git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Sat, 26 Sep 2020 20:04:06 +0000 (16:04 -0400)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Sat, 26 Sep 2020 20:04:06 +0000 (16:04 -0400)
commit	bf34ae930deeafcca2a9ed8b984061806451e2f1
tree	b80b95a9e5ce98fefad8de211b5b68cca000dd66	tree \| snapshot
parent	56b46d3a1a620548b4728b48bd28cdf11d88e101	commit \| diff

Revise RelationBuildRowSecurity() to avoid memory leaks.

This function leaked some memory while loading qual clauses for
an RLS policy. While ordinarily negligible, that could build up
in some repeated-reload cases, as reported by Konstantin Knizhnik.
We can improve matters by borrowing the coding long used in
RelationBuildRuleLock: build stringToNode's result directly in
the target context, and remember to explicitly pfree the
input string.

This patch by no means completely guarantees zero leaks within
this function, since we have no real guarantee that the catalog-
reading subroutines it calls don't leak anything. However,
practical tests suggest that this is enough to resolve the issue.
In any case, any remaining leaks are similar to those risked by
RelationBuildRuleLock and other relcache-loading subroutines.
If we need to fix them, we should adopt a more global approach
such as that used by the RECOVER_RELATION_BUILD_MEMORY hack.

While here, let's remove the need for an expensive PG_TRY block by
using MemoryContextSetParent to reparent an initially-short-lived
context for the RLS data.

Back-patch to all supported branches.

Discussion: https://postgr.es/m/21356c12-8917-8249-b35f-1c447231922b@postgrespro.ru