Thread: pgsql: Remove typmod checking from the recent security-related patches.

pgsql: Remove typmod checking from the recent security-related patches.

From

tgl@postgresql.org (Tom Lane)

Date:

06 February 2007, 16:35:48

Log Message:
-----------
Remove typmod checking from the recent security-related patches.  It turns
out that ExecEvalVar and friends don't necessarily have access to a tuple
descriptor with correct typmod: it definitely can contain -1, and possibly
might contain other values that are different from the Var's value.
Arguably this should be cleaned up someday, but it's not a simple change,
and in any case typmod discrepancies don't pose a security hazard.
Per reports from numerous people :-(

I'm not entirely sure whether the failure can occur in 8.0 --- the simple
test cases reported so far don't trigger it there.  But back-patch the
change all the way anyway.

Tags:
----
REL8_0_STABLE

Modified Files:
--------------
    pgsql/src/backend/executor:
        execQual.c (r1.171.4.3 -> r1.171.4.4)

(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execQual.c.diff?r1=1.171.4.3&r2=1.171.4.4)