Re: CVE-2017-7484-induced bugs, or, btree cmp functions are not leakproof?

Dilip Kumar <dilipbalaut@gmail.com>

From: Dilip Kumar <dilipbalaut@gmail.com>
To: Amit Langote <Langote_Amit_f8@lab.ntt.co.jp>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Amit Langote <amitlangote09@gmail.com>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2019-07-10T04:14:37Z
Lists: pgsql-hackers
On Fri, Nov 2, 2018 at 1:34 PM Amit Langote
<Langote_Amit_f8@lab.ntt.co.jp> wrote:
>
> On 2018/11/01 20:34, Dilip Kumar wrote:
> > On Mon, Oct 29, 2018 at 2:53 PM Amit Langote wrote:
> >> Anyway, why don't we just use the child table's AppendRelInfo to get the
> >> parent's version of varattno instead of creating a new function?  It can
> >> be done as shown in the attached revised version of the portion of the
> >> patch changing selfuncs.c.  Please take a look.
> >
> > +1
>
> Okay, here are two patches:
>
> 0001 adds a new RelOptInfo member inh_root_parent that's set for
> inheritance child otherrels and contains the RT index of the inheritance
> parent table mentioned in the query from which they originated.
>
> 0002 is your patch that modifies examine_variable, etc. to use the
> permissions granted on parent before reading stats on otherrel inheritance
> child tables. I've added your name as the author in the 2nd patch.
>

I have looked into the patches and these look fine to me.  I have also
added it to the next commitfest.

-- 
Regards,
Dilip Kumar
EnterpriseDB: http://www.enterprisedb.com



Commits

  1. Allow access to child table statistics if user can read parent table.

  2. Mark built-in btree comparison functions as leakproof where it's safe.