From: Tom Lane Date: Thu, 22 Dec 2022 15:35:03 +0000 (-0500) Subject: Add some recursion and looping defenses in prepjointree.c. X-Git-Tag: REL_11_19~25 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8cd700cc5a676282912c7080cfa142977a2dd851;p=thirdparty%2Fpostgresql.git Add some recursion and looping defenses in prepjointree.c. Andrey Lepikhov demonstrated a case where we spend an unreasonable amount of time in pull_up_subqueries(). Not only is that recursing with no explicit check for stack overrun, but the code seems not interruptable by control-C. Let's stick a CHECK_FOR_INTERRUPTS there, along with sprinkling some stack depth checks. An actual fix for the excessive time consumption seems a bit risky to back-patch; but this isn't, so let's do so. Discussion: https://postgr.es/m/703c09a2-08f3-d2ec-b33d-dbecd62428b8@postgrespro.ru --- diff --git a/src/backend/optimizer/prep/prepjointree.c b/src/backend/optimizer/prep/prepjointree.c index fe1149ee4bf..e3c62cb3481 100644 --- a/src/backend/optimizer/prep/prepjointree.c +++ b/src/backend/optimizer/prep/prepjointree.c @@ -24,6 +24,7 @@ #include "postgres.h" #include "catalog/pg_type.h" +#include "miscadmin.h" #include "nodes/makefuncs.h" #include "nodes/nodeFuncs.h" #include "optimizer/clauses.h" @@ -178,6 +179,9 @@ static Node * pull_up_sublinks_jointree_recurse(PlannerInfo *root, Node *jtnode, Relids *relids) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (jtnode == NULL) { *relids = NULL; @@ -677,6 +681,11 @@ pull_up_subqueries_recurse(PlannerInfo *root, Node *jtnode, AppendRelInfo *containing_appendrel, bool deletion_ok) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + /* Also, since it's a bit expensive, let's check for query cancel. */ + CHECK_FOR_INTERRUPTS(); + Assert(jtnode != NULL); if (IsA(jtnode, RangeTblRef)) { @@ -1824,6 +1833,9 @@ is_simple_union_all(Query *subquery) static bool is_simple_union_all_recurse(Node *setOp, Query *setOpQuery, List *colTypes) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (IsA(setOp, RangeTblRef)) { RangeTblRef *rtr = (RangeTblRef *) setOp;