upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-04 16:55:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
Base de données relationnelle
63826 commits 38 branches 679 tags 827 MiB
C 84.5%
PLpgSQL 6.1%
Perl 4.9%
Yacc 1.2%
Meson 0.7%
Other 2.4%
Find a file
Jacob Champion 0af4d402cb libpq: Poison the v2 part of a v1 Bearer request 
The new PGoauthBearerRequestV2 API (which has similarities to the
"subclass" pointer architecture in use by the backend, for Nodes)
carries the risk of a developer ignoring the type of hook in use and
just casting directly to the V2 struct. This will appear to work fine in
19, but crash (or worse) when speaking to libpq 18.

However, we're in a unique position to catch this problem, because we
have tight control over the struct. Add poisoning code to the v1 path
which does the following:

- masks the v2 request->issuer pointer, to hopefully point at nonsense
  memory
- abort()s if the v2 request->error is assigned by the hook
- attempts to cover both with VALGRIND_MAKE_MEM_NOACCESS for the
  duration of the callback (a potential AddressSanitizer implementation
  is left for future work)

The struct is unpoisoned after the call, so we can switch back to the v2
internal implementation when necessary.

Reviewed-by: Zsolt Parragi <zsolt.parragi@percona.com>
Reviewed-by: Chao Li <li.evan.chao@gmail.com>
Discussion: https://postgr.es/m/CAOYmi%2BnCg5upBVOo_UCSjMfO%3DYMkZXcSEsgaADKXqerr5wahZQ%40mail.gmail.com
2026-03-31 11:47:23 -07:00
.github Add CODE_OF_CONDUCT.md, CONTRIBUTING.md, and SECURITY.md. 2024-07-02 13:03:58 -05:00
config Hardcode override of typeof_unqual for clang-for-bitcode 2026-03-16 19:24:49 +01:00
contrib Avoid including vacuum.h in tableam.h and heapam.h. 2026-03-31 12:43:52 -05:00
doc Doc: remove bogus claim that tsvectors can have up to 2^64 entries. 2026-03-31 11:49:54 -04:00
src libpq: Poison the v2 part of a v1 Bearer request 2026-03-31 11:47:23 -07:00
.cirrus.star ci: Simplify ci-os-only handling 2025-08-14 12:09:34 -04:00
.cirrus.tasks.yml ci: Run headerscheck and cpluspluscheck in parallel 2026-03-23 08:40:29 +01:00
.cirrus.yml ci: Per-repo configuration for manually trigger tasks 2025-08-14 11:54:03 -04:00
.dir-locals.el Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
.editorconfig Update .editorconfig and .gitattributes for postgresql.conf.sample. 2025-11-18 10:28:36 -06:00
.git-blame-ignore-revs Add commit 874da8b1f6 to .git-blame-ignore-revs. 2026-03-30 14:35:24 -05:00
.gitattributes Update .editorconfig and .gitattributes for postgresql.conf.sample. 2025-11-18 10:28:36 -06:00
.gitignore Update top-level .gitignore. 2022-12-04 15:23:00 -05:00
.mailmap Add a Git .mailmap file 2024-11-05 13:56:02 +01:00
aclocal.m4 autoconf: Move export_dynamic determination to configure 2022-12-06 18:55:28 -08:00
configure Add warning option -Wold-style-declaration 2026-03-30 23:34:13 +02:00
configure.ac Add warning option -Wold-style-declaration 2026-03-30 23:34:13 +02:00
COPYRIGHT Update copyright for 2026 2026-01-01 13:24:10 -05:00
GNUmakefile.in Allow selecting the git revision to be packaged by "make dist". 2024-05-03 11:08:50 -04:00
HISTORY Canonicalize some URLs 2020-02-10 20:47:50 +01:00
Makefile Restore AIX support. 2026-02-23 13:34:22 -05:00
meson.build Disable some C++ warnings in MSVC 2026-03-31 08:42:26 +02:00
meson_options.txt Update copyright for 2026 2026-01-01 13:24:10 -05:00
README.md Revise the style of a paragraph in README.md. 2024-03-21 10:16:41 -05:00

README.md

PostgreSQL Database Management System

This directory contains the source code distribution of the PostgreSQL database management system.

PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard, including transactions, foreign keys, subqueries, triggers, user-defined types and functions. This distribution also contains C language bindings.

Copyright and license information can be found in the file COPYRIGHT.

General documentation about this version of PostgreSQL can be found at https://www.postgresql.org/docs/devel/. In particular, information about building PostgreSQL from the source code can be found at https://www.postgresql.org/docs/devel/installation.html.

The latest version of this software, and related software, may be obtained at https://www.postgresql.org/download/. For more information look at our web site located at https://www.postgresql.org/.