On Tue, 10 Mar 2026 at 11:25, Jet <[email protected]> wrote: > > Hi Hackers, > > Recently, I notice a security risk when calling a function, it's strange but > also interesting. E.g. > > `array_to_text_null` is a bultin function with 3 args. Normally, the function > is working well. **BUT** > if we create another version `array_to_text_null` function, say > `harmful_array_to_string`, but with 2 args: [...] > And the we call the new function: [...] > It will cause the server crash~
Correct. This is expected behaviour: the "internal" and "c" languages are not 'trusted' languages, and therefore only superusers can create functions using these languages. It is the explicit responsibility of the superuser to make sure the functions they create using untrusted languages are correct and execute safely when called by PostgreSQL. Kind regards, Matthias van de Meent
