Hi, On 2024-04-18 10:33:30 +0200, Peter Eisentraut wrote: > > Attached are fixes for struct option and a few more occurrences I've found > > with a bit of grepping. > > These look good to me.
Thoughts about when to apply these? Arguably they're fixing mildly broken code, making it appropriate to fix in 17, but it's also something that we could end up fixing for a while... There are some variations of this that are a bit harder to fix, btw. We have objdump -j .data -t src/backend/postgres|sort -k5 ... 0000000001474d00 g O .data 00000000000015f0 ConfigureNamesReal 0000000001479a80 g O .data 0000000000001fb0 ConfigureNamesEnum 0000000001476300 g O .data 0000000000003778 ConfigureNamesString ... 00000000014682e0 g O .data 0000000000005848 ConfigureNamesBool 000000000146db40 g O .data 00000000000071c0 ConfigureNamesInt Not that thta's all *that* much these days, but it's still pretty silly to use ~80kB of memory in every postgres instance just because we didn't set conf->gen.vartype = PGC_BOOL; etc at compile time. Large modifiable arrays with callbacks are also quite useful for exploitation, as one doesn't need to figure out precise addresses. Greetings, Andres Freund