git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Nathan Bossart <nathan@postgresql.org>
	Mon, 11 May 2026 12:13:47 +0000 (05:13 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 11 May 2026 12:13:47 +0000 (05:13 -0700)
commit	4793fc41f82893b059bd59739bdcbe3d58c4df7e
tree	72f52237ebfe2552101003e269caf1f00efeff83	tree \| snapshot
parent	d389415ffad509f0de1342e6ebbb5d5c62dbedef	commit \| diff

Check CREATE privilege on multirange type schema in CREATE TYPE.

This omission allowed roles to create multirange types in any
schema, potentially leading to privilege escalations. Note that
when a multirange type name is not specified in CREATE TYPE, it is
automatically placed in the range type's schema, which is checked
at the beginning of DefineRange().

Reported-by: Jelte Fennema-Nio <postgres@jeltef.nl>
Author: Jelte Fennema-Nio <postgres@jeltef.nl>
Reviewed-by: Nathan Bossart <nathandbossart@gmail.com>
Reviewed-by: Tomas Vondra <tomas@vondra.me>
Security: CVE-2026-6472
Backpatch-through: 14

src/backend/commands/typecmds.c		diff \| blob \| blame \| history
src/test/regress/expected/multirangetypes.out		diff \| blob \| blame \| history
src/test/regress/sql/multirangetypes.sql		diff \| blob \| blame \| history