Home > mailing lists

Re: Range Types - typo + NULL string constructor - Mailing list pgsql-hackers

From	Jeff Davis
Subject	Re: Range Types - typo + NULL string constructor
Date	October 25, 2011 16:37:21
Msg-id	1319560632.27819.16.camel@jdavis Whole thread Raw
In response to	Re: Range Types - typo + NULL string constructor (Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>)
Responses	Re: Range Types - typo + NULL string constructor (Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>) Re: Range Types - typo + NULL string constructor (Robert Haas <robertmhaas@gmail.com>)
List	pgsql-hackers

Tree view

On Mon, 2011-10-24 at 13:15 +0300, Heikki Linnakangas wrote:
> Hmm, I don't think that's safe. After Oid wraparound, a range type oid 
> might get reused for some other range type, and the cache would return 
> stale values. Extremely unlikely to happen by accident, but could be 
> exploited by an attacker.
> 

Any ideas on how to remedy that? I don't have another plan for making it
perform well. Plugging it into the cache invalidation mechanism seems
like overkill, but I suppose that would solve the problem.

Aren't there a few other cases like this floating around the code? I
know the single-xid cache is potentially vulnerable to xid wraparound
for the same reason.

Regards,Jeff Davis

pgsql-hackers by date:

From: Alvaro Herrera
Date: 25 October 2011, 16:33:34
Subject: Re: isolationtester's "dry run" mode

From: Sushant Sinha
Date: 25 October 2011, 16:47:46
Subject: Re: lexemes in prefix search going through dictionary modifications

Re: Range Types - typo + NULL string constructor - Mailing list pgsql-hackers

Previous

Next