On Sat, 2005-04-30 at 16:17 -0400, Tom Lane wrote:
> An example that Elein put up yesterday:
> http://archives.postgresql.org/pgsql-general/2005-04/msg01384.php
> caused me to realize that type output functions that depend on
> additional arguments to determine what they are dealing with are
> fundamentally security holes. It is trivial to crash 8.0's record_out
> by lying to it about the rowtype of its first argument.
I was bitten by this a little while ago where I was running an
OidFunctionCall1(yes, 1) on typoutput's. Andrew on IRC pointed out that
calls to recordout out normally used a FunctionCall3, thus showing the
reason for the issue. Sometimes junk data in the heap signalled the
function to use it instead of the datum tuple's typoid, normally causing
a failed cache lookup. I figured it was somehow my fault, but I just
couldn't put my finger on it.(thanks again Andrew if you're on here)
I imagine this change will also help save others from that mistake as
well.
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?
http://archives.postgresql.org
