fastpath code neglected to check whether user has privileges to call the

tglsfdc · tglsfdc · commit d6dbb6b28346 · 2003-01-01T21:57:05.000Z
target function.  Also, move SetQuerySnapshot() call to avoid assert
failure when a fastpath call is attempted in an aborted transaction.
diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.54 2002/08/24 15:00:46 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.55 2003/01/01 21:57:05 tgl Exp $
  *
  * NOTES
  *	  This cruft is the server side of PQfn.
@@ -65,8 +65,10 @@
 #include "libpq/libpq.h"
 #include "libpq/pqformat.h"
 #include "tcop/fastpath.h"
+#include "utils/acl.h"
 #include "utils/lsyscache.h"
 #include "utils/syscache.h"
+#include "utils/tqual.h"
 
 
 /* ----------------
@@ -221,6 +223,7 @@ HandleFunctionRequest(void)
 	int			argsize;
 	int			nargs;
 	int			tmp;
+	AclResult	aclresult;
 	FunctionCallInfoData fcinfo;
 	Datum		retval;
 	int			i;
@@ -337,6 +340,18 @@ HandleFunctionRequest(void)
 		elog(ERROR, "current transaction is aborted, "
 			 "queries ignored until end of transaction block");
 
+	/* Check permission to call function */
+	aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
+	if (aclresult != ACLCHECK_OK)
+		aclcheck_error(aclresult, get_func_name(fid));
+
+	/*
+	 * Set up a query snapshot in case function needs one.  (It is not safe
+	 * to do this if we are in transaction-abort state, so we have to postpone
+	 * it till now.  Ugh.)
+	 */
+	SetQuerySnapshot();
+
 #ifdef NO_FASTPATH
 	/* force a NULL return */
 	retval = (Datum) 0;
diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.313 2002/12/06 05:00:26 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.314 2003/01/01 21:57:05 tgl Exp $
  *
  * NOTES
  *	  this is the "main" module of the postgres backend and
@@ -1781,7 +1781,7 @@ PostgresMain(int argc, char *argv[], const char *username)
 	if (!IsUnderPostmaster)
 	{
 		puts("\nPOSTGRES backend interactive interface ");
-		puts("$Revision: 1.313 $ $Date: 2002/12/06 05:00:26 $\n");
+		puts("$Revision: 1.314 $ $Date: 2003/01/01 21:57:05 $\n");
 	}
 
 	/*
@@ -1965,9 +1965,6 @@ PostgresMain(int argc, char *argv[], const char *username)
 				/* start an xact for this function invocation */
 				start_xact_command();
 
-				/* assume it may need a snapshot */
-				SetQuerySnapshot();
-
 				if (HandleFunctionRequest() == EOF)
 				{
 					/* lost frontend connection during F message input */

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.313 2002/12/06 05:00:26 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/tcop/postgres.c,v 1.314 2003/01/01 21:57:05 tgl Exp $`
`12`	`12`	`*`
`13`	`13`	`* NOTES`
`14`	`14`	`* this is the "main" module of the postgres backend and`
`@@ -1781,7 +1781,7 @@ PostgresMain(int argc, char argv[], const char username)`
`1781`	`1781`	`if (!IsUnderPostmaster)`
`1782`	`1782`	`{`
`1783`	`1783`	`puts("\nPOSTGRES backend interactive interface ");`
`1784`		`- puts("$Revision: 1.313 $ $Date: 2002/12/06 05:00:26 $\n");`
	`1784`	`+ puts("$Revision: 1.314 $ $Date: 2003/01/01 21:57:05 $\n");`
`1785`	`1785`	`}`
`1786`	`1786`
`1787`	`1787`	`/*`
`@@ -1965,9 +1965,6 @@ PostgresMain(int argc, char argv[], const char username)`
`1965`	`1965`	`/* start an xact for this function invocation */`
`1966`	`1966`	`start_xact_command();`
`1967`	`1967`
`1968`		`- /* assume it may need a snapshot */`
`1969`		`- SetQuerySnapshot();`
`1970`		`-`
`1971`	`1968`	`if (HandleFunctionRequest() == EOF)`
`1972`	`1969`	`{`
`1973`	`1970`	`/* lost frontend connection during F message input */`