Check that aggregate creator has the right to execute the transition

functions of the aggregate, at both aggregate creation and execution times.

diff --git a/src/backend/catalog/pg_aggregate.c b/src/backend/catalog/pg_aggregate.c
index 4a20b1e742d342e678462bfc805a721739521c85..6e8d9b1082323d3e5601f033672c7d638c182027 100644 (file)
--- a/src/backend/catalog/pg_aggregate.c
+++ b/src/backend/catalog/pg_aggregate.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *       $Header: /cvsroot/pgsql/src/backend/catalog/pg_aggregate.c,v 1.64 2003/09/25 06:57:58 petere Exp $
+ *       $Header: /cvsroot/pgsql/src/backend/catalog/pg_aggregate.c,v 1.64.2.1 2005/01/27 23:43:11 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -22,10 +22,13 @@
 #include "catalog/pg_aggregate.h"
 #include "catalog/pg_language.h"
 #include "catalog/pg_proc.h"
+#include "miscadmin.h"
 #include "optimizer/cost.h"
 #include "parser/parse_coerce.h"
 #include "parser/parse_func.h"
+#include "utils/acl.h"
 #include "utils/builtins.h"
+#include "utils/lsyscache.h"
 #include "utils/syscache.h"
 
 
@@ -261,6 +264,7 @@ lookup_agg_function(List *fnName,
        bool            retset;
        Oid                *true_oid_array;
        FuncDetailCode fdresult;
+       AclResult       aclresult;
 
        /*
         * func_get_detail looks up the function in the catalogs, does
@@ -325,5 +329,10 @@ lookup_agg_function(List *fnName,
                                 errmsg("function %s requires run-time type coercion",
                                 func_signature_string(fnName, nargs, true_oid_array))));
 
+       /* Check aggregate creator has permission to call the function */
+       aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
+       if (aclresult != ACLCHECK_OK)
+               aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
+
        return fnOid;
 }

diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c
index f8a7601f59cc9b27d77aff7249cdcdee2af16dff..b18ec2fee82adf8ccd17c5ca069cd233e27f65bf 100644 (file)
--- a/src/backend/executor/nodeAgg.c
+++ b/src/backend/executor/nodeAgg.c
@@ -45,7 +45,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  *
  * IDENTIFICATION
- *       $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.116.2.2 2004/07/10 18:39:44 tgl Exp $
+ *       $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.116.2.3 2005/01/27 23:43:16 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -55,6 +55,7 @@
 #include "access/heapam.h"
 #include "catalog/pg_aggregate.h"
 #include "catalog/pg_operator.h"
+#include "catalog/pg_proc.h"
 #include "executor/executor.h"
 #include "executor/nodeAgg.h"
 #include "miscadmin.h"
@@ -1260,6 +1261,35 @@ ExecInitAgg(Agg *node, EState *estate)
                peraggstate->transfn_oid = transfn_oid = aggform->aggtransfn;
                peraggstate->finalfn_oid = finalfn_oid = aggform->aggfinalfn;
 
+               /* Check that aggregate owner has permission to call component fns */
+               {
+                       HeapTuple       procTuple;
+                       AclId           aggOwner;
+
+                       procTuple = SearchSysCache(PROCOID,
+                                                                          ObjectIdGetDatum(aggref->aggfnoid),
+                                                                          0, 0, 0);
+                       if (!HeapTupleIsValid(procTuple))
+                               elog(ERROR, "cache lookup failed for function %u",
+                                        aggref->aggfnoid);
+                       aggOwner = ((Form_pg_proc) GETSTRUCT(procTuple))->proowner;
+                       ReleaseSysCache(procTuple);
+
+                       aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
+                                                                                ACL_EXECUTE);
+                       if (aclresult != ACLCHECK_OK)
+                               aclcheck_error(aclresult, ACL_KIND_PROC,
+                                                          get_func_name(transfn_oid));
+                       if (OidIsValid(finalfn_oid))
+                       {
+                               aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
+                                                                                        ACL_EXECUTE);
+                               if (aclresult != ACLCHECK_OK)
+                                       aclcheck_error(aclresult, ACL_KIND_PROC,
+                                                                  get_func_name(finalfn_oid));
+                       }
+               }
+
                /* resolve actual type of transition state, if polymorphic */
                aggtranstype = aggform->aggtranstype;
                if (aggtranstype == ANYARRAYOID || aggtranstype == ANYELEMENTOID)