Revert "Avoid race condition between "GRANT role" and "DROP ROLE"".

This reverts commit 98fc31d649. That change allowed DROP OWNED BY to drop grants of the target role to other roles, arguing that nobody would need those privileges anymore. But that's not so: if you're not superuser, you still need admin privilege on the target role so you can drop it. It's not clear whether or how the dependency-based approach to solving the original problem can be adapted to keep these grants. Since v18 release is fast approaching, the sanest thing to do seems to be to revert this patch for now. The race-condition problem is low severity and not worth taking risks for. I didn't force a catversion bump in 98fc31d64, so I won't do so here either. Reported-by: Dipesh Dhameliya <dipeshdhameliya125@gmail.com> Author: Tom Lane <tgl@sss.pgh.pa.us> Discussion: https://postgr.es/m/CABgZEgczOFicCJoqtrH9gbYMe_BV3Hq8zzCBRcMgmU6LRsihUA@mail.gmail.com Backpatch-through: 18
2025-11-18 02:02:55 +03:00 · 2025-09-16 13:05:53 -04:00
parent c044b50d19
commit 8abbbbae61
4 changed files with 7 additions and 63 deletions
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@@ -30,7 +30,6 @@
 #include "commands/defrem.h"
 #include "commands/seclabel.h"
 #include "commands/user.h"
-#include "lib/qunique.h"
 #include "libpq/crypt.h"
 #include "miscadmin.h"
 #include "storage/lmgr.h"
@@ -490,7 +489,8 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
 	 * Advance command counter so we can see new record; else tests in
 	 * AddRoleMems may fail.
 	 */
-	CommandCounterIncrement();
+	if (addroleto || adminmembers || rolemembers)
+		CommandCounterIncrement();

 	/* Default grant. */
 	InitGrantRoleOptions(&popt);
@@ -1904,8 +1904,7 @@ AddRoleMems(Oid currentUserId, const char *rolename, Oid roleid,
 		else
 		{
 			Oid			objectId;
-			Oid		   *newmembers = (Oid *) palloc(3 * sizeof(Oid));
-			int			nnewmembers;
+			Oid		   *newmembers = palloc(sizeof(Oid));

 			/*
 			 * The values for these options can be taken directly from 'popt'.
@@ -1947,22 +1946,12 @@ AddRoleMems(Oid currentUserId, const char *rolename, Oid roleid,
 									new_record, new_record_nulls);
 			CatalogTupleInsert(pg_authmem_rel, tuple);

-			/*
-			 * Record dependencies on the roleid, member, and grantor, as if a
-			 * pg_auth_members entry were an object ACL.
-			 * updateAclDependencies() requires an input array that is
-			 * palloc'd (it will free it), sorted, and de-duped.
-			 */
-			newmembers[0] = roleid;
-			newmembers[1] = memberid;
-			newmembers[2] = grantorId;
-			qsort(newmembers, 3, sizeof(Oid), oid_cmp);
-			nnewmembers = qunique(newmembers, 3, sizeof(Oid), oid_cmp);
-
+			/* updateAclDependencies wants to pfree array inputs */
+			newmembers[0] = grantorId;
 			updateAclDependencies(AuthMemRelationId, objectId,
 								  0, InvalidOid,
 								  0, NULL,
-								  nnewmembers, newmembers);
+								  1, newmembers);
 		}

 		/* CCI after each change, in case there are duplicates in list */