Home > mailing lists

Re: pg_upgrade in 9.5 broken for adminpack - Mailing list pgsql-hackers

From	Andreas Seltenreich
Subject	Re: pg_upgrade in 9.5 broken for adminpack
Date	January 3, 2016 23:48:58
Msg-id	87y4c6crt9.fsf@credativ.de Whole thread Raw
In response to	Re: pg_upgrade in 9.5 broken for adminpack (Bruce Momjian <bruce@momjian.us>)
Responses	Re: pg_upgrade in 9.5 broken for adminpack (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Bruce Momjian writes:

> On Thu, Apr 16, 2015 at 11:29:07PM -0700, Jeff Janes wrote:
>> Of course after sending that it became obvious.  The C function is not getting
>> called because the SQL function is marked as being strict, yet is called with
>> NULL arguments.
>> 
>> Trivial patch attached to unset strict flag in pg_proc.h.
>> 
>> But  CATALOG_VERSION_NO probably needs another bump as well.
>
> Patch applied and catversion bumped.  Thanks.

Shouldn't there be some validation of arguments now that the function is
no longer marked strict?  Currently, unprivileged users can crash the
server calling binary_upgrade_create_empty_extension with null
arguments.  Found using sqlsmith.

regards,
Andreas

pgsql-hackers by date:

From: Pavel Stehule
Date: 03 January 2016, 23:38:27
Subject: Re: count_nulls(VARIADIC "any")

From: Tom Lane
Date: 04 January 2016, 00:12:35
Subject: Re: pg_upgrade in 9.5 broken for adminpack

Re: pg_upgrade in 9.5 broken for adminpack - Mailing list pgsql-hackers

Previous

Next