Tags: gsstark/postgres
Tags
Revert removal of trigger flag from plperl function hash key. As noted by Jan Urbanski, this flag is in fact needed to ensu 8000 re that the function's input/result conversion functions are set up as expected. Add a regression test to discourage anyone from making same mistake in future.
Install a data-type-based solution for protecting pg_get_expr(). Since the code underlying pg_get_expr() is not secure against malformed input, and can't practically be made so, we need to prevent miscreants from feeding arbitrary data to it. We can do this securely by declaring pg_get_expr() to take a new datatype "pg_node_tree" and declaring the system catalog columns that hold nodeToString output to be of that type. There is no way at SQL level to create a non-null value of type pg_node_tree. Since the backend-internal operations that fill those catalog columns operate below the SQL level, they are oblivious to the datatype relabeling and don't need any changes.
PreviousNext