Re: CVE-2017-7484-induced bugs, or, btree cmp functions are not leakproof?
Amit Langote <amitlangote09@gmail.com>
From: Amit Langote <amitlangote09@gmail.com>
To: Dilip Kumar <dilipbalaut@gmail.com>
Cc: Amit Langote <Langote_Amit_f8@lab.ntt.co.jp>,
Tom Lane <tgl@sss.pgh.pa.us>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2019-07-17T09:08:48Z
Lists: pgsql-hackers
Attachments
- v2-0001-Use-root-parent-s-permissions-when-read-child-tab.patch (application/octet-stream) patch v2-0001
On Wed, Jul 10, 2019 at 2:43 PM Dilip Kumar <dilipbalaut@gmail.com> wrote: > On Wed, Jul 10, 2019 at 10:15 AM Amit Langote <amitlangote09@gmail.com> wrote: > > Thanks for checking. There has been a lot of churn in the inheritance > > planning code since my last email on this thread, so I'd like to > > reconsider. I'm busy this week with some things, so I'll try posting > > something on next Tuesday. > > > Sounds good. I looked at this today and concluded that the problem and the patches discussed here are fairly isolated from inheritance planning changes committed to PG 12. I've combined the two patches into one. I tried to think up test cases to go with the code changes, but couldn't come up with one. Thanks, Amit
Commits
-
Allow access to child table statistics if user can read parent table.
- 553d2ec2710b 13.0 landed
- 21a4edd1281d 12.2 landed
- 1d9056f563f3 11.7 landed
-
Mark built-in btree comparison functions as leakproof where it's safe.
- 39a96512b3ed 12.0 landed