From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Mon, 12 Nov 2012 00:56:27 +0000 (-0500)
Subject: Check for stack overflow in transformSetOperationTree().
X-Git-Tag: REL9_0_11~28
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fae09422fdb97ef2bfbfffcd2abc30060a9c1f51;p=postgresql

Check for stack overflow in transformSetOperationTree().

Since transformSetOperationTree() recurses, it can be driven to stack
overflow with enough UNION/INTERSECT/EXCEPT clauses in a query.  Add a
check to ensure it fails cleanly instead of crashing.  Per report from
Matthew Gerber (though it's not clear whether this is the only thing
going wrong for him).

Historical note: I think the reasoning behind not putting a check here in
the beginning was that the check in transformExpr() ought to be sufficient
to guard the whole parser.  However, because transformSetOperationTree()
recurses all the way to the bottom of the set-operation tree before doing
any analysis of the statement's expressions, that check doesn't save it.
---

diff --git a/src/backend/parser/analyze.c b/src/backend/parser/analyze.c
index efc11a29d6..8d5e6dfea2 100644
--- a/src/backend/parser/analyze.c
+++ b/src/backend/parser/analyze.c
@@ -26,6 +26,7 @@
 
 #include "access/sysattr.h"
 #include "catalog/pg_type.h"
+#include "miscadmin.h"
 #include "nodes/makefuncs.h"
 #include "nodes/nodeFuncs.h"
 #include "optimizer/var.h"
@@ -1380,6 +1381,9 @@ transformSetOperationTree(ParseState *pstate, SelectStmt *stmt,
 
 	Assert(stmt && IsA(stmt, SelectStmt));
 
+	/* Guard against stack overflow due to overly complex set-expressions */
+	check_stack_depth();
+
 	/*
 	 * Validity-check both leaf and internal SELECTs for disallowed ops.
 	 */