- 13 May, 2010 17 commits
-
-
Tom Lane authored
"supplementary storage table".
-
Tom Lane authored
that is a regular table or view owned by a superuser. This prevents a trojan horse attack whereby any unprivileged SQL user could create such a table and insert code into it that would then get executed in other users' sessions whenever they call pltcl functions. Worse yet, because the code was automatically loaded into both the "normal" and "safe" interpreters at first use, the attacker could execute unrestricted Tcl code in the "normal" interpreter without there being any pltclu functions anywhere, or indeed anyone else using pltcl at all: installing pltcl is sufficient to open the hole. Change the initialization logic so that the "unknown" code is only loaded into an interpreter when the interpreter is first really used. (That doesn't add any additional security in this particular context, but it seems a prudent change, and anyway the former behavior violated the principle of least astonishment.) Security: CVE-2010-1170
-
Andrew Dunstan authored
fundamentally insecure. Instead apply an opmask to the whole interpreter that imposes restrictions on unsafe operations. These restrictions are much harder to subvert than is Safe.pm, since there is no container to be broken out of. Backported to release 7.4. In releases 7.4, 8.0 and 8.1 this also includes the necessary backporting of the two interpreters model for plperl and plperlu adopted in release 8.2. In versions 8.0 and up, the use of Perl's POSIX module to undo its locale mangling on Windows has become insecure with these changes, so it is replaced by our own routine, which is also faster. Nice side effects of the changes include that it is now possible to use perl's "strict" pragma in a natural way in plperl, and that perl's $a and $b variables now work as expected in sort routines, and that function compilation is significantly faster. Tim Bunce and Andrew Dunstan, with reviews from Alex Hunsaker and Alexey Klyukin. Security: CVE-2010-1169
-
Magnus Hagander authored
* There is no chmod() on Windows. * Must always use the 3-parameter version of open() * There is no dynloader.h - but it also appears unnecessary on all platforms * Don't include shlobj.h because it causes compile errors, and from what I can see it's not actually used. This may need to be added back for mingw and/or cygwin in the worst case.
-
Peter Eisentraut authored
-
Magnus Hagander authored
PROGRAM, not just MODULE, in contrib.
-
Bruce Momjian authored
-
Peter Eisentraut authored
mkinstalldirs used to handle no arguments, but mkdir doesn't. Also remove the .SILENT setting, that was previously removed from Makefile.global as well.
-
Magnus Hagander authored
Thom Brown
-
Andrew Dunstan authored
-
Bruce Momjian authored
-
Peter Eisentraut authored
-
Simon Riggs authored
so simply leads to data waiting in wal_buffers which then causes later commits to potentially do emergency writes and for all forms of replication to be potentially delayed without need or benefit. Issue pointed out exactly by Fujii Masao, following bug report by Robert Haas on a separate though related topic.
-
Simon Riggs authored
of requirements and documentation on LogStandbySnapshot(). Fixes two minor bugs reported by Tom Lane that would lead to an incorrect snapshot after transaction wraparound. Also fix two other problems discovered that would give incorrect snapshots in certain cases. ProcArrayApplyRecoveryInfo() substantially rewritten. Some minor refactoring of xact_redo_apply() and ExpireTreeKnownAssignedTransactionIds().
-
Tom Lane authored
-
Bruce Momjian authored
-
Bruce Momjian authored
(pg_upgrade_support).
-
- 12 May, 2010 13 commits
-
-
Bruce Momjian authored
-
Tom Lane authored
7.4.29.
-
Bruce Momjian authored
-
Simon Riggs authored
requests and discussions with Yeb Havinga and Kevin Grittner.
-
Tom Lane authored
on the buildfarm.
-
Peter Eisentraut authored
-
Tom Lane authored
cmp parameter for pg_scandir(). The code failed to support this anyway for Sun/Windows, so pretending we could accept a parameter other than NULL was just asking for trouble.
-
Bruce Momjian authored
-
Bruce Momjian authored
Add PGAPPICON to all executable makefiles.
-
Bruce Momjian authored
-
Bruce Momjian authored
-
Bruce Momjian authored
-
Bruce Momjian authored
Add documentation. Supports migration from PG 8.3 and 8.4.
-
- 11 May, 2010 7 commits
-
-
Tom Lane authored
Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia. Historical corrections for Taiwan.
-
Tom Lane authored
Per discussion, if we have PKT in there then PKST should be too. Also, fix mistaken claim that these abbrevs are not known to zic.
-
Robert Haas authored
Fixes a complaint from src/tools/pginclude/cpluspluscheck reported by Peter Eisentraut.
-
Tom Lane authored
archive_command) as soon as possible, namely just before issuing a new call of archive_command, even when there is a backlog of files to be archived. The original coding would only absorb new settings after clearing the backlog and returning to the outer loop. Per discussion. Back-patch to 8.3. The logic in prior versions is a bit different and it doesn't seem worth taking any risks of breaking it.
-
Robert Haas authored
As suggested by Andy Lester.
-
Tom Lane authored
tables --- the parent table no longer got checked, either. Per bug #5458 from Takahiro Itagaki.
-
Itagaki Takahiro authored
Now validators work properly even when the settings contain parameters that affect behavior of the function, like search_path. Reported by Erwin Brandstetter.
-
- 10 May, 2010 1 commit
-
-
Tom Lane authored
MIN or MAX, we must take care to insert the added qual in a legal place among the existing indexquals, if any. The btree index AM requires the quals to appear in index-column order. We didn't have to worry about this before because "target IS NOT NULL" was just treated as a plain scan filter condition; but as of 9.0 it can be an index qual and then it has to follow the rule. Per report from Ian Barwick.
-
- 09 May, 2010 2 commits