• Alvaro Herrera's avatar
    Add missing checks to some of pageinspect's BRIN functions · 3e133847
    Alvaro Herrera authored
    brin_page_type() and brin_metapage_info() did not enforce being called
    by superuser, like other pageinspect functions that take bytea do.
    Since they don't verify the passed page thoroughly, it is possible to
    use them to read the server memory with a carefully crafted bytea value,
    up to a file kilobytes from where the input bytea is located.
    
    Have them throw errors if called by a non-superuser.
    
    Report and initial patch: Andreas Seltenreich
    
    Security: CVE-2016-3065
    3e133847
brinfuncs.c 10.2 KB