From b6463ea6ef3e46b32be96a23f3a9f47357847ce4 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Wed, 15 Jan 2025 16:53:53 +0100 Subject: [PATCH] Downgrade error in object_aclmask_ext() to internal The "does not exist" error in object_aclmask_ext() was written as ereport(), suggesting that it is user-facing. This is problematic: get_object_class_descr() is meant to be for internal errors only and does not support translation. For the has_xxx_privilege functions, the error has not been user-facing since commit 403ac226ddd. The remaining users are pg_database_size() and pg_tablespace_size(). The call stack here is pretty deep and this dependency is not obvious. Here we can put in an explicit existence check with a bespoke error message early in the function. Then we can downgrade the error in object_aclmask_ext() to a normal "cache lookup failed" internal error. Reviewed-by: Alvaro Herrera Discussion: https://www.postgresql.org/message-id/flat/da2f8942-be6d-48d0-ac1c-a053370a6b1f@eisentraut.org --- src/backend/catalog/aclchk.c | 10 ++-------- src/backend/utils/adt/dbsize.c | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index bd006931938..02a754cc30a 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -3004,10 +3004,6 @@ pg_aclmask(ObjectType objtype, Oid object_oid, AttrNumber attnum, Oid roleid, * Exported routines for examining a user's privileges for various objects * * See aclmask() for a description of the common API for these functions. - * - * Note: we give lookup failure the full ereport treatment because the - * has_xxx_privilege() family of functions allow users to pass any random - * OID to these functions. * **************************************************************** */ @@ -3074,10 +3070,8 @@ object_aclmask_ext(Oid classid, Oid objectid, Oid roleid, return 0; } else - ereport(ERROR, - (errcode(ERRCODE_UNDEFINED_OBJECT), - errmsg("%s with OID %u does not exist", - get_object_class_descr(classid), objectid))); + elog(ERROR, "cache lookup failed for %s %u", + get_object_class_descr(classid), objectid); } ownerId = DatumGetObjectId(SysCacheGetAttrNotNull(cacheid, diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c index e560fef6919..011d8d4da5a 100644 --- a/src/backend/utils/adt/dbsize.c +++ b/src/backend/utils/adt/dbsize.c @@ -170,6 +170,15 @@ pg_database_size_oid(PG_FUNCTION_ARGS) Oid dbOid = PG_GETARG_OID(0); int64 size; + /* + * Not needed for correctness, but avoid non-user-facing error message + * later if the database doesn't exist. + */ + if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(dbOid))) + ereport(ERROR, + errcode(ERRCODE_UNDEFINED_OBJECT), + errmsg("database with OID %u does not exist", dbOid)); + size = calculate_database_size(dbOid); if (size == 0) @@ -274,6 +283,15 @@ pg_tablespace_size_oid(PG_FUNCTION_ARGS) Oid tblspcOid = PG_GETARG_OID(0); int64 size; + /* + * Not needed for correctness, but avoid non-user-facing error message + * later if the tablespace doesn't exist. + */ + if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tblspcOid))) + ereport(ERROR, + errcode(ERRCODE_UNDEFINED_OBJECT), + errmsg("tablespace with OID %u does not exist", tblspcOid)); + size = calculate_tablespace_size(tblspcOid); if (size < 0)