From d6dbb6b283468a0686edb4ff3b18fe9722ab7cbd Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Wed, 1 Jan 2003 21:57:05 +0000 Subject: [PATCH] fastpath code neglected to check whether user has privileges to call the target function. Also, move SetQuerySnapshot() call to avoid assert failure when a fastpath call is attempted in an aborted transaction. --- src/backend/tcop/fastpath.c | 17 ++++++++++++++++- src/backend/tcop/postgres.c | 7 ++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c index 23cc25fc6d..d4bb1e3751 100644 --- a/src/backend/tcop/fastpath.c +++ b/src/backend/tcop/fastpath.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.54 2002/08/24 15:00:46 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.55 2003/01/01 21:57:05 tgl Exp $ * * NOTES * This cruft is the server side of PQfn. @@ -65,8 +65,10 @@ #include "libpq/libpq.h" #include "libpq/pqformat.h" #include "tcop/fastpath.h" +#include "utils/acl.h" #include "utils/lsyscache.h" #include "utils/syscache.h" +#include "utils/tqual.h" /* ---------------- @@ -221,6 +223,7 @@ HandleFunctionRequest(void) int argsize; int nargs; int tmp; + AclResult aclresult; FunctionCallInfoData fcinfo; Datum retval; int i; @@ -337,6 +340,18 @@ HandleFunctionRequest(void) elog(ERROR, "current transaction is aborted, " "queries ignored until end of transaction block"); + /* Check permission to call function */ + aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE); + if (aclresult != ACLCHECK_OK) + aclcheck_error(aclresult, get_func_name(fid)); + + /* + * Set up a query snapshot in case function needs one. (It is not safe + * to do this if we are in transaction-abort state, so we have to postpone + * it till now. Ugh.) + */ + SetQuerySnapshot(); + #ifdef NO_FASTPATH /* force a NULL return */ retval = (Datum) 0; diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c index 9ac2a052d6..44f163215b 100644 --- a/src/backend/tcop/postgres.c +++ b/src/backend/tcop/postgres.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.313 2002/12/06 05:00:26 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.314 2003/01/01 21:57:05 tgl Exp $ * * NOTES * this is the "main" module of the postgres backend and @@ -1781,7 +1781,7 @@ PostgresMain(int argc, char *argv[], const char *username) if (!IsUnderPostmaster) { puts("\nPOSTGRES backend interactive interface "); - puts("$Revision: 1.313 $ $Date: 2002/12/06 05:00:26 $\n"); + puts("$Revision: 1.314 $ $Date: 2003/01/01 21:57:05 $\n"); } /* @@ -1965,9 +1965,6 @@ PostgresMain(int argc, char *argv[], const char *username) /* start an xact for this function invocation */ start_xact_command(); - /* assume it may need a snapshot */ - SetQuerySnapshot(); - if (HandleFunctionRequest() == EOF) { /* lost frontend connection during F message input */