Re: Bug plperl.c
| От | Mark Murawski |
|---|---|
| Тема | Re: Bug plperl.c |
| Дата | |
| Msg-id | 6e51ffa8-a25b-ef13-9a7e-f0781b1a19f8@intellasoft.net обсуждение исходный текст |
| Ответ на | Re: Bug plperl.c (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Bug plperl.c
|
| Список | pgsql-bugs |
Hi Tom, No rush on the bug fix, just making sure you don't need anything else from me on the reproduction. Yeah I realized my patch wasn't a full solution after sending it in... My test environment was a little wiggity, and I compiled and tested... but noticed I actually wasn't using the new build... (and thought that it was fixed with my change) Based on the side-effects I think it does make sense to block queries entirely during parse On 2/25/22 16:36, Tom Lane wrote: > Mark Murawski <markm-lists@intellasoft.net> writes: >> Were you able to reproduce using the updated example? > Sorry, this wasn't at the top of my to-do queue. It does reproduce > for me, and I think what we need to do about it is the attached. > In the normal code paths, this change will disallow usage of SPI until > we have completed compile_plperl_function and have a valid "prodesc" > to look at. I didn't care for your proposed workaround because > > (1) it'd allow execution of non-read-only code during compilation > of a supposedly read-only function; > > (2) it didn't patch the dozen or so other places where plperl SPI > functions could try to dereference prodesc; > > (3) allowing code execution during function validation is, if not > an actual security hole, certainly on the hairy edge of being one. > > I'm somewhat comforted about (3) because it seems the problem is only > reachable from plperlu not plperl. It's still pretty scary though. > > I realize that this solution might make your use-case rather awkward. > As far as function validation goes, you can still create your functions > by setting check_function_bodies = off. If you feel you need to have > Perl code that executes during compilation otherwise, I'm not sure > what to tell you, except that it doesn't seem like a great idea. > > I also noticed while looking at this that the relatively-recently-added > plperl_spi_commit and plperl_spi_rollback functions neglected to do > check_spi_usage_allowed(), so this fixes that too. > > regards, tom lane >
В списке pgsql-bugs по дате отправления: