Prevent privilege escalation in explicit calls to PL validators.

The primary role of PL validators is to be called implicitly during CREATE FUNCTION, but they are also normal functions that a user can call explicitly. Add a permissions check to each validator to ensure that a user cannot use explicit validator calls to achieve things he could not otherwise achieve. Back-patch to 8.4 (all supported versions). Non-core procedural language extensions ought to make the same two-line change to their own validators. Andres Freund, reviewed by Tom Lane and Noah Misch. Security: CVE-2014-0061
author: Noah Misch 2014-02-17 14:33:31 +0000
committer: Noah Misch 2014-02-17 14:33:33 +0000
commit: 1d701d28a796ea2d1a4d2be9e9ee06209eaea040 (patch)
tree: 539b23c188cada8390ff3fbfd5b6577eb457fd27 /src/include
parent: 15a8f97b9d16aaf659f58c981242b9da591cf24c (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/include/fmgr.h b/src/include/fmgr.h
index 0a257764494..f944cc6a8ca 100644
--- a/src/include/fmgr.h
+++ b/src/include/fmgr.h
@@ -624,6 +624,7 @@ extern Oid	get_fn_expr_argtype(FmgrInfo *flinfo, int argnum);
 extern Oid	get_call_expr_argtype(fmNodePtr expr, int argnum);
 extern bool get_fn_expr_arg_stable(FmgrInfo *flinfo, int argnum);
 extern bool get_call_expr_arg_stable(fmNodePtr expr, int argnum);
+extern bool CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid);
 
 /*
  * Routines in dfmgr.c
author	Noah Misch	2014-02-17 14:33:31 +0000
committer	Noah Misch	2014-02-17 14:33:33 +0000
commit	1d701d28a796ea2d1a4d2be9e9ee06209eaea040 (patch)
tree	539b23c188cada8390ff3fbfd5b6577eb457fd27 /src/include
parent	15a8f97b9d16aaf659f58c981242b9da591cf24c (diff)