| From: | Doug McNaught <doug(at)wireboard(dot)com> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Marcin Owsiany <marcin(at)owsiany(dot)pl>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [GENERAL] Security implications of (plpgsql) functions |
| Date: | 2002-10-21 16:27:20 |
| Message-ID: | m3smyzsqon.fsf@varsoon.wireboard.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Joe Conway <mail(at)joeconway(dot)com> writes:
> Tom Lane wrote:
> > A depth limit for PL-function recursion is perhaps feasible, but I can't
> > say that I care for it a whole lot ... anyone have better ideas?
> >
>
> Is there any way to recognize infinite recursion by analyzing the
> saved execution tree -- i.e. can we assume that a function that calls
> itself, with the same arguments with which it was called, constitutes
> infinite recursion?
Solved the halting problem lately? ;)
Someone determined to DoS could probably get around any practical
implementation of your idea, using dummy argument, mutual recursion or
whatever.
-Doug
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2002-10-21 16:39:51 | Re: [GENERAL] Security implications of (plpgsql) functions |
| Previous Message | Ericson Smith | 2002-10-21 16:21:59 | Re: Numerous postmaster processes after upgrading to 7.2.3 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2002-10-21 16:39:51 | Re: [GENERAL] Security implications of (plpgsql) functions |
| Previous Message | Doug McNaught | 2002-10-21 16:25:16 | Re: Postgresql and multithreading |