Check that aggregate creator has the right to execute the transition

functions of the aggregate, at both aggregate creation and execution times.

src/backend/catalog/pg_aggregate.c

@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_aggregate.c,v 1.56 2002/09/18 21:35:20 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/catalog/pg_aggregate.c,v 1.56.2.1 2005/01/27 23:43:34 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -22,10 +22,13 @@
 #include "catalog/pg_aggregate.h"
 #include "catalog/pg_language.h"
 #include "catalog/pg_proc.h"
+#include "miscadmin.h"
 #include "optimizer/cost.h"
 #include "parser/parse_coerce.h"
 #include "parser/parse_func.h"
+#include "utils/acl.h"
 #include "utils/builtins.h"
+#include "utils/lsyscache.h"
 #include "utils/syscache.h"
 
 
@@ -46,6 +49,7 @@ AggregateCreate(const char *aggName,
 	char		nulls[Natts_pg_aggregate];
 	Datum		values[Natts_pg_aggregate];
 	Form_pg_proc proc;
+	AclResult	aclresult;
 	Oid			transfn;
 	Oid			finalfn = InvalidOid;	/* can be omitted */
 	Oid			finaltype;
@@ -100,6 +104,11 @@ AggregateCreate(const char *aggName,
 	}
 	ReleaseSysCache(tup);
 
+	/* Check aggregate creator has permission to call the function */
+	aclresult = pg_proc_aclcheck(transfn, GetUserId(), ACL_EXECUTE);
+	if (aclresult != ACLCHECK_OK)
+		aclcheck_error(aclresult, get_func_name(transfn));
+
 	/* handle finalfn, if supplied */
 	if (aggfinalfnName)
 	{
@@ -116,6 +125,11 @@ AggregateCreate(const char *aggName,
 		proc = (Form_pg_proc) GETSTRUCT(tup);
 		finaltype = proc->prorettype;
 		ReleaseSysCache(tup);
+
+		/* Check aggregate creator has permission to call the function */
+		aclresult = pg_proc_aclcheck(finalfn, GetUserId(), ACL_EXECUTE);
+		if (aclresult != ACLCHECK_OK)
+			aclcheck_error(aclresult, get_func_name(finalfn));
 	}
 	else
 	{

src/backend/executor/nodeAgg.c

@@ -46,7 +46,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.90 2002/11/01 19:33:09 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.90.2.1 2005/01/27 23:43:45 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -56,6 +56,7 @@
 #include "access/heapam.h"
 #include "catalog/pg_aggregate.h"
 #include "catalog/pg_operator.h"
+#include "catalog/pg_proc.h"
 #include "executor/executor.h"
 #include "executor/nodeAgg.h"
 #include "miscadmin.h"
@@ -903,6 +904,33 @@ ExecInitAgg(Agg *node, EState *estate, Plan *parent)
 		peraggstate->transfn_oid = transfn_oid = aggform->aggtransfn;
 		peraggstate->finalfn_oid = finalfn_oid = aggform->aggfinalfn;
 
+		/* Check that aggregate owner has permission to call component fns */
+		{
+			HeapTuple	procTuple;
+			AclId		aggOwner;
+
+			procTuple = SearchSysCache(PROCOID,
+									   ObjectIdGetDatum(aggref->aggfnoid),
+									   0, 0, 0);
+			if (!HeapTupleIsValid(procTuple))
+				elog(ERROR, "cache lookup failed for function %u",
+					 aggref->aggfnoid);
+			aggOwner = ((Form_pg_proc) GETSTRUCT(procTuple))->proowner;
+			ReleaseSysCache(procTuple);
+
+			aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
+										 ACL_EXECUTE);
+			if (aclresult != ACLCHECK_OK)
+				aclcheck_error(aclresult, get_func_name(transfn_oid));
+			if (OidIsValid(finalfn_oid))
+			{
+				aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
+											 ACL_EXECUTE);
+				if (aclresult != ACLCHECK_OK)
+					aclcheck_error(aclresult, get_func_name(finalfn_oid));
+			}
+		}
+
 		fmgr_info(transfn_oid, &peraggstate->transfn);
 		if (OidIsValid(finalfn_oid))
 			fmgr_info(finalfn_oid, &peraggstate->finalfn);