upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-12 04:26:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
Base de données relationnelle
54610 commits 38 branches 679 tags 838 MiB
C 84.5%
PLpgSQL 6.1%
Perl 4.9%
Yacc 1.2%
Meson 0.7%
Other 2.4%
Find a file
Dean Rasheed cb2ae5741f Fix RLS policy usage in MERGE. 
If MERGE executes an UPDATE action on a table with row-level security,
the code incorrectly applied the WITH CHECK clauses from the target
table's INSERT policies to new rows, instead of the clauses from the
table's UPDATE policies. In addition, it failed to check new rows
against the target table's SELECT policies, if SELECT permissions were
required (likely to always be the case).

In addition, if MERGE executes a DO NOTHING action for matched rows,
the code incorrectly applied the USING clauses from the target table's
DELETE policies to existing target tuples. These policies were applied
as checks that would throw an error, if they did not pass.

Fix this, so that a MERGE UPDATE action applies the same RLS policies
as a plain UPDATE query with a WHERE clause, and a DO NOTHING action
does not apply any RLS checks (other than adding clauses from SELECT
policies to the join).

Back-patch to v15, where MERGE was introduced.

Dean Rasheed, reviewed by Stephen Frost.

Security: CVE-2023-39418
2023-08-07 09:24:27 +01:00
config Use --strip-unneeded when stripping static libraries with GNU strip. 2023-04-20 18:12:48 -04:00
contrib Disallow replacing joins with scans in problematic cases. 2023-07-28 15:45:02 +09:00
doc Release notes for 15.4, 14.9, 13.12, 12.16, 11.21. 2023-08-05 16:47:04 -04:00
src Fix RLS policy usage in MERGE. 2023-08-07 09:24:27 +01:00
.cirrus.yml ci: Use windows VMs instead of windows containers 2023-02-02 21:31:48 -08:00
.dir-locals.el Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
.editorconfig Add .editorconfig 2019-12-18 09:13:13 +01:00
.git-blame-ignore-revs Backpatch addition of .git-blame-ignore-revs 2022-08-05 19:36:24 +02:00
.gitattributes Remove trailing whitespace from *.sgml files. 2022-04-20 11:04:49 -04:00
.gitignore Add portlock directory to .gitignore 2022-11-26 07:47:01 -05:00
aclocal.m4 Probe $PROVE not $PERL while checking for modules needed by TAP tests. 2021-11-22 12:54:52 -05:00
configure Stamp 15.3. 2023-05-08 17:13:20 -04:00
configure.ac Stamp 15.3. 2023-05-08 17:13:20 -04:00
COPYRIGHT Update copyright for 2023 2023-01-02 15:00:37 -05:00
GNUmakefile.in Remove temporary portlock directory during make [dist]clean. 2022-11-26 10:30:46 -05:00
HISTORY Canonicalize some URLs 2020-02-10 20:47:50 +01:00
Makefile Dynamically find correct installation docs in Makefile. 2022-01-19 14:48:25 +01:00
README Canonicalize some URLs 2020-02-10 20:47:50 +01:00
README.git Canonicalize some URLs 2020-02-10 20:47:50 +01:00

README 

PostgreSQL Database Management System
=====================================

This directory contains the source code distribution of the PostgreSQL
database management system.

PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
transactions, foreign keys, subqueries, triggers, user-defined types
and functions.  This distribution also contains C language bindings.

PostgreSQL has many language interfaces, many of which are listed here:

	https://www.postgresql.org/download/

See the file INSTALL for instructions on how to build and install
PostgreSQL.  That file also lists supported operating systems and
hardware platforms and contains information regarding any other
software packages that are required to build or run the PostgreSQL
system.  Copyright and license information can be found in the
file COPYRIGHT.  A comprehensive documentation set is included in this
distribution; it can be read as described in the installation
instructions.

The latest version of this software may be obtained at
https://www.postgresql.org/download/.  For more information look at our
web site located at https://www.postgresql.org/.