database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-13 07:41:39 +03:00
Code Activity

Add safety check on expression nesting depth. Default value is set by

Browse Source 
a config.h #define, and the runtime value can be controlled via SET.
This commit is contained in:
Tom Lane
2000-03-17 05:29:07 +00:00
parent 341b328b18
commit 0e314d747e
7 changed files with 143 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/backend/parser/parse_expr.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/parser/parse_expr.c,v 1.73 2000/03/14 23:06:32 thomas Exp $
* $Header: /cvsroot/pgsql/src/backend/parser/parse_expr.c,v 1.74 2000/03/17 05:29:05 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@ -32,6 +32,11 @@
#include "utils/builtins.h"
#include "utils/syscache.h"
int max_expr_depth = DEFAULT_MAX_EXPR_DEPTH;
static int expr_depth_counter = 0;
static Node *parser_typecast_constant(Value *expr, TypeName *typename);
static Node *parser_typecast_expression(ParseState *pstate,
Node *expr, TypeName *typename);
@ -40,6 +45,20 @@ static Node *transformIdent(ParseState *pstate, Ident *ident, int precedence);
static Node *transformIndirection(ParseState *pstate, Node *basenode,
List *indirection);
/*
* Initialize for parsing a new query.
*
* We reset the expression depth counter here, in case it was left nonzero
* due to elog()'ing out of the last parsing operation.
*/
void
parse_expr_init(void)
{
expr_depth_counter = 0;
}
/*
* transformExpr -
* analyze and transform expressions. Type checking and type casting is
@ -55,6 +74,17 @@ transformExpr(ParseState *pstate, Node *expr, int precedence)
if (expr == NULL)
return NULL;
/*
* Guard against an overly complex expression leading to coredump
* due to stack overflow here, or in later recursive routines that
* traverse expression trees. Note that this is very unlikely to
* happen except with pathological queries; but we don't want someone
* to be able to crash the backend quite that easily...
*/
if (++expr_depth_counter > max_expr_depth)
elog(ERROR, "Expression too complex: nesting depth exceeds max_expr_depth = %d",
max_expr_depth);
switch (nodeTag(expr))
{
case T_Attr:
@ -532,6 +562,8 @@ transformExpr(ParseState *pstate, Node *expr, int precedence)
break;
}
expr_depth_counter--;
return result;
}