database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-07 00:36:50 +03:00
Code Activity

SQL/JSON: Correct jsonpath variable name matching

Browse Source 
Previously, GetJsonPathVar() allowed a jsonpath expression to
reference any prefix of a PASSING variable's name. For example, the
following query would incorrectly work:

SELECT JSON_QUERY(context_item, jsonpath '$xy' PASSING val AS xyz);

The fix ensures that the length of the variable name mentioned in a
jsonpath expression matches exactly with the name of the PASSING
variable before comparing the strings using strncmp().

Reported-by: Alvaro Herrera (off-list)
Discussion: https://postgr.es/m/CA+HiwqFGkLWMvELBH6E4SQ45qUHthgcRH6gCJL20OsYDRtFx_w@mail.gmail.com
This commit is contained in:
Amit Langote
2024-06-19 15:22:06 +09:00
parent 5e05a0e992
commit 0f271e8e8d
5 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/backend/executor/execExpr.c
View File

@ -4278,6 +4278,7 @@ ExecInitJsonExpr(JsonExpr *jsexpr, ExprState *state,
JsonPathVariable *var = palloc(sizeof(*var));
var->name = argname->sval;
var->namelen = strlen(var->name);
var->typid = exprType((Node *) argexpr);
var->typmod = exprTypmod((Node *) argexpr);

4
src/backend/utils/adt/jsonpath_exec.c
View File

@ -2994,7 +2994,8 @@ GetJsonPathVar(void *cxt, char *varName, int varNameLen,
{
JsonPathVariable *curvar = lfirst(lc);
if (!strncmp(curvar->name, varName, varNameLen))
if (curvar->namelen == varNameLen &&
strncmp(curvar->name, varName, varNameLen) == 0)
{
var = curvar;
break;
@ -4118,6 +4119,7 @@ JsonTableInitOpaque(TableFuncScanState *state, int natts)
JsonPathVariable *var = palloc(sizeof(*var));
var->name = pstrdup(name->sval);
var->namelen = strlen(var->name);
var->typid = exprType((Node *) state->expr);
var->typmod = exprTypmod((Node *) state->expr);

1
src/include/utils/jsonpath.h
View File

@ -287,6 +287,7 @@ extern bool jspConvertRegexFlags(uint32 xflags, int *result,
typedef struct JsonPathVariable
{
char *name;
int namelen; /* strlen(name) as cache for GetJsonPathVar() */
Oid typid;
int32 typmod;
Datum value;

11
src/test/regress/expected/sqljson_queryfuncs.out
View File

@ -1334,3 +1334,14 @@ SELECT json_value('"aaa"', path RETURNING json) FROM jsonpaths;
"aaa"
(1 row)
-- Test PASSING argument parsing
SELECT JSON_QUERY(jsonb 'null', '$xyz' PASSING 1 AS xy);
ERROR: could not find jsonpath variable "xyz"
SELECT JSON_QUERY(jsonb 'null', '$xy' PASSING 1 AS xyz);
ERROR: could not find jsonpath variable "xy"
SELECT JSON_QUERY(jsonb 'null', '$xyz' PASSING 1 AS xyz);
json_query
------------
1
(1 row)

5
src/test/regress/sql/sqljson_queryfuncs.sql
View File

@ -454,3 +454,8 @@ SELECT JSON_QUERY(NULL FORMAT JSON, '$');
-- Test non-const jsonpath
CREATE TEMP TABLE jsonpaths (path) AS SELECT '$';
SELECT json_value('"aaa"', path RETURNING json) FROM jsonpaths;
-- Test PASSING argument parsing
SELECT JSON_QUERY(jsonb 'null', '$xyz' PASSING 1 AS xy);
SELECT JSON_QUERY(jsonb 'null', '$xy' PASSING 1 AS xyz);
SELECT JSON_QUERY(jsonb 'null', '$xyz' PASSING 1 AS xyz);