Home > mailing lists

pgsql: Fix RelationBuildPartitionKey's processing of partition keyexpr - Mailing list pgsql-committers

From	Tom Lane
Subject	pgsql: Fix RelationBuildPartitionKey's processing of partition keyexpr
Date	February 5, 2018 21:37:45
Msg-id	E1eiiq1-00061I-2c@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Fix RelationBuildPartitionKey's processing of partition key expressions.

Failure to advance the list pointer while reading partition expressions
from a list results in invoking an input function with inappropriate data,
possibly leading to crashes or, with carefully crafted input, disclosure
of arbitrary backend memory.

Bug discovered independently by Álvaro Herrera and David Rowley.
This patch is by Álvaro but owes something to David's proposed fix.
Back-patch to v10 where the issue was introduced.

Security: CVE-2018-1052

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/3492a0af0bd37e7f23e27fd3f5537f414ee9ab9b

Modified Files
--------------
src/backend/utils/cache/relcache.c         |  5 +++++
src/test/regress/expected/create_table.out | 29 ++++++++++++++++++++++-------
src/test/regress/sql/create_table.sql      |  9 +++++++--
3 files changed, 34 insertions(+), 9 deletions(-)

pgsql-committers by date:

From: Tom Lane
Date: 05 February 2018, 09:15:29
Subject: Re: pgsql: Fix another instance of unsafe coding for shm_toc_lookup failure

From: Tom Lane
Date: 05 February 2018, 21:58:54
Subject: pgsql: Ensure that all temp files made during pg_upgrade arenon-world-

pgsql: Fix RelationBuildPartitionKey's processing of partition keyexpr - Mailing list pgsql-committers

Previous

Next