Re: CVE-2017-7484-induced bugs, or, btree cmp functions are not leakproof?

On Fri, Nov 2, 2018 at 1:34 PM Amit Langote
<Langote_Amit_f8@lab.ntt.co.jp> wrote:
>
> On 2018/11/01 20:34, Dilip Kumar wrote:
> > On Mon, Oct 29, 2018 at 2:53 PM Amit Langote wrote:
> >> Anyway, why don't we just use the child table's AppendRelInfo to get the
> >> parent's version of varattno instead of creating a new function?  It can
> >> be done as shown in the attached revised version of the portion of the
> >> patch changing selfuncs.c.  Please take a look.
> >
> > +1
>
> Okay, here are two patches:
>
> 0001 adds a new RelOptInfo member inh_root_parent that's set for
> inheritance child otherrels and contains the RT index of the inheritance
> parent table mentioned in the query from which they originated.
>
> 0002 is your patch that modifies examine_variable, etc. to use the
> permissions granted on parent before reading stats on otherrel inheritance
> child tables. I've added your name as the author in the 2nd patch.
>

I have looked into the patches and these look fine to me.  I have also
added it to the next commitfest.

-- 
Regards,
Dilip Kumar
EnterpriseDB: http://www.enterprisedb.com