :constbyval false :constisnull false
> :location 290 :constvalue 11 [ 44 0 0 0 78 111 116 104 105 110 103 ]}
> {CONST :consttype 23 :consttypmod -1 :constcollid 0 :constlen 4 :constbyval
> true :constisnull false :location 342 :constvalue 4 [ 100 0 0 0 ]}',
> 'pg_catalog.pg_class'::regclass)
>
>
>> --
>> Dave Page
>> Blog: http://pgsnake.blogspot.com
>> Twitter: @pgsnake
>>
>> EnterpriseDB UK: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company
>>
>
>
>
> --
> *Akshay Joshi
> Senior Software Engineer
> EnterpriseDB Corporation
> The Enterprise PostgreSQL Company
> Phone: +91 20-3058-9522
> Mobile: +91 976-788-8246*
>
>