Refactor permissions checks for large objects.

Up to now, ACL checks for large objects happened at the level of the SQL-callable functions, which led to CVE-2017-7548 because of a missing check. Push them down to be enforced in inv_api.c as much as possible, in hopes of preventing future bugs. This does have the effect of moving read and write permission errors to happen at lo_open time not loread or lowrite time, but that seems acceptable. Michael Paquier and Tom Lane Discussion: https://postgr.es/m/CAB7nPqRHmNOYbETnc_2EjsuzSM00Z+BWKv9sy6tnvSd5gWT_JA@mail.gmail.com
2025-07-05 07:21:24 +03:00 · 2017-11-09 12:56:07 -05:00
parent 5ecc0d738e
commit ae20b23a9e
6 changed files with 118 additions and 112 deletions
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@ -43,7 +43,6 @@
 #include "commands/trigger.h"
 #include "funcapi.h"
 #include "libpq/auth.h"
-#include "libpq/be-fsstubs.h"
 #include "libpq/libpq.h"
 #include "libpq/pqformat.h"
 #include "miscadmin.h"
@ -71,6 +70,7 @@
 #include "storage/dsm_impl.h"
 #include "storage/standby.h"
 #include "storage/fd.h"
+#include "storage/large_object.h"
 #include "storage/pg_shmem.h"
 #include "storage/proc.h"
 #include "storage/predicate.h"
@ -4900,7 +4900,7 @@ ResetAllOptions(void)

 					if (conf->assign_hook)
 						conf->assign_hook(conf->reset_val,
-											  conf->reset_extra);
+										  conf->reset_extra);
 					*conf->variable = conf->reset_val;
 					set_extra_field(&conf->gen, &conf->gen.extra,
 									conf->reset_extra);
@ -4912,7 +4912,7 @@ ResetAllOptions(void)

 					if (conf->assign_hook)
 						conf->assign_hook(conf->reset_val,
-											  conf->reset_extra);
+										  conf->reset_extra);
 					*conf->variable = conf->reset_val;
 					set_extra_field(&conf->gen, &conf->gen.extra,
 									conf->reset_extra);
@ -4924,7 +4924,7 @@ ResetAllOptions(void)

 					if (conf->assign_hook)
 						conf->assign_hook(conf->reset_val,
-											  conf->reset_extra);
+										  conf->reset_extra);
 					*conf->variable = conf->reset_val;
 					set_extra_field(&conf->gen, &conf->gen.extra,
 									conf->reset_extra);
@ -4936,7 +4936,7 @@ ResetAllOptions(void)

 					if (conf->assign_hook)
 						conf->assign_hook(conf->reset_val,
-											  conf->reset_extra);
+										  conf->reset_extra);
 					set_string_field(conf, conf->variable, conf->reset_val);
 					set_extra_field(&conf->gen, &conf->gen.extra,
 									conf->reset_extra);
@ -4948,7 +4948,7 @@ ResetAllOptions(void)

 					if (conf->assign_hook)
 						conf->assign_hook(conf->reset_val,
-											  conf->reset_extra);
+										  conf->reset_extra);
 					*conf->variable = conf->reset_val;
 					set_extra_field(&conf->gen, &conf->gen.extra,
 									conf->reset_extra);