Backend-internal SPI operations - Mailing list pgsql-hackers

From Tom Lane
Subject Backend-internal SPI operations
Date
Msg-id 1908.967563315@sss.pgh.pa.us
Whole thread Raw
In response to disallow LOCK on a view  (Mark Hollomon <mhh@mindspring.com>)
List pgsql-hackers
Mark Hollomon <mhh@mindspring.com> writes:
> sprintf(rulequery, "select * from pg_views where viewname='%s'", relname);
> [ evaluate query via SPI ]

I really dislike seeing backend utility operations built atop SPI.
Quite aside from the (lack of) speed, there are all sorts of nasty
traps that can come from runtime evaluation of query strings.  The
most obvious example in this case is what if relname contains a quote
mark?  Or backslash?

The permanent memory leak induced by SPI_saveplan() is another good
reason not to do it this way.

Finally, once one has written a nice neat little is_view() query
function, there's a strong temptation to just use it from anywhere,
without thought for the side-effects it might have like grabbing/
releasing locks, CommandCounterIncrement(), etc.  There are many
places in the backend where the side-effects of doing a full query
evaluation would be harmful.

Mark's patch is OK as is, since it's merely relocating some poorly
written code and not trying to fix it, but someone ought to think
about fixing the code.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: signed, volatile, etc
Next
From: "Ross J. Reedstrom"
Date:
Subject: Re: How hard would a "no global server" version be?