pgsql: Be more paranoid in ruleutils.c's get_variable(). - Mailing list pgsql-committers

From Tom Lane
Subject pgsql: Be more paranoid in ruleutils.c's get_variable().
Date
Msg-id E1bJ0Yj-0002zD-7i@gemulon.postgresql.org
Whole thread Raw
List pgsql-committers
Be more paranoid in ruleutils.c's get_variable().

We were merely Assert'ing that the Var matched the RTE it's supposedly
from.  But if the user passes incorrect information to pg_get_expr(),
the RTE might in fact not match; this led either to Assert failures
or core dumps, as reported by Chris Hanks in bug #14220.  To fix, just
convert the Asserts to test-and-elog.  Adjust an existing test-and-elog
elsewhere in the same function to be consistent in wording.

(If we really felt these were user-facing errors, we might promote them to
ereport's; but I can't convince myself that they're worth translating.)

Back-patch to 9.3; the problematic code doesn't exist before that, and
a quick check says that 9.2 doesn't crash on such cases.

Michael Paquier and Thomas Munro

Report: <20160629224349.1407.32667@wrigleys.postgresql.org>

Branch
------
REL9_3_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/b0f20c2ea5f429a4a7bea01e2f721364bf0bd043

Modified Files
--------------
src/backend/utils/adt/ruleutils.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)


pgsql-committers by date:

Previous
From: Robert Haas
Date:
Subject: Re: pgsql: Fix crash bug in RestoreSnapshot.
Next
From: Tom Lane
Date:
Subject: pgsql: Be more paranoid in ruleutils.c's get_variable().