← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/postgresql-9.1/oneiric-security

« back to all changes in this revision

Viewing changes to src/backend/parser/parse_relation.c

  • Committer: Package Import Robot
  • Author(s): Martin Pitt
  • Date: 2013-02-05 18:13:52 UTC
  • mfrom: (1.1.10) (10.1.5 oneiric-proposed)
  • Revision ID: package-import@ubuntu.com-20130205181352-3kw4f94ilqklzm7c
Tags: 9.1.8-0ubuntu11.10
https://launchpad.net/bugs/1116336
* New upstream security/bug fix release: (LP: #1116336)
  - Prevent execution of enum_recv from SQL
    The function was misdeclared, allowing a simple SQL command to crash the
    server.  In principle an attacker might be able to use it to examine the
    contents of server memory.  Our thanks to Sumit Soni (via Secunia SVCRP)
    for reporting this issue. (CVE-2013-0255)
  - See HISTORY/changelog.gz for the other bug fixes.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/backend/parser/parse_relation.c
501
501
                attnum = specialAttNum(colname);
502
502
                if (attnum != InvalidAttrNumber)
503
503
                {
504
 
                        /* now check to see if column actually is defined */
 
504
                        /*
 
505
                         * Now check to see if column actually is defined.  Because of
 
506
                         * an ancient oversight in DefineQueryRewrite, it's possible that
 
507
                         * pg_attribute contains entries for system columns for a view,
 
508
                         * even though views should not have such --- so we also check
 
509
                         * the relkind.  This kluge will not be needed in 9.3 and later.
 
510
                         */
505
511
                        if (SearchSysCacheExists2(ATTNUM,
506
512
                                                                          ObjectIdGetDatum(rte->relid),
507
 
                                                                          Int16GetDatum(attnum)))
 
513
                                                                          Int16GetDatum(attnum)) &&
 
514
                                get_rel_relkind(rte->relid) != RELKIND_VIEW)
508
515
                        {
509
516
                                var = make_var(pstate, rte, attnum, location);
510
517
                                /* Require read access to the column */