Обсуждение: Getting rid of OverrideSearhPath in namespace.c

Поиск
Список
Период
Сортировка

Getting rid of OverrideSearhPath in namespace.c

От
Alexander Lakhin
Дата:
Hello hackers,

As a follow-up for the CVE-2023-2454 fix, I think that it makes sense to
completely remove unsafe functions
PushOverrideSearchPath()/PopOverrideSearchPath(), which are not used in the
core now.
Please look at the patch attached.

Beside that, maybe it's worth to rename three functions in "Override" in
their names: GetOverrideSearchPath(), CopyOverrideSearchPath(),
OverrideSearchPathMatchesCurrent(), and then maybe struct OverrideSearchPath.
Noah Misch proposed name GetSearchPathMatcher() for the former.

What do you think?

Best regards,
Alexander
Вложения

Re: Getting rid of OverrideSearhPath in namespace.c

От
Aleksander Alekseev
Дата:
Hi,

> As a follow-up for the CVE-2023-2454 fix, I think that it makes sense to
> completely remove unsafe functions
> PushOverrideSearchPath()/PopOverrideSearchPath(), which are not used in the
> core now.
> Please look at the patch attached.
>
> [...]
>
> What do you think?

+1 to remove dead code.

The proposed patch however removes get_collation_oid(), apparently by
mistake. Other than that the patch looks fine and passes `make
installcheck-world`.

I added an entry to the nearest CF [1].

> Beside that, maybe it's worth to rename three functions in "Override" in
> their names: GetOverrideSearchPath(), CopyOverrideSearchPath(),
> OverrideSearchPathMatchesCurrent(), and then maybe struct OverrideSearchPath.
> Noah Misch proposed name GetSearchPathMatcher() for the former.

+1 as well. I added the corresponding 0002 patch.

[1] https://commitfest.postgresql.org/44/4447/

-- 
Best regards,
Aleksander Alekseev
Вложения

Re: Getting rid of OverrideSearhPath in namespace.c

От
Noah Misch
Дата:
On Mon, Jul 17, 2023 at 05:11:46PM +0300, Aleksander Alekseev wrote:
> > As a follow-up for the CVE-2023-2454 fix, I think that it makes sense to
> > completely remove unsafe functions
> > PushOverrideSearchPath()/PopOverrideSearchPath(), which are not used in the
> > core now.
> > Please look at the patch attached.
> >
> > [...]
> >
> > What do you think?
> 
> +1 to remove dead code.
> 
> The proposed patch however removes get_collation_oid(), apparently by
> mistake. Other than that the patch looks fine and passes `make
> installcheck-world`.
> 
> I added an entry to the nearest CF [1].
> 
> > Beside that, maybe it's worth to rename three functions in "Override" in
> > their names: GetOverrideSearchPath(), CopyOverrideSearchPath(),
> > OverrideSearchPathMatchesCurrent(), and then maybe struct OverrideSearchPath.
> > Noah Misch proposed name GetSearchPathMatcher() for the former.
> 
> +1 as well. I added the corresponding 0002 patch.

Pushed both.  Thanks.