From: Tom Lane Date: Thu, 22 Dec 2022 15:35:02 +0000 (-0500) Subject: Add some recursion and looping defenses in prepjointree.c. X-Git-Tag: REL_16_BETA1~1070 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5beb7881fb27d1830fa4c57ba263c8042449a599;p=thirdparty%2Fpostgresql.git Add some recursion and looping defenses in prepjointree.c. Andrey Lepikhov demonstrated a case where we spend an unreasonable amount of time in pull_up_subqueries(). Not only is that recursing with no explicit check for stack overrun, but the code seems not interruptable by control-C. Let's stick a CHECK_FOR_INTERRUPTS there, along with sprinkling some stack depth checks. An actual fix for the excessive time consumption seems a bit risky to back-patch; but this isn't, so let's do so. Discussion: https://postgr.es/m/703c09a2-08f3-d2ec-b33d-dbecd62428b8@postgrespro.ru --- diff --git a/src/backend/optimizer/prep/prepjointree.c b/src/backend/optimizer/prep/prepjointree.c index c2239d18b4a..411412c5fad 100644 --- a/src/backend/optimizer/prep/prepjointree.c +++ b/src/backend/optimizer/prep/prepjointree.c @@ -27,6 +27,7 @@ #include "catalog/pg_type.h" #include "funcapi.h" +#include "miscadmin.h" #include "nodes/makefuncs.h" #include "nodes/multibitmapset.h" #include "nodes/nodeFuncs.h" @@ -308,6 +309,9 @@ static Node * pull_up_sublinks_jointree_recurse(PlannerInfo *root, Node *jtnode, Relids *relids) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (jtnode == NULL) { *relids = NULL; @@ -805,6 +809,11 @@ pull_up_subqueries_recurse(PlannerInfo *root, Node *jtnode, JoinExpr *lowest_nulling_outer_join, AppendRelInfo *containing_appendrel) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + /* Also, since it's a bit expensive, let's check for query cancel. */ + CHECK_FOR_INTERRUPTS(); + Assert(jtnode != NULL); if (IsA(jtnode, RangeTblRef)) { @@ -1937,6 +1946,9 @@ is_simple_union_all(Query *subquery) static bool is_simple_union_all_recurse(Node *setOp, Query *setOpQuery, List *colTypes) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (IsA(setOp, RangeTblRef)) { RangeTblRef *rtr = (RangeTblRef *) setOp;