Lists: | pgsql-committerspgsql-hackers |
---|
From: | tgl(at)postgresql(dot)org (Tom Lane) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Repair incorrect check for coercion of unknown literal to |
Date: | 2006-10-11 20:21:28 |
Message-ID: | 20061011202128.B75BD9FB41D@postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-committers pgsql-hackers |
Log Message:
-----------
Repair incorrect check for coercion of unknown literal to ANYARRAY, a bug
I introduced in 7.4.1 :-(. It's correct to allow unknown to be coerced to
ANY or ANYELEMENT, since it's a real-enough data type, but it most certainly
isn't an array datatype. This can cause a backend crash but AFAICT is not
exploitable as a security hole. Per report from Michael Fuhr.
Note: as fixed in HEAD, this changes a constant in the pg_stats view,
resulting in a change in the expected regression outputs. The back-branch
patches have been hacked to avoid that, so that pre-existing installations
won't start failing their regression tests.
Tags:
----
REL7_4_STABLE
Modified Files:
--------------
pgsql/src/backend/parser:
parse_coerce.c (r2.111.2.2 -> r2.111.2.3)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/parse_coerce.c.diff?r1=2.111.2.2&r2=2.111.2.3)
From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)postgresql(dot)org> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [COMMITTERS] pgsql: Repair incorrect check for coercion |
Date: | 2006-10-11 22:25:05 |
Message-ID: | 200610112225.k9BMP5F01420@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-committers pgsql-hackers |
Tom Lane wrote:
> Log Message:
> -----------
> Repair incorrect check for coercion of unknown literal to ANYARRAY, a bug
> I introduced in 7.4.1 :-(. It's correct to allow unknown to be coerced to
> ANY or ANYELEMENT, since it's a real-enough data type, but it most certainly
> isn't an array datatype. This can cause a backend crash but AFAICT is not
> exploitable as a security hole. Per report from Michael Fuhr.
>
> Note: as fixed in HEAD, this changes a constant in the pg_stats view,
> resulting in a change in the expected regression outputs. The back-branch
> patches have been hacked to avoid that, so that pre-existing installations
> won't start failing their regression tests.
Does this mean if someone initdb's in a back branch, the regression
tests will start failing for them?
--
Bruce Momjian bruce(at)momjian(dot)us
EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Bruce Momjian <bruce(at)momjian(dot)us> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: [COMMITTERS] pgsql: Repair incorrect check for coercion of unknown literal to |
Date: | 2006-10-11 23:45:54 |
Message-ID: | 29655.1160610354@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-committers pgsql-hackers |
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Tom Lane wrote:
>> Note: as fixed in HEAD, this changes a constant in the pg_stats view,
>> resulting in a change in the expected regression outputs. The back-branch
>> patches have been hacked to avoid that, so that pre-existing installations
>> won't start failing their regression tests.
> Does this mean if someone initdb's in a back branch, the regression
> tests will start failing for them?
No.
regards, tom lane