rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-07-18 15:21:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
eba939551a
postgresql/contrib
History
Heikki Linnakangas 8e56684d54 Fix permission checks on constraint violation errors on partitions. 
If a cross-partition UPDATE violates a constraint on the target partition,
and the columns in the new partition are in different physical order than
in the parent, the error message can reveal columns that the user does not
have SELECT permission on. A similar bug was fixed earlier in commit
804b6b6db4.

The cause of the bug is that the callers of the
ExecBuildSlotValueDescription() function got confused when constructing
the list of modified columns. If the tuple was routed from a parent, we
converted the tuple to the parent's format, but the list of modified
columns was grabbed directly from the child's RTE entry.

ExecUpdateLockMode() had a similar issue. That lead to confusion on which
columns are key columns, leading to wrong tuple lock being taken on tables
referenced by foreign keys, when a row is updated with INSERT ON CONFLICT
UPDATE. A new isolation test is added for that corner case.

With this patch, the ri_RangeTableIndex field is no longer set for
partitions that don't have an entry in the range table. Previously, it was
set to the RTE entry of the parent relation, but that was confusing.

NOTE: This modifies the ResultRelInfo struct, replacing the
ri_PartitionRoot field with ri_RootResultRelInfo. That's a bit risky to
backpatch, because it breaks any extensions accessing the field. The
change that ri_RangeTableIndex is not set for partitions could potentially
break extensions, too. The ResultRelInfos are visible to FDWs at least,
and this patch required small changes to postgres_fdw. Nevertheless, this
seem like the least bad option. I don't think these fields widely used in
extensions; I don't think there are FDWs out there that uses the FDW
"direct update" API, other than postgres_fdw. If there is, you will get a
compilation error, so hopefully it is caught quickly.

Backpatch to 11, where support for both cross-partition UPDATEs, and unique
indexes on partitioned tables, were added.

Reviewed-by: Amit Langote
Security: CVE-2021-3393
2021-02-08 11:01:55 +02:00
..
adminpack Read until EOF vice stat-reported size in read_binary_file 2020-07-04 06:28:21 -04:00
amcheck Fix amcheck child check pg_upgrade bug. 2020-09-16 10:42:28 -07:00
auth_delay Update copyrights for 2020 2020-01-01 12:21:45 -05:00
auto_explain Fix ancient memory leak in contrib/auto_explain. 2021-02-02 13:49:08 -05:00
bloom Implement operator class parameters 2020-03-30 19:17:23 +03:00
bool_plperl Fix broken ruleutils support for function TRANSFORM clauses. 2021-01-25 13:03:11 -05:00
btree_gin Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
btree_gist Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
citext Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
cube Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
dblink Initialize dblink remoteConn struct in all cases 2020-05-28 13:44:54 -04:00
dict_int Preserve integer and float values accurately in (de)serialize_deflist. 2020-03-10 12:30:02 -04:00
dict_xsyn Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
earthdistance Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
file_fdw Remove leftover comments, left behind by removal of WITH OIDS. 2020-11-30 10:29:18 +02:00
fuzzystrmatch Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
hstore Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
hstore_plperl Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
hstore_plpython Fix broken ruleutils support for function TRANSFORM clauses. 2021-01-25 13:03:11 -05:00
intagg Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
intarray Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
isn Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
jsonb_plperl Mark some contrib modules as "trusted". 2020-02-13 15:02:35 -05:00
jsonb_plpython In jsonb_plpython.c, suppress warning message from gcc 10. 2020-01-30 18:26:12 -05:00
lo Fix bogus CALLED_AS_TRIGGER() defenses. 2020-04-03 11:24:56 -04:00
ltree Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
ltree_plpython Improve error messages in ltree_in and lquery_in. 2020-03-31 11:14:42 -04:00
oid2name Report the true database name on connection errors 2021-01-26 16:42:13 -03:00
pageinspect Disable vacuum page skipping in selected test cases. 2021-01-20 11:49:29 -05:00
passwordcheck Update copyrights for 2020 2020-01-01 12:21:45 -05:00
pg_buffercache Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
pg_freespacemap Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
pg_prewarm Fix race condition between shutdown and unstarted background workers. 2020-12-24 17:00:43 -05:00
pg_standby pg_standby: Don't use HAVE_WORKING_LINK 2020-03-03 08:54:44 +01:00
pg_stat_statements doc: Spell checking 2020-07-05 15:38:14 +02:00
pg_trgm pg_trgm: fix crash in 2-item picksplit 2020-11-12 14:59:06 +00:00
pg_visibility Disable vacuum page skipping in selected test cases. 2021-01-20 11:49:29 -05:00
pgcrypto pgcrypto: Detect errors with EVP calls from OpenSSL 2020-12-08 15:22:38 +09:00
pgrowlocks Avoid holding a directory FD open across assorted SRF calls. 2020-03-16 21:05:52 -04:00
pgstattuple Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
postgres_fdw Fix permission checks on constraint violation errors on partitions. 2021-02-08 11:01:55 +02:00
seg Make contrib modules' installation scripts more secure. 2020-08-10 10:44:42 -04:00
sepgsql Fix cache reference leak in contrib/sepgsql. 2020-04-16 14:45:54 -04:00
spi Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
sslinfo Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
start-scripts Remove contrib/start-scripts/osx/. 2017-11-17 12:53:20 -05:00
tablefunc Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
tcn Mark some contrib modules as "trusted". 2020-02-13 15:02:35 -05:00
test_decoding Propagate ALTER TABLE ... SET STORAGE to indexes 2020-05-08 08:39:17 +02:00
tsm_system_rows Mark some contrib modules as "trusted". 2020-02-13 15:02:35 -05:00
tsm_system_time Mark some contrib modules as "trusted". 2020-02-13 15:02:35 -05:00
unaccent Update Unicode data to Unicode 13.0.0 and CLDR 37 2020-04-24 09:52:59 +02:00
uuid-ossp Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
vacuumlo Report the true database name on connection errors 2021-01-26 16:42:13 -03:00
xml2 Remove support for upgrading extensions from "unpackaged" state. 2020-02-19 16:59:14 -05:00
contrib-global.mk Respect TEMP_CONFIG when pg_regress_check and friends are called 2016-02-27 12:28:21 -05:00
Makefile Create contrib/bool_plperl to provide a bool transform for PL/Perl[U]. 2020-03-06 17:11:23 -05:00
README Rename 'gmake' to 'make' in docs and recommended commands 2014-02-12 17:29:19 -05:00

README 

The PostgreSQL contrib tree
---------------------------

This subtree contains porting tools, analysis utilities, and plug-in
features that are not part of the core PostgreSQL system, mainly
because they address a limited audience or are too experimental to be
part of the main source tree.  This does not preclude their
usefulness.

User documentation for each module appears in the main SGML
documentation.

When building from the source distribution, these modules are not
built automatically, unless you build the "world" target.  You can
also build and install them all by running "make all" and "make
install" in this directory; or to build and install just one selected
module, do the same in that module's subdirectory.

Some directories supply new user-defined functions, operators, or
types.  To make use of one of these modules, after you have installed
the code you need to register the new SQL objects in the database
system by executing a CREATE EXTENSION command.  In a fresh database,
you can simply do

    CREATE EXTENSION module_name;

See the PostgreSQL documentation for more information about this
procedure.