postgres

mirror of https://github.com/postgres/postgres.git synced 2025-04-21 12:05:57 +03:00

History

Noah Misch 01e8182c73 Replace last PushOverrideSearchPath() call with set_config_option().

The two methods don't cooperate, so set_config_option("search_path",
...) has been ineffective under non-empty overrideStack.  This defect
enabled an attacker having database-level CREATE privilege to execute
arbitrary code as the bootstrap superuser.  While that particular attack
requires v13+ for the trusted extension attribute, other attacks are
feasible in all supported versions.

Standardize on the combination of NewGUCNestLevel() and
set_config_option("search_path", ...).  It is newer than
PushOverrideSearchPath(), more-prevalent, and has no known
disadvantages.  The "override" mechanism remains for now, for
compatibility with out-of-tree code.  Users should update such code,
which likely suffers from the same sort of vulnerability closed here.
Back-patch to v11 (all supported versions).

Alexander Lakhin.  Reported by Alexander Lakhin.

Security: CVE-2023-2454

2023-05-08 06:14:11 -07:00

data

Modify the float4 datatype to be pass-by-val. Along the way, remove the last

2008-04-18 18:43:09 +00:00

expected

Replace last PushOverrideSearchPath() call with set_config_option().

2023-05-08 06:14:11 -07:00

sql

Replace last PushOverrideSearchPath() call with set_config_option().

2023-05-08 06:14:11 -07:00

.gitignore

Support "make check" in contrib