BUG #16464: Unable to restore database backed up with pg_dump into sql that contains expression based index

On Tue, May 26, 2020 at 10:23 AM PG Bug reporting form <
noreply@postgresql.org> wrote:

The following bug has been logged on the website:

Bug reference: 16464
Logged by: pg user
Email address: pguser17354@mailinator.com
PostgreSQL version: 12.3
Operating system: Centos 6
Description:

Hello,
Restoring from pg_dump fails if you have a table with expression based
index
where a stored function calls another function.
Ex. SQL with steps to reproduce: https://pastebin.com/raw/CFgxtwSY

Related to:

https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058:_Protect_Your_Search_Path

Workaround:
Removing "SELECT pg_catalog.set_config('search_path', '', false);" from the
sql dump.

This isn't a bug. Your workaround is perfectly acceptable for an end-user
to attempt should they wish but it isn't something the project is going to
entertain - though I seem to recall a discussion of at least giving the
user control by adding a command line argument (as I mentioned before at
[1]: /messages/by-id/CAKFQuwZ9xGQF=QTPUKUNoco9fjmM9WruCaDh5AmDc-RwQop0Cw@mail.gmail.com

An obvious failure to restore a backup is not going to win out in a
security risk comparison with being able to silently cause a privileged
user to execute problem code.

[1]: /messages/by-id/CAKFQuwZ9xGQF=QTPUKUNoco9fjmM9WruCaDh5AmDc-RwQop0Cw@mail.gmail.com
/messages/by-id/CAKFQuwZ9xGQF=QTPUKUNoco9fjmM9WruCaDh5AmDc-RwQop0Cw@mail.gmail.com

David J.