Just like selecting from a view is exploitable (CVE-2024-7348),
selecting from a table with virtual generated columns is exploitable.
Users who are concerned about this can avoid selecting from views, but
telling them to avoid selecting from tables is less practical.
To address this, this changes it so that generation expressions for
virtual generated columns are restricted to using built-in functions
and types, and the columns are restricted to having a built-in type.
We assume that built-in functions and types cannot be exploited for
this purpose.
In the future, this could be expanded by some new mechanism to declare
other functions and types as safe or trusted for this purpose, but
that is to be designed.
(An alternative approach might have been to expand the
restrict_nonsystem_relation_kind GUC to handle this, like the fix for
CVE-2024-7348. But that is kind of an ugly approach. That fix had to
fit in the constraints of fixing an ancient vulnerability in all
branches. Since virtual generated columns are new, we're free from
the constraints of the past, and we can and should use cleaner
options.)
Reported-by: Feike Steenbergen <feikesteenbergen@gmail.com>
Reviewed-by: jian he <jian.universality@gmail.com>
Discussion: https://www.postgresql.org/message-id/flat/CAK_s-G2Q7de8Q0qOYUR%3D_CTB5FzzVBm5iZjOp%2BmeVWpMpmfO0w%40mail.gmail.com
<!-- doc/src/sgml/README.non-ASCII -->
Representation of non-ASCII characters
--------------------------------------
Find non-ASCII characters using:
grep --recursive --color='auto' -P '[\x80-\xFF]' .
Convert to HTML4 named entity (&) escapes
-----------------------------------------
We support several output formats:
* html (supports all Unicode characters)
* man (supports all Unicode characters)
* pdf (supports only Latin-1 characters)
* info
While some output formatting tools support all Unicode characters,
others only support Latin-1 characters. Specifically, the PDF rendering
engine can only display Latin-1 characters; non-Latin-1 Unicode
characters are displayed as "###".
Therefore, in the SGML files, we can only use Latin-1 characters. We
can use UTF8 representations of Latin-1 characters, or HTML entities of
Latin-1 characters, e.g., Álvaro.
Do not use UTF numeric character escapes (&#nnn;).
When building the PDF docs, problem characters will appear as warnings.
HTML entities
official: http://www.w3.org/TR/html4/sgml/entities.html
one page: http://www.zipcon.net/~swhite/docs/computers/browsers/entities_page.html
other lists: http://www.zipcon.net/~swhite/docs/computers/browsers/entities.html
http://www.zipcon.net/~swhite/docs/computers/browsers/entities_page.html
https://en.wikipedia.org/wiki/List_of_XML_and_HTML_character_entity_references
0cd69b3d7e