upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-18 10:09:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/test
History
Nathan Bossart 9cc2b62894 Fix privilege checks in pg_stats_ext and pg_stats_ext_exprs. 
The catalog view pg_stats_ext fails to consider privileges for
expression statistics.  The catalog view pg_stats_ext_exprs fails
to consider privileges and row-level security policies.  To fix,
restrict the data in these views to table owners or roles that
inherit privileges of the table owner.  It may be possible to apply
less restrictive privilege checks in some cases, but that is left
as a future exercise.  Furthermore, for pg_stats_ext_exprs, do not
return data for tables with row-level security enabled, as is
already done for pg_stats_ext.

On the back-branches, a fix-CVE-2024-4317.sql script is provided
that will install into the "share" directory.  This file can be
used to apply the fix to existing clusters.

Bumps catversion on 'master' branch only.

Reported-by: Lukas Fittl
Reviewed-by: Noah Misch, Tomas Vondra, Tom Lane
Security: CVE-2024-4317
Backpatch-through: 14
2024-05-06 09:00:13 -05:00
..
authentication Replace Test::More plans with done_testing 2022-02-11 20:54:44 +01:00
examples Update copyright for 2022 2022-01-07 19:04:57 -05:00
icu Fix icu tests with C locale 2022-09-19 15:39:49 -04:00
isolation Fix handling of self-modified tuples in MERGE. 2024-03-07 09:53:31 +00:00
kerberos Don't clobber test exit code at cleanup in LDAP/Kerberors tests 2024-04-07 20:22:28 +03:00
ldap Don't clobber test exit code at cleanup in LDAP/Kerberors tests 2024-04-07 20:22:28 +03:00
locale pycodestyle (PEP 8) cleanup in Python scripts 2022-03-09 10:54:20 +01:00
mb Fix MB regression tests for WAL-logging of hash indexes. 2017-03-15 07:25:36 -04:00
modules Allow new role 'regress_dump_login_role' to log in under SSPI. 2023-11-14 00:31:39 -05:00
perl Don't trust unvalidated xl_tot_len. 2023-09-23 10:28:12 +12:00
recovery freespace: Don't return blocks past the end of the main fork. 2024-04-13 08:35:20 -07:00
regress Fix privilege checks in pg_stats_ext and pg_stats_ext_exprs. 2024-05-06 09:00:13 -05:00
ssl Use BIO_{get,set}_app_data instead of BIO_{get,set}_data. 2023-11-28 12:34:03 -05:00
subscription Back-patch test modifications that were done as part of b6df0798a5. 2024-02-26 09:17:28 +05:30
Makefile Add option to use ICU as global locale provider 2022-03-17 11:13:16 +01:00
README Remove the option to build thread_test.c outside configure. 2020-10-21 12:08:48 -04:00

README 

PostgreSQL tests
================

This directory contains a variety of test infrastructure as well as some of the
tests in PostgreSQL. Not all tests are here -- in particular, there are more in
individual contrib/ modules and in src/bin.

Not all these tests get run by "make check". Check src/test/Makefile to see
which tests get run automatically.

authentication/
  Tests for authentication (but see also below)

examples/
  Demonstration programs for libpq that double as regression tests via
  "make check"

isolation/
  Tests for concurrent behavior at the SQL level

kerberos/
  Tests for Kerberos/GSSAPI authentication and encryption

ldap/
  Tests for LDAP-based authentication

locale/
  Sanity checks for locale data, encodings, etc

mb/
  Tests for multibyte encoding (UTF-8) support

modules/
  Extensions used only or mainly for test purposes, generally not suitable
  for installing in production databases

perl/
  Infrastructure for Perl-based TAP tests

recovery/
  Test suite for recovery and replication

regress/
  PostgreSQL's main regression test suite, pg_regress

ssl/
  Tests to exercise and verify SSL certificate handling

subscription/
  Tests for logical replication