git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 21 Nov 2019 21:21:44 +0000 (16:21 -0500)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 21 Nov 2019 21:21:44 +0000 (16:21 -0500)
commit	b9f3d7a5317bbafb0cef1921c2e777bb327fdaee
tree	c59eb975ed2deda14784ef1a01326fbe024afaf5	tree
parent	f4095026cf174f9993920b8fce227db9c128bd5c	commit \| diff

Defend against self-referential views in relation_is_updatable().

While a self-referential view doesn't actually work, it's possible
to create one, and it turns out that this breaks some of the
information_schema views.  Those views call relation_is_updatable(),
which neglected to consider the hazards of being recursive.  In
older PG versions you get a "stack depth limit exceeded" error,
but since v10 it'd recurse to the point of stack overrun and crash,
because commit a4c35ea1c took out the expression_returns_set() call
that was incidentally checking the stack depth.

Since this function is only used by information_schema views, it
seems like it'd be better to return "not updatable" than suffer
an error.  Hence, add tracking of what views we're examining,
in just the same way that the nearby fireRIRrules() code detects
self-referential views.  I added a check_stack_depth() call too,
just to be defensive.

Per private report from Manuel Rigger.  Back-patch to all
supported versions.

src/backend/rewrite/rewriteHandler.c		diff \| blob \| blame \| history
src/backend/utils/adt/misc.c		diff \| blob \| blame \| history
src/include/rewrite/rewriteHandler.h		diff \| blob \| blame \| history