Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

- apply security patch for plr_modules from Jeff Greco

  <jeff.greco@bluehavenmg.com>
  • Loading branch information...
commit 0e7fa2e9e9c3372c575ca60229fa81a2640024b9 1 parent 5cc97d2
authored

Showing 1 changed file with 36 additions and 27 deletions. Show diff stats Hide diff stats

  1. 63  plr.c
63  plr.c
@@ -2,7 +2,7 @@
2 2
  * PL/R - PostgreSQL support for R as a
3 3
  *	      procedural language (PL)
4 4
  *
5  
- * Copyright (c) 2003-2006 by Joseph E. Conway
  5
+ * Copyright (c) 2003, 2004 by Joseph E. Conway
6 6
  * ALL RIGHTS RESERVED
7 7
  * 
8 8
  * Joe Conway <mail@joeconway.com>
@@ -34,9 +34,10 @@
34 34
 #include "catalog/pg_namespace.h"
35 35
 #include "storage/ipc.h"
36 36
 #include "utils/memutils.h"
37  
-#include "utils/typcache.h"
38 37
 
39  
-PG_MODULE_MAGIC;
  38
+#if defined(PG_VERSION_80_COMPAT) || defined(PG_VERSION_81_COMPAT)
  39
+#include "utils/typcache.h"
  40
+#endif /* PG_VERSION_80_COMPAT || PG_VERSION_81_COMPAT */
40 41
 
41 42
 /*
42 43
  * Global data
@@ -47,8 +48,6 @@ char *last_R_error_msg = NULL;
47 48
 
48 49
 static bool	plr_pm_init_done = false;
49 50
 static bool	plr_be_init_done = false;
50  
-
51  
-/* namespace OID for the PL/R language handler function */
52 51
 static Oid plr_nspOid = InvalidOid;
53 52
 
54 53
 /*
@@ -118,15 +117,18 @@ static Datum plr_trigger_handler(PG_FUNCTION_ARGS);
118 117
 static Datum plr_func_handler(PG_FUNCTION_ARGS);
119 118
 static plr_function *compile_plr_function(FunctionCallInfo fcinfo);
120 119
 static plr_function *do_compile(FunctionCallInfo fcinfo,
121  
-								HeapTuple procTup,
122  
-								plr_func_hashkey *hashkey);
  120
+							    HeapTuple procTup,
  121
+							    plr_func_hashkey *hashkey);
123 122
 static SEXP plr_parse_func_body(const char *body);
124 123
 static SEXP plr_convertargs(plr_function *function, Datum *arg, bool *argnull);
125 124
 static void plr_error_callback(void *arg);
126 125
 static Oid getNamespaceOidFromFunctionOid(Oid fnOid);
127 126
 static bool haveModulesTable(Oid nspOid);
128  
-static char *getModulesSql(Oid nspOid);
  127
+static char* getModulesSql(Oid nspOid);
  128
+
  129
+#if defined(PG_VERSION_80_COMPAT) || defined(PG_VERSION_81_COMPAT)
129 130
 static char **fetchArgNames(HeapTuple procTup, int nargs);
  131
+#endif /* PG_VERSION_80_COMPAT || PG_VERSION_81_COMPAT */
130 132
 
131 133
 /*
132 134
  * plr_call_handler -	This is the only visible function
@@ -197,7 +199,7 @@ load_r_cmd(const char *cmd)
197 199
 	SET_STRING_ELT(cmdSexp, 0, COPY_TO_USER_STRING(cmd));
198 200
 	PROTECT(cmdexpr = R_PARSEVECTOR(cmdSexp, -1, &status));
199 201
 	if (status != PARSE_OK) {
200  
-		UNPROTECT(2);
  202
+	    UNPROTECT(2);
201 203
 		if (last_R_error_msg)
202 204
 			ereport(ERROR,
203 205
 					(errcode(ERRCODE_DATA_EXCEPTION),
@@ -565,7 +567,7 @@ plr_trigger_handler(PG_FUNCTION_ARGS)
565 567
 
566 568
 	dims[0] = trigdata->tg_trigger->tgnargs;
567 569
 	lbs[0] = 1;
568  
-	array = construct_md_array(dvalues, NULL, ndims, dims, lbs,
  570
+	array = construct_md_array(dvalues, ndims, dims, lbs,
569 571
 								TEXTOID, -1, false, 'i');
570 572
 
571 573
 	arg[8] = PointerGetDatum(array);
@@ -1142,7 +1144,7 @@ do_compile(FunctionCallInfo fcinfo,
1142 1144
 
1143 1145
 		/* trigger procedure has fixed args */
1144 1146
 		appendStringInfo(proc_internal_args,
1145  
-						"pg.tg.name,pg.tg.relid,pg.tg.relname,pg.tg.when,"
  1147
+						"pg.tg.name,pg.tg.relid,pg.tg.relname,pg.tg.when," \
1146 1148
 						"pg.tg.level,pg.tg.op,pg.tg.new,pg.tg.old,pg.tg.args");
1147 1149
 	}
1148 1150
 
@@ -1209,7 +1211,7 @@ plr_parse_func_body(const char *body)
1209 1211
 	PROTECT(fun = VECTOR_ELT(R_PARSEVECTOR(rbody, -1, &status), 0));
1210 1212
 	if (status != PARSE_OK)
1211 1213
 	{
1212  
-		UNPROTECT(2);
  1214
+	    UNPROTECT(2);
1213 1215
 		if (last_R_error_msg)
1214 1216
 			ereport(ERROR,
1215 1217
 					(errcode(ERRCODE_DATA_EXCEPTION),
@@ -1342,6 +1344,7 @@ plr_error_callback(void *arg)
1342 1344
 		errcontext("In PL/R function %s", (char *) arg);
1343 1345
 }
1344 1346
 
  1347
+#if defined(PG_VERSION_80_COMPAT) || defined(PG_VERSION_81_COMPAT)
1345 1348
 /*
1346 1349
  * Fetch the argument names, if any, from the proargnames field of the
1347 1350
  * pg_proc tuple.  Results are palloc'd.
@@ -1368,7 +1371,7 @@ fetchArgNames(HeapTuple procTup, int nargs)
1368 1371
 
1369 1372
 	deconstruct_array(DatumGetArrayTypeP(argnamesDatum),
1370 1373
 					  TEXTOID, -1, false, 'i',
1371  
-					  &elems, NULL, &nelems);
  1374
+					  &elems, &nelems);
1372 1375
 
1373 1376
 	if (nelems != nargs)		/* should not happen */
1374 1377
 		elog(ERROR, "proargnames must have the same number of elements as the function has arguments");
@@ -1380,6 +1383,7 @@ fetchArgNames(HeapTuple procTup, int nargs)
1380 1383
 
1381 1384
 	return result;
1382 1385
 }
  1386
+#endif /* PG_VERSION_80_COMPAT || PG_VERSION_81_COMPAT */
1383 1387
 
1384 1388
 /*
1385 1389
  * getNamespaceOidFromFunctionOid - Returns the OID of the namespace for the
@@ -1388,9 +1392,9 @@ fetchArgNames(HeapTuple procTup, int nargs)
1388 1392
 static Oid
1389 1393
 getNamespaceOidFromFunctionOid(Oid fnOid)
1390 1394
 {
1391  
-	HeapTuple    procTuple;
1392  
-	Form_pg_proc procStruct;
1393  
-	Oid          nspOid;
  1395
+	HeapTuple		procTuple;
  1396
+	Form_pg_proc	procStruct;
  1397
+	Oid				nspOid;
1394 1398
 
1395 1399
 	/* Lookup the pg_proc tuple by OID */
1396 1400
 	procTuple = SearchSysCache(PROCOID, ObjectIdGetDatum(fnOid), 0, 0, 0);
@@ -1413,17 +1417,21 @@ getNamespaceOidFromFunctionOid(Oid fnOid)
1413 1417
 static bool
1414 1418
 haveModulesTable(Oid nspOid)
1415 1419
 {
1416  
-	StringInfo		sql = makeStringInfo();
1417  
-	char		   *sql_format = "SELECT NULL "
1418  
-								 "FROM pg_catalog.pg_class "
1419  
-								 "WHERE "
1420  
-								 "relname = 'plr_modules' AND "
1421  
-								 "relnamespace = %u";
1422  
-    int  spiRc;
1423  
-
1424  
-	appendStringInfo(sql, sql_format, nspOid);
  1420
+	static const char sqlFormat[] = "SELECT NULL "
  1421
+									"FROM pg_catalog.pg_class "
  1422
+									"WHERE "
  1423
+									"relname = 'plr_modules' AND "
  1424
+									"relnamespace = %u";
  1425
+	char	   *sql;
  1426
+	int			spiRc;
  1427
+
  1428
+	/* safe up to 64-bit integers */
  1429
+	sql = palloc((strlen(sqlFormat) + 22) * sizeof(char));
  1430
+	sprintf(sql, sqlFormat, nspOid);
  1431
+	spiRc = SPI_exec(sql, 1);
  1432
+	pfree(sql);
  1433
+	SPI_freetuptable(SPI_tuptable);
1425 1434
 
1426  
-	spiRc = SPI_exec(sql->data, 1);
1427 1435
 	if (spiRc != SPI_OK_SELECT)
1428 1436
 		/* internal error */
1429 1437
 		elog(ERROR, "haveModulesTable: select from pg_class failed");
@@ -1438,7 +1446,7 @@ haveModulesTable(Oid nspOid)
1438 1446
  *
1439 1447
  * IMPORTANT: return value must be pfree'd
1440 1448
  */
1441  
-static char *
  1449
+static char*
1442 1450
 getModulesSql(Oid nspOid)
1443 1451
 {
1444 1452
 	StringInfo		sql = makeStringInfo();
@@ -1452,3 +1460,4 @@ getModulesSql(Oid nspOid)
1452 1460
 
1453 1461
     return sql->data;
1454 1462
 }
  1463
+

0 notes on commit 0e7fa2e

Please sign in to comment.
Something went wrong with that request. Please try again.