diff options
| author | Tom Lane | 2015-01-24 21:16:22 +0000 |
|---|---|---|
| committer | Tom Lane | 2015-01-24 21:16:22 +0000 |
| commit | fd496129d160950ed681c1150ea8f627b292c511 (patch) | |
| tree | 692b18245d6efca00dea4e99f66595ae0d16691a /src/include | |
| parent | f8a4dd2e141a12e349882edecc683504acb82ec8 (diff) | |
Clean up some mess in row-security patches.
Fix unsafe coding around PG_TRY in RelationBuildRowSecurity: can't change
a variable inside PG_TRY and then use it in PG_CATCH without marking it
"volatile". In this case though it seems saner to avoid that by doing
a single assignment before entering the TRY block.
I started out just intending to fix that, but the more I looked at the
row-security code the more distressed I got. This patch also fixes
incorrect construction of the RowSecurityPolicy cache entries (there was
not sufficient care taken to copy pass-by-ref data into the cache memory
context) and a whole bunch of sloppiness around the definition and use of
pg_policy.polcmd. You can't use nulls in that column because initdb will
mark it NOT NULL --- and I see no particular reason why a null entry would
be a good idea anyway, so changing initdb's behavior is not the right
answer. The internal value of '\0' wouldn't be suitable in a "char" column
either, so after a bit of thought I settled on using '*' to represent ALL.
Chasing those changes down also revealed that somebody wasn't paying
attention to what the underlying values of ACL_UPDATE_CHR etc really were,
and there was a great deal of lackadaiscalness in the catalogs.sgml
documentation for pg_policy and pg_policies too.
This doesn't pretend to be a complete code review for the row-security
stuff, it just fixes the things that were in my face while dealing with
the bugs in RelationBuildRowSecurity.
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/catalog/catversion.h | 2 | ||||
| -rw-r--r-- | src/include/catalog/pg_policy.h | 4 | ||||
| -rw-r--r-- | src/include/rewrite/rowsecurity.h | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/src/include/catalog/catversion.h b/src/include/catalog/catversion.h index bad9123c95d..13c4376b8cc 100644 --- a/src/include/catalog/catversion.h +++ b/src/include/catalog/catversion.h @@ -53,6 +53,6 @@ */ /* yyyymmddN */ -#define CATALOG_VERSION_NO 201412301 +#define CATALOG_VERSION_NO 201501241 #endif diff --git a/src/include/catalog/pg_policy.h b/src/include/catalog/pg_policy.h index ed0c6113e61..ae71f3f3a2f 100644 --- a/src/include/catalog/pg_policy.h +++ b/src/include/catalog/pg_policy.h @@ -22,10 +22,10 @@ CATALOG(pg_policy,3256) { NameData polname; /* Policy name. */ Oid polrelid; /* Oid of the relation with policy. */ - char polcmd; /* One of ACL_*_CHR, or \0 for all */ + char polcmd; /* One of ACL_*_CHR, or '*' for all */ #ifdef CATALOG_VARLEN - Oid polroles[1] /* Roles associated with policy, not-NULL */ + Oid polroles[1]; /* Roles associated with policy, not-NULL */ pg_node_tree polqual; /* Policy quals. */ pg_node_tree polwithcheck; /* WITH CHECK quals. */ #endif diff --git a/src/include/rewrite/rowsecurity.h b/src/include/rewrite/rowsecurity.h index aa1b45b1c97..240f987a3a7 100644 --- a/src/include/rewrite/rowsecurity.h +++ b/src/include/rewrite/rowsecurity.h @@ -21,11 +21,11 @@ typedef struct RowSecurityPolicy { Oid policy_id; /* OID of the policy */ char *policy_name; /* Name of the policy */ - char cmd; /* Type of command policy is for */ + char polcmd; /* Type of command policy is for */ ArrayType *roles; /* Array of roles policy is for */ Expr *qual; /* Expression to filter rows */ Expr *with_check_qual; /* Expression to limit rows allowed */ - bool hassublinks; /* If expression has sublinks */ + bool hassublinks; /* If either expression has sublinks */ } RowSecurityPolicy; typedef struct RowSecurityDesc |