pgsql: Add permission check for MERGE/SPLIT partition operations
Add permission check for MERGE/SPLIT partition operations Currently, we check only owner permission for the parent table before MERGE/SPLIT partition operations. This leads to a security hole when users can get access to the data of partitions without permission. This commit fixes this problem by requiring owner permission on all the partitions involved. Reported-by: Alexander Lakhin Discussion: https://postgr.es/m/0520c72e-8d97-245e-53f9-173beca2ab2e%40gmail.com Author: Dmitry Koval, Alexander Korotkov Branch -- master Details --- https://git.postgresql.org/pg/commitdiff/3ca43dbbb67fbfb96dec8de2e268b96790555148 Modified Files -- src/backend/parser/parse_utilcmd.c| 5 src/test/regress/expected/partition_merge.out | 29 +++ src/test/regress/expected/partition_split.out | 29 +++ src/test/regress/sql/partition_merge.sql | 33 +++ src/test/regress/sql/partition_split.sql | 33 +++ 5 files changed, 129 insertions(+)
pgsql: Skip citext_utf8 test on Windows.
Skip citext_utf8 test on Windows. On other Windows build farm animals it is already skipped because they don't use UTF-8 encoding. On "hamerkop", UTF-8 is used, and then the test fails. It is not clear to me (a non-Windows person looking only at buildfarm evidence) whether Windows is less sophisticated than other OSes and doesn't know how to downcase Turkish İ with the standard Unicode database, or if it is more sophisticated than other systems and uses locale-specific behavior like ICU does. Whichever the reason, the result is the same: we need to skip the test on Windows, just as we already do for ICU, at least until a Windows-savvy developer comes up with a better idea. The technique for detecting the OS is borrowed from collate.windows.win1252.sql. This was anticipated by commit c2e8bd27, but the problem only surfaced when Windows build farm animals started using Meson. Reviewed-by: Tom Lane Discussion: https://postgr.es/m/CA%2BhUKGJ1LeC3aE2qQYTK95rFVON3ZVoTQpTKJqxkHdtEyawH4A%40mail.gmail.com Branch -- master Details --- https://git.postgresql.org/pg/commitdiff/cff4e5a36bfe1191a688c5eaff7ba095588ba732 Modified Files -- contrib/citext/expected/citext_utf8.out | 3 +++ contrib/citext/expected/citext_utf8_1.out | 3 +++ contrib/citext/sql/citext_utf8.sql| 3 +++ 3 files changed, 9 insertions(+)
pgsql: injection_points: Store runtime conditions in private area
injection_points: Store runtime conditions in private area This commit fixes a race condition between injection point run and detach, where a point detached by a backend and concurrently running in a second backend could cause the second backend to do an incorrect condition check. This issue happens because the second backend retrieves the callback information in a first step in the shmem hash table for injection points, and the condition in a second step within the callback. If the point is detached between these two steps, the condition would be removed, causing the point to run while it should not. Storing the condition in the new private_data area introduced in 33181b48fd0e ensures that the condition retrieved is consistent with its callback. This commit leads to a lot of simplifications in the module injection_points, as there is no need to handle the runtime conditions inside it anymore. Runtime conditions have no more a maximum number. Per discussion with Noah Misch. Reviewed-by: Noah Misch Discussion: https://postgr.es/m/20240509031553...@rfd.leadboat.com Branch -- master Details --- https://git.postgresql.org/pg/commitdiff/267d41dc4f4184525353db4069709cfb3df02ceb Modified Files -- .../modules/injection_points/injection_points.c| 173 +++-- src/tools/pgindent/typedefs.list | 1 + 2 files changed, 61 insertions(+), 113 deletions(-)
pgsql: Introduce private data area for injection points
Introduce private data area for injection points This commit extends the backend-side infrastructure of injection points so as it becomes possible to register some input data when attaching a point. This private data can be registered with the function name and the library name of the callback when attaching a point, then it is given as input argument to the callback. This gives the possibility for modules to pass down custom data at runtime when attaching a point without managing that internally, in a manner consistent with the callback entry retrieved from the hash shmem table storing the injection point data. InjectionPointAttach() gains two arguments, to be able to define the private data contents and its size. A follow-up commit will rely on this infrastructure to close a race condition with the injection point detach in the module injection_points. While on it, this changes InjectionPointDetach() to return a boolean, returning false if a point cannot be detached. This has been mentioned by Noah as useful when it comes to implement more complex tests with concurrent point detach, solid with the automatic detach done for local points in the test module. Documentation is adjusted in consequence. Per discussion with Noah Misch. Reviewed-by: Noah Misch Discussion: https://postgr.es/m/20240509031553...@rfd.leadboat.com Branch -- master Details --- https://git.postgresql.org/pg/commitdiff/33181b48fd0ee62bc0a9e39291d5a5c4f8540354 Modified Files -- doc/src/sgml/xfunc.sgml| 14 -- src/backend/utils/misc/injection_point.c | 55 +- src/include/utils/injection_point.h| 9 ++-- .../injection_points/expected/injection_points.out | 2 +- .../modules/injection_points/injection_points.c| 22 + 5 files changed, 74 insertions(+), 28 deletions(-)
