refint: Fix SQL injection and buffer overruns.

Nathan Bossart <nathan@postgresql.org>

Commit: 710995782fa388f3878a86e1d9ed68db8abc4276
Author: Nathan Bossart <nathan@postgresql.org>
Committer: Noah Misch <noah@leadboat.com>
Date: 2026-05-11T12:13:50Z
Releases: 16.14
refint: Fix SQL injection and buffer overruns.

Maliciously crafted key value updates could achieve SQL injection
within check_foreign_key().  To fix, ensure new key values are
properly quoted and escaped in the internally generated SQL
statements.  While at it, avoid potential buffer overruns by
replacing the stack buffers for internally generated SQL statements
with StringInfo.

Reported-by: Nikolay Samokhvalov <nik@postgres.ai>
Author: Nathan Bossart <nathandbossart@gmail.com>
Reviewed-by: Noah Misch <noah@leadboat.com>
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Fujii Masao <masao.fujii@gmail.com>
Security: CVE-2026-6637
Backpatch-through: 14

Files

PathChange+/−
contrib/spi/refint.c modified +38 −46