| From: | SATYANARAYANA NARLAPURAM <satyanarlapuram(at)gmail(dot)com> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: expand refint docs with usage info |
| Date: | 2026-05-26 17:34:54 |
| Message-ID: | CAHg+QDep4vnMGEis=hRTPOpc74c_j6rL7h_SfqbAWdHVOeMLYg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On Tue, May 26, 2026 at 9:53 AM Nathan Bossart <nathandbossart(at)gmail(dot)com>
wrote:
> The security team has received a couple of reports about potential SQL
> injection opportunities via refint's trigger arguments. We discussed this
> while preparing CVE-2026-6637 and concluded that forcibly quoting these
> arguments would be much more likely to break working code than to prevent
> any exploits. Unlike data values, the table/column names come from trigger
> arguments, and there is little reason for a trigger author to put hostile
> inputs into those arguments.
>
> The attached documentation patch was originally intended to go along with
> CVE-2026-6637, but we ultimately scoped it down to only the
> security-relevant parts. This should be back-patched to v14. Note that we
> are preparing to removing refint completely in v20, but IMHO this doc
> update is still worth doing.
>
> Thoughts?
>
LGTM.
Thanks,
Satya
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jacob Champion | 2026-05-26 17:42:47 | Re: future of PQfn() |
| Previous Message | Álvaro Herrera | 2026-05-26 17:21:56 | Re: NULL pointer dereference in syslogger with load_libraries() and -DEXEC_BACKEND at startup |