upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-16 07:32:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend/utils
History
Noah Misch 35edcc0cee Make relation-enumerating operations be security-restricted operations. 
When a feature enumerates relations and runs functions associated with
all found relations, the feature's user shall not need to trust every
user having permission to create objects.  BRIN-specific functionality
in autovacuum neglected to account for this, as did pg_amcheck and
CLUSTER.  An attacker having permission to create non-temp objects in at
least one schema could execute arbitrary SQL functions under the
identity of the bootstrap superuser.  CREATE INDEX (not a
relation-enumerating operation) and REINDEX protected themselves too
late.  This change extends to the non-enumerating amcheck interface.
Back-patch to v10 (all supported versions).

Sergey Shinderuk, reviewed (in earlier versions) by Alexander Lakhin.
Reported by Alexander Lakhin.

Security: CVE-2022-1552
2022-05-09 08:35:12 -07:00
..
adt Disallow infinite endpoints in generate_series() for timestamps. 2022-04-20 18:08:15 -04:00
cache Don't call fwrite() with len == 0 when writing out relcache init file. 2022-03-23 13:13:20 -07:00
error Log the location field before any backtrace 2020-07-10 08:31:48 +02:00
fmgr Fix broken ruleutils support for function TRANSFORM clauses. 2021-01-25 13:03:11 -05:00
hash Initial pgindent and pgperltidy run for v13. 2020-05-14 13:06:50 -04:00
init Make relation-enumerating operations be security-restricted operations. 2022-05-09 08:35:12 -07:00
mb Dial back -Wimplicit-fallthrough to level 3 2020-05-13 15:31:14 -04:00
misc Fix breakage of get_ps_display() in the PS_USE_NONE case. 2022-03-27 12:57:57 -04:00
mmgr Fix Portal snapshot tracking to handle subtransactions properly. 2021-10-01 11:10:12 -04:00
resowner Improve performance of "simple expressions" in PL/pgSQL. 2020-03-26 18:58:57 -04:00
sort Fix CLUSTER tuplesorts on abbreviated expressions. 2022-04-20 17:17:39 -07:00
time Clean up assorted failures under clang's -fsanitize=undefined checks. 2022-03-03 18:13:24 -05:00
.gitignore Rearrange makefile rules for running Gen_fmgrtab.pl. 2018-05-03 17:54:18 -04:00
errcodes.txt Make SQL/JSON error code names match SQL standard 2020-04-30 09:34:54 +02:00
Gen_dummy_probes.pl Emit dummy statements for probes.d probes when disabled 2021-05-10 13:56:21 +02:00
Gen_dummy_probes.sed Emit dummy statements for probes.d probes when disabled 2021-05-10 13:56:21 +02:00
Gen_fmgrtab.pl Use perl warnings pragma consistently 2020-04-13 11:55:45 -04:00
generate-errcodes.pl Update copyrights for 2020 2020-01-01 12:21:45 -05:00
Makefile Update copyrights for 2020 2020-01-01 12:21:45 -05:00
probes.d Update copyrights for 2020 2020-01-01 12:21:45 -05:00