]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 39035a5) | patch
Prohibit transaction commands in security definer procedures
authorPeter Eisentraut <peter_e@gmx.net>
Wed, 4 Jul 2018 07:26:19 +0000 (09:26 +0200)
committerPeter Eisentraut <peter_e@gmx.net>
Fri, 13 Jul 2018 08:41:40 +0000 (10:41 +0200)
commit3804e89bd0e94fb412d3eecb2113cc97e0f7310b
tree39ec8a13fa0c559eee23a58b0a7c6c0220213e96tree | snapshot
parent39035a52894a419ae1b905adfdb0bad72ee19a36commit | diff
Prohibit transaction commands in security definer procedures

Starting and aborting transactions in security definer procedures
doesn't work.  StartTransaction() insists that the security context
stack is empty, so this would currently cause a crash, and
AbortTransaction() resets it.  This could be made to work by
reorganizing the code, but right now we just prohibit it.

Reported-by: amul sul <sulamul@gmail.com>
Discussion: https://www.postgresql.org/message-id/flat/CAAJ_b96Gupt_LFL7uNyy3c50-wbhA68NUjiK5%3DrF6_w%3Dpq_T%3DQ%40mail.gmail.com
doc/src/sgml/ref/create_procedure.sgml diff | blob | history
src/backend/commands/functioncmds.c diff | blob | history
src/pl/plpgsql/src/expected/plpgsql_transaction.out diff | blob | history
src/pl/plpgsql/src/sql/plpgsql_transaction.sql diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.