database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-12 21:01:52 +03:00
Code Activity

Ensure result of an aggregate's finalfunc is made read-only.

Browse Source 
The finalfunc might return a read-write expanded object.  If we
de-duplicate multiple call sites for the aggregate, any function(s)
receiving the aggregate result earlier could alter or destroy the
value that reaches the ones called later.  This is a brown-paper-bag
bug in commit 42b746d4c, because we actually considered the need
for read-only-ness but failed to realize that it applied to the case
with a finalfunc as well as the case without.

Per report from Justin Pryzby.  New error in HEAD,
no need for back-patch.

Discussion: https://postgr.es/m/ZDm5TuKsh3tzoEjz@telsasoft.com
This commit is contained in:
Tom Lane
2023-04-16 14:16:40 -04:00
parent 1c54b93a8c
commit 78d5952dd0
4 changed files with 96 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/backend/executor/nodeAgg.c
View File

@ -1040,9 +1040,10 @@ process_ordered_aggregate_multi(AggState *aggstate,
* (But note that in some cases, such as when there is no finalfn, the
* result might be a pointer to or into the agg's transition value.)
*
* The finalfn uses the state as set in the transno. This also might be
* The finalfn uses the state as set in the transno. This also might be
* being used by another aggregate function, so it's important that we do
* nothing destructive here.
* nothing destructive here. Moreover, the aggregate's final value might
* get used in multiple places, so we mustn't return a R/W expanded datum.
*/
static void
finalize_aggregate(AggState *aggstate,
@ -1116,8 +1117,13 @@ finalize_aggregate(AggState *aggstate,
}
else
{
*resultVal = FunctionCallInvoke(fcinfo);
Datum result;
result = FunctionCallInvoke(fcinfo);
*resultIsNull = fcinfo->isnull;
*resultVal = MakeExpandedObjectReadOnly(result,
fcinfo->isnull,
peragg->resulttypeLen);
}
aggstate->curperagg = NULL;
}
@ -1165,6 +1171,7 @@ finalize_partialaggregate(AggState *aggstate,
else
{
FunctionCallInfo fcinfo = pertrans->serialfn_fcinfo;
Datum result;
fcinfo->args[0].value =
MakeExpandedObjectReadOnly(pergroupstate->transValue,
@ -1173,8 +1180,11 @@ finalize_partialaggregate(AggState *aggstate,
fcinfo->args[0].isnull = pergroupstate->transValueIsNull;
fcinfo->isnull = false;
*resultVal = FunctionCallInvoke(fcinfo);
result = FunctionCallInvoke(fcinfo);
*resultIsNull = fcinfo->isnull;
*resultVal = MakeExpandedObjectReadOnly(result,
fcinfo->isnull,
peragg->resulttypeLen);
}
}
else