Prevent privilege escalation in explicit calls to PL validators.
Noah Misch <noah@leadboat.com>
Prevent privilege escalation in explicit calls to PL validators. The primary role of PL validators is to be called implicitly during CREATE FUNCTION, but they are also normal functions that a user can call explicitly. Add a permissions check to each validator to ensure that a user cannot use explicit validator calls to achieve things he could not otherwise achieve. Back-patch to 8.4 (all supported versions). Non-core procedural language extensions ought to make the same two-line change to their own validators. Andres Freund, reviewed by Tom Lane and Noah Misch. Security: CVE-2014-0061
Files
| Path | Change | +/− |
|---|---|---|
| doc/src/sgml/plhandler.sgml | modified | +4 −1 |
| src/backend/catalog/pg_proc.c | modified | +9 −0 |
| src/backend/commands/functioncmds.c | modified | +0 −1 |
| src/backend/utils/fmgr/fmgr.c | modified | +84 −0 |
| src/include/fmgr.h | modified | +1 −0 |
| src/pl/plperl/plperl.c | modified | +4 −0 |
| src/pl/plpgsql/src/pl_handler.c | modified | +3 −0 |
| src/pl/plpython/plpy_main.c | modified | +4 −0 |