Skip to content

Commit e3f1c24

Browse files
alvherrealvherre
committed
Fix crasher bugs in previous commit
ALTER DEFAULT PRIVILEGES was trying to decode the list of roles in the FOR clause as a list of names rather than of RoleSpecs; and the IN clause in CREATE ROLE was doing the same thing. This was evidenced by crashes on some buildfarm machines, though on my platform this doesn't cause a failure by mere chance; I can reproduce the failures only by adding some padding in struct RoleSpecs. Fix by dereferencing those lists as being of RoleSpecs, not string Values.
1 parent 31eae60 commit e3f1c24

File tree

2 files changed

+16
-12
lines changed

2 files changed

+16
-12
lines changed

src/backend/catalog/aclchk.c

+10-10
Original file line numberDiff line numberDiff line change
@@ -858,9 +858,9 @@ ExecAlterDefaultPrivilegesStmt(AlterDefaultPrivilegesStmt *stmt)
858858
GrantStmt *action = stmt->action;
859859
InternalDefaultACL iacls;
860860
ListCell *cell;
861-
List *rolenames = NIL;
861+
List *rolespecs = NIL;
862862
List *nspnames = NIL;
863-
DefElem *drolenames = NULL;
863+
DefElem *drolespecs = NULL;
864864
DefElem *dnspnames = NULL;
865865
AclMode all_privileges;
866866
const char *errormsg;
@@ -880,20 +880,20 @@ ExecAlterDefaultPrivilegesStmt(AlterDefaultPrivilegesStmt *stmt)
880880
}
881881
else if (strcmp(defel->defname, "roles") == 0)
882882
{
883-
if (drolenames)
883+
if (drolespecs)
884884
ereport(ERROR,
885885
(errcode(ERRCODE_SYNTAX_ERROR),
886886
errmsg("conflicting or redundant options")));
887-
drolenames = defel;
887+
drolespecs = defel;
888888
}
889889
else
890890
elog(ERROR, "option \"%s\" not recognized", defel->defname);
891891
}
892892

893893
if (dnspnames)
894894
nspnames = (List *) dnspnames->arg;
895-
if (drolenames)
896-
rolenames = (List *) drolenames->arg;
895+
if (drolespecs)
896+
rolespecs = (List *) drolespecs->arg;
897897

898898
/* Prepare the InternalDefaultACL representation of the statement */
899899
/* roleid to be filled below */
@@ -996,7 +996,7 @@ ExecAlterDefaultPrivilegesStmt(AlterDefaultPrivilegesStmt *stmt)
996996
}
997997
}
998998

999-
if (rolenames == NIL)
999+
if (rolespecs == NIL)
10001000
{
10011001
/* Set permissions for myself */
10021002
iacls.roleid = GetUserId();
@@ -1008,11 +1008,11 @@ ExecAlterDefaultPrivilegesStmt(AlterDefaultPrivilegesStmt *stmt)
10081008
/* Look up the role OIDs and do permissions checks */
10091009
ListCell *rolecell;
10101010

1011-
foreach(rolecell, rolenames)
1011+
foreach(rolecell, rolespecs)
10121012
{
1013-
char *rolename = strVal(lfirst(rolecell));
1013+
RoleSpec *rolespec = lfirst(rolecell);
10141014

1015-
iacls.roleid = get_role_oid(rolename, false);
1015+
iacls.roleid = get_rolespec_oid((Node *) rolespec, false);
10161016

10171017
/*
10181018
* We insist that calling user be a member of each target role. If

src/backend/commands/user.c

+6-2
Original file line numberDiff line numberDiff line change
@@ -429,13 +429,17 @@ CreateRole(CreateRoleStmt *stmt)
429429
*/
430430
foreach(item, addroleto)
431431
{
432-
char *oldrolename = strVal(lfirst(item));
433-
Oid oldroleid = get_role_oid(oldrolename, false);
432+
RoleSpec *oldrole = lfirst(item);
433+
HeapTuple oldroletup = get_rolespec_tuple((Node *) oldrole);
434+
Oid oldroleid = HeapTupleGetOid(oldroletup);
435+
char *oldrolename = NameStr(((Form_pg_authid) GETSTRUCT(oldroletup))->rolname);
434436

435437
AddRoleMems(oldrolename, oldroleid,
436438
list_make1(makeString(stmt->role)),
437439
list_make1_oid(roleid),
438440
GetUserId(), false);
441+
442+
ReleaseSysCache(oldroletup);
439443
}
440444

441445
/*

0 commit comments

Comments
 (0)