From: | Michael Fuhr <mike(at)fuhr(dot)org> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | pgsql-patches(at)postgresql(dot)org |
Subject: | Re: PL/Python error checking |
Date: | 2005-08-20 20:11:41 |
Message-ID: | 20050820201141.GA77457@winnie.fuhr.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
On Mon, Jul 11, 2005 at 08:13:24PM -0600, Michael Fuhr wrote:
> On Sun, Jul 10, 2005 at 12:58:24AM -0400, Bruce Momjian wrote:
> > I am unclear about backpatching this. We have to weigh the risks of
> > applying or not applying to 8.0.X. Comments?
>
> Since 7.4, PL/Python is only available as an untrusted language,
> so only a database superuser could create an exploitable function.
> However, it might be possible for an ordinary user to tickle the
> bug by calling such a function and passing it certain data, either
> as an argument or as table data. The code is buggy in any case:
> PyObject_Str() is documented to return NULL on error, and
> PyString_AsString() doesn't expect a NULL pointer so it segfaults
> if passed one. Since the patch simply checks for that condition
> and raises an error instead of calling a function that will segfault
> and take down the backend, I can't think of what risk applying the
> patch would have. The greater risk would seem to be in not applying
> it.
I haven't seen this patch applied to other than HEAD. Since it
fixes a segmentation fault, should it be backpatched before the
new releases?
Here's the original patch submission:
http://archives.postgresql.org/pgsql-patches/2005-06/msg00519.php
--
Michael Fuhr
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Fuhr | 2005-08-20 20:34:15 | Re: PL/Perl namespace fix |
Previous Message | Michael Fuhr | 2005-08-20 19:52:42 | PL/Perl regression tests with use_strict |