Participants
Tom Lane
Tom Lane
Bruce Momjian
Bruce Momjian
Attachments
Show all attachments
Thread Outline
#1Tom LaneTom Lane
Oct 11, 2006
#2Bruce MomjianBruce Momjianto Tom Lane (#1)
Oct 11, 2006
#3Tom LaneTom Laneto Bruce Momjian (#2)
Oct 11, 2006

pgsql: Repair incorrect check for coercion of unknown literal to

Started by Tom Laneover 19 years ago3 messageshackers
Jump to latest
#1Tom Lane
Tom Lane
tgl@sss.pgh.pa.us

Log Message:
-----------
Repair incorrect check for coercion of unknown literal to ANYARRAY, a bug
I introduced in 7.4.1 :-(. It's correct to allow unknown to be coerced to
ANY or ANYELEMENT, since it's a real-enough data type, but it most certainly
isn't an array datatype. This can cause a backend crash but AFAICT is not
exploitable as a security hole. Per report from Michael Fuhr.

Note: as fixed in HEAD, this changes a constant in the pg_stats view,
resulting in a change in the expected regression outputs. The back-branch
patches have been hacked to avoid that, so that pre-existing installations
won't start failing their regression tests.

Tags:
----
REL7_4_STABLE

Modified Files:
--------------
pgsql/src/backend/parser:
parse_coerce.c (r2.111.2.2 -> r2.111.2.3)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/parse_coerce.c.diff?r1=2.111.2.2&r2=2.111.2.3)

#2Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Tom Lane (#1)
Re: [COMMITTERS] pgsql: Repair incorrect check for coercion

Tom Lane wrote:

Log Message:
-----------
Repair incorrect check for coercion of unknown literal to ANYARRAY, a bug
I introduced in 7.4.1 :-(. It's correct to allow unknown to be coerced to
ANY or ANYELEMENT, since it's a real-enough data type, but it most certainly
isn't an array datatype. This can cause a backend crash but AFAICT is not
exploitable as a security hole. Per report from Michael Fuhr.

Note: as fixed in HEAD, this changes a constant in the pg_stats view,
resulting in a change in the expected regression outputs. The back-branch
patches have been hacked to avoid that, so that pre-existing installations
won't start failing their regression tests.

Does this mean if someone initdb's in a back branch, the regression
tests will start failing for them?

--
Bruce Momjian bruce@momjian.us
EnterpriseDB http://www.enterprisedb.com

+ If your life is a hard drive, Christ can be your backup. +

#3Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Bruce Momjian (#2)
Re: [COMMITTERS] pgsql: Repair incorrect check for coercion of unknown literal to

Bruce Momjian <bruce@momjian.us> writes:

Tom Lane wrote:

Note: as fixed in HEAD, this changes a constant in the pg_stats view,
resulting in a change in the expected regression outputs. The back-branch
patches have been hacked to avoid that, so that pre-existing installations
won't start failing their regression tests.

Does this mean if someone initdb's in a back branch, the regression
tests will start failing for them?

No.

regards, tom lane

← Back to Topics