Re: CVE-2017-7484-induced bugs, or, btree cmp functions are not leakproof?

Amit Langote <amitlangote09@gmail.com>

From: Amit Langote <amitlangote09@gmail.com>
To: Dilip Kumar <dilipbalaut@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Amit Langote <Langote_Amit_f8@lab.ntt.co.jp>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2019-09-05T09:56:29Z
Lists: pgsql-hackers

Attachments

On Thu, Sep 5, 2019 at 6:33 PM Dilip Kumar <dilipbalaut@gmail.com> wrote:
>   /*
> + * For inheritance child relations, we also need to remember
> + * the root parent.
> + */
> + if (parent->rtekind == RTE_RELATION)
> + rel->inh_root_relid = parent->inh_root_relid > 0 ?
> + parent->inh_root_relid :
> + parent->relid;
> + else
> + /* Child relation of flattened UNION ALL subquery. */
> + rel->inh_root_relid = relid;
>
> With the current changes, parent->inh_root_relid will always be > 0 so
> (parent->inh_root_relid > 0) condition doesn't make sence. Right?

Oops, you're right.  It should be:

if (parent->rtekind == RTE_RELATION)
    rel->inh_root_relid = parent->inh_root_relid;
else
    rel->inh_root_relid = relid;

Updated patch attached.

Thanks,
Amit

Commits

  1. Allow access to child table statistics if user can read parent table.

  2. Mark built-in btree comparison functions as leakproof where it's safe.