Skip to content

Commit 4d78bcd

Browse files
kulaginmkulaginm
committed
Clarify the schema of the used built-in functions to prevent their malicious overloading.
1 parent a64058b commit 4d78bcd

File tree

3 files changed

+45
-45
lines changed

3 files changed

+45
-45
lines changed

hash.sql

+5-5
Original file line numberDiff line numberDiff line change
@@ -110,18 +110,18 @@ BEGIN
110110

111111
/* Fetch definition of old_partition's HASH constraint */
112112
SELECT pg_catalog.pg_get_constraintdef(oid) FROM pg_catalog.pg_constraint
113-
WHERE conrelid = old_partition AND quote_ident(conname) = old_constr_name
113+
WHERE conrelid = old_partition AND pg_catalog.quote_ident(conname) = old_constr_name
114114
INTO old_constr_def;
115115

116116
/* Detach old partition */
117-
EXECUTE format('ALTER TABLE %s NO INHERIT %s', old_partition, parent_relid);
118-
EXECUTE format('ALTER TABLE %s DROP CONSTRAINT %s',
117+
EXECUTE pg_catalog.format('ALTER TABLE %s NO INHERIT %s', old_partition, parent_relid);
118+
EXECUTE pg_catalog.format('ALTER TABLE %s DROP CONSTRAINT %s',
119119
old_partition,
120120
old_constr_name);
121121

122122
/* Attach the new one */
123-
EXECUTE format('ALTER TABLE %s INHERIT %s', new_partition, parent_relid);
124-
EXECUTE format('ALTER TABLE %s ADD CONSTRAINT %s %s',
123+
EXECUTE pg_catalog.format('ALTER TABLE %s INHERIT %s', new_partition, parent_relid);
124+
EXECUTE pg_catalog.format('ALTER TABLE %s ADD CONSTRAINT %s %s',
125125
new_partition,
126126
@[email protected]_check_constraint_name(new_partition::REGCLASS),
127127
old_constr_def);

init.sql

+17-17
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ CREATE FUNCTION @[email protected]_set_param(
141141
value ANYELEMENT)
142142
RETURNS VOID AS $$
143143
BEGIN
144-
EXECUTE format('INSERT INTO @[email protected]_config_params
144+
EXECUTE pg_catalog.format('INSERT INTO @[email protected]_config_params
145145
(partrel, %1$s) VALUES ($1, $2)
146146
ON CONFLICT (partrel) DO UPDATE SET %1$s = $2', param)
147147
USING relation, value;
@@ -186,8 +186,8 @@ BEGIN
186186

187187
/* Fetch schema-qualified name of callback */
188188
IF callback != 0 THEN
189-
SELECT quote_ident(nspname) || '.' ||
190-
quote_ident(proname) || '(' ||
189+
SELECT pg_catalog.quote_ident(nspname) || '.' ||
190+
pg_catalog.quote_ident(proname) || '(' ||
191191
(SELECT string_agg(x.argtype::REGTYPE::TEXT, ',')
192192
FROM unnest(proargtypes) AS x(argtype)) ||
193193
')'
@@ -341,19 +341,19 @@ BEGIN
341341

342342
/* Format LIMIT clause if needed */
343343
IF NOT p_limit IS NULL THEN
344-
v_limit_clause := format('LIMIT %s', p_limit);
344+
v_limit_clause := pg_catalog.format('LIMIT %s', p_limit);
345345
END IF;
346346

347347
/* Format WHERE clause if needed */
348348
IF NOT p_min IS NULL THEN
349-
v_where_clause := format('%1$s >= $1', part_expr);
349+
v_where_clause := pg_catalog.format('%1$s >= $1', part_expr);
350350
END IF;
351351

352352
IF NOT p_max IS NULL THEN
353353
IF NOT p_min IS NULL THEN
354354
v_where_clause := v_where_clause || ' AND ';
355355
END IF;
356-
v_where_clause := v_where_clause || format('%1$s < $2', part_expr);
356+
v_where_clause := v_where_clause || pg_catalog.format('%1$s < $2', part_expr);
357357
END IF;
358358

359359
IF v_where_clause != '' THEN
@@ -362,12 +362,12 @@ BEGIN
362362

363363
/* Lock rows and copy data */
364364
RAISE NOTICE 'Copying data to partitions...';
365-
EXECUTE format('SELECT array(SELECT ctid FROM ONLY %1$s %2$s %3$s FOR UPDATE NOWAIT)',
365+
EXECUTE pg_catalog.format('SELECT array(SELECT ctid FROM ONLY %1$s %2$s %3$s FOR UPDATE NOWAIT)',
366366
relation, v_where_clause, v_limit_clause)
367367
USING p_min, p_max
368368
INTO ctids;
369369

370-
EXECUTE format('WITH data AS (
370+
EXECUTE pg_catalog.format('WITH data AS (
371371
DELETE FROM ONLY %1$s WHERE ctid = ANY($1) RETURNING *)
372372
INSERT INTO %1$s SELECT * FROM data',
373373
relation)
@@ -391,7 +391,7 @@ BEGIN
391391
p_total := 0;
392392

393393
/* Create partitions and copy rest of the data */
394-
EXECUTE format('WITH part_data AS (DELETE FROM ONLY %1$s RETURNING *)
394+
EXECUTE pg_catalog.format('WITH part_data AS (DELETE FROM ONLY %1$s RETURNING *)
395395
INSERT INTO %1$s SELECT * FROM part_data',
396396
parent_relid::TEXT);
397397

@@ -505,7 +505,7 @@ BEGIN
505505
pg_class_oid = 'pg_catalog.pg_class'::regclass;
506506

507507
/* Find relids to remove from config */
508-
SELECT array_agg(cfg.partrel) INTO relids
508+
SELECT pg_catalog.array_agg(cfg.partrel) INTO relids
509509
FROM pg_event_trigger_dropped_objects() AS events
510510
JOIN @[email protected]_config AS cfg ON cfg.partrel::oid = events.objid
511511
WHERE events.classid = pg_class_oid AND events.objsubid = 0;
@@ -552,7 +552,7 @@ BEGIN
552552
ORDER BY inhrelid ASC)
553553
LOOP
554554
IF NOT delete_data THEN
555-
EXECUTE format('INSERT INTO %s SELECT * FROM %s',
555+
EXECUTE pg_catalog.format('INSERT INTO %s SELECT * FROM %s',
556556
parent_relid::TEXT,
557557
child::TEXT);
558558
GET DIAGNOSTICS rows_count = ROW_COUNT;
@@ -571,9 +571,9 @@ BEGIN
571571
* DROP TABLE or DROP FOREIGN TABLE.
572572
*/
573573
IF rel_kind = 'f' THEN
574-
EXECUTE format('DROP FOREIGN TABLE %s', child);
574+
EXECUTE pg_catalog.format('DROP FOREIGN TABLE %s', child);
575575
ELSE
576-
EXECUTE format('DROP TABLE %s', child);
576+
EXECUTE pg_catalog.format('DROP TABLE %s', child);
577577
END IF;
578578

579579
part_count := part_count + 1;
@@ -606,7 +606,7 @@ BEGIN
606606
FOR conid IN (SELECT oid FROM pg_catalog.pg_constraint
607607
WHERE conrelid = parent_relid AND contype = 'f')
608608
LOOP
609-
EXECUTE format('ALTER TABLE %s ADD %s',
609+
EXECUTE pg_catalog.format('ALTER TABLE %s ADD %s',
610610
partition_relid::TEXT,
611611
pg_catalog.pg_get_constraintdef(conid));
612612
END LOOP;
@@ -634,17 +634,17 @@ BEGIN
634634

635635
/* Alter table name */
636636
IF new_name != orig_name THEN
637-
EXECUTE format('ALTER TABLE %s RENAME TO %s', relation, new_name);
637+
EXECUTE pg_catalog.format('ALTER TABLE %s RENAME TO %s', relation, new_name);
638638
END IF;
639639

640640
/* Alter table schema */
641641
IF new_schema != orig_schema THEN
642-
EXECUTE format('ALTER TABLE %s SET SCHEMA %s', relation, new_schema);
642+
EXECUTE pg_catalog.format('ALTER TABLE %s SET SCHEMA %s', relation, new_schema);
643643
END IF;
644644

645645
/* Move to another tablespace */
646646
IF NOT new_tablespace IS NULL THEN
647-
EXECUTE format('ALTER TABLE %s SET TABLESPACE %s', relation, new_tablespace);
647+
EXECUTE pg_catalog.format('ALTER TABLE %s SET TABLESPACE %s', relation, new_tablespace);
648648
END IF;
649649
END
650650
$$ LANGUAGE plpgsql;

range.sql

+23-23
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ DECLARE
2424

2525
BEGIN
2626
/* Get min and max values */
27-
EXECUTE format('SELECT count(*), min(%1$s), max(%1$s)
27+
EXECUTE pg_catalog.format('SELECT count(*), min(%1$s), max(%1$s)
2828
FROM %2$s WHERE NOT %1$s IS NULL',
2929
expression, parent_relid::TEXT)
3030
INTO rows_count, min_value, max_value;
@@ -76,7 +76,7 @@ BEGIN
7676

7777
/* Try to determine partitions count if not set */
7878
IF p_count IS NULL THEN
79-
EXECUTE format('SELECT count(*), max(%s) FROM %s', expression, parent_relid)
79+
EXECUTE pg_catalog.format('SELECT count(*), max(%s) FROM %s', expression, parent_relid)
8080
INTO rows_count, max_value;
8181

8282
IF rows_count = 0 THEN
@@ -169,7 +169,7 @@ BEGIN
169169

170170
/* Try to determine partitions count if not set */
171171
IF p_count IS NULL THEN
172-
EXECUTE format('SELECT count(*), max(%s) FROM %s', expression, parent_relid)
172+
EXECUTE pg_catalog.format('SELECT count(*), max(%s) FROM %s', expression, parent_relid)
173173
INTO rows_count, max_value;
174174

175175
IF rows_count = 0 THEN
@@ -326,7 +326,7 @@ BEGIN
326326
INTO part_interval;
327327

328328
EXECUTE
329-
format('SELECT @[email protected]_partition_internal($1, $2, $3, ARRAY[]::%s[], $4, $5)',
329+
pg_catalog.format('SELECT @[email protected]_partition_internal($1, $2, $3, ARRAY[]::%s[], $4, $5)',
330330
@[email protected]_base_type(part_expr_type)::TEXT)
331331
USING
332332
parent_relid,
@@ -368,7 +368,7 @@ BEGIN
368368
part_expr_type := @[email protected]_base_type(p_atttype);
369369

370370
/* We have to pass fake NULL casted to column's type */
371-
EXECUTE format('SELECT @[email protected]_part_range($1, -1, NULL::%s)',
371+
EXECUTE pg_catalog.format('SELECT @[email protected]_part_range($1, -1, NULL::%s)',
372372
part_expr_type::TEXT)
373373
USING parent_relid
374374
INTO p_range;
@@ -378,13 +378,13 @@ BEGIN
378378
END IF;
379379

380380
IF @[email protected]_date_type(p_atttype) THEN
381-
v_args_format := format('$1, $2, ($2 + $3::interval)::%s, $4, $5', part_expr_type::TEXT);
381+
v_args_format := pg_catalog.format('$1, $2, ($2 + $3::interval)::%s, $4, $5', part_expr_type::TEXT);
382382
ELSE
383-
v_args_format := format('$1, $2, $2 + $3::%s, $4, $5', part_expr_type::TEXT);
383+
v_args_format := pg_catalog.format('$1, $2, $2 + $3::%s, $4, $5', part_expr_type::TEXT);
384384
END IF;
385385

386386
EXECUTE
387-
format('SELECT @[email protected]_single_range_partition(%s)', v_args_format)
387+
pg_catalog.format('SELECT @[email protected]_single_range_partition(%s)', v_args_format)
388388
USING
389389
parent_relid,
390390
p_range[2],
@@ -430,7 +430,7 @@ BEGIN
430430
INTO part_interval;
431431

432432
EXECUTE
433-
format('SELECT @[email protected]_partition_internal($1, $2, $3, ARRAY[]::%s[], $4, $5)',
433+
pg_catalog.format('SELECT @[email protected]_partition_internal($1, $2, $3, ARRAY[]::%s[], $4, $5)',
434434
@[email protected]_base_type(part_expr_type)::TEXT)
435435
USING
436436
parent_relid,
@@ -472,7 +472,7 @@ BEGIN
472472
part_expr_type := @[email protected]_base_type(p_atttype);
473473

474474
/* We have to pass fake NULL casted to column's type */
475-
EXECUTE format('SELECT @[email protected]_part_range($1, 0, NULL::%s)',
475+
EXECUTE pg_catalog.format('SELECT @[email protected]_part_range($1, 0, NULL::%s)',
476476
part_expr_type::TEXT)
477477
USING parent_relid
478478
INTO p_range;
@@ -482,13 +482,13 @@ BEGIN
482482
END IF;
483483

484484
IF @[email protected]_date_type(p_atttype) THEN
485-
v_args_format := format('$1, ($2 - $3::interval)::%s, $2, $4, $5', part_expr_type::TEXT);
485+
v_args_format := pg_catalog.format('$1, ($2 - $3::interval)::%s, $2, $4, $5', part_expr_type::TEXT);
486486
ELSE
487-
v_args_format := format('$1, $2 - $3::%s, $2, $4, $5', part_expr_type::TEXT);
487+
v_args_format := pg_catalog.format('$1, $2 - $3::%s, $2, $4, $5', part_expr_type::TEXT);
488488
END IF;
489489

490490
EXECUTE
491-
format('SELECT @[email protected]_single_range_partition(%s)', v_args_format)
491+
pg_catalog.format('SELECT @[email protected]_single_range_partition(%s)', v_args_format)
492492
USING
493493
parent_relid,
494494
p_range[1],
@@ -576,7 +576,7 @@ BEGIN
576576
PERFORM @[email protected]_part_modification(parent_relid);
577577

578578
IF NOT delete_data THEN
579-
EXECUTE format('INSERT INTO %s SELECT * FROM %s',
579+
EXECUTE pg_catalog.format('INSERT INTO %s SELECT * FROM %s',
580580
parent_relid::TEXT,
581581
partition_relid::TEXT);
582582
GET DIAGNOSTICS v_rows = ROW_COUNT;
@@ -595,9 +595,9 @@ BEGIN
595595
* DROP TABLE or DROP FOREIGN TABLE.
596596
*/
597597
IF v_relkind = 'f' THEN
598-
EXECUTE format('DROP FOREIGN TABLE %s', partition_relid::TEXT);
598+
EXECUTE pg_catalog.format('DROP FOREIGN TABLE %s', partition_relid::TEXT);
599599
ELSE
600-
EXECUTE format('DROP TABLE %s', partition_relid::TEXT);
600+
EXECUTE pg_catalog.format('DROP TABLE %s', partition_relid::TEXT);
601601
END IF;
602602

603603
RETURN part_name;
@@ -658,10 +658,10 @@ BEGIN
658658
END IF;
659659

660660
/* Set inheritance */
661-
EXECUTE format('ALTER TABLE %s INHERIT %s', partition_relid, parent_relid);
661+
EXECUTE pg_catalog.format('ALTER TABLE %s INHERIT %s', partition_relid, parent_relid);
662662

663663
/* Set check constraint */
664-
EXECUTE format('ALTER TABLE %s ADD CONSTRAINT %s CHECK (%s)',
664+
EXECUTE pg_catalog.format('ALTER TABLE %s ADD CONSTRAINT %s CHECK (%s)',
665665
partition_relid::TEXT,
666666
@[email protected]_check_constraint_name(partition_relid),
667667
@[email protected]_range_condition(partition_relid,
@@ -718,12 +718,12 @@ BEGIN
718718
END IF;
719719

720720
/* Remove inheritance */
721-
EXECUTE format('ALTER TABLE %s NO INHERIT %s',
721+
EXECUTE pg_catalog.format('ALTER TABLE %s NO INHERIT %s',
722722
partition_relid::TEXT,
723723
parent_relid::TEXT);
724724

725725
/* Remove check constraint */
726-
EXECUTE format('ALTER TABLE %s DROP CONSTRAINT %s',
726+
EXECUTE pg_catalog.format('ALTER TABLE %s DROP CONSTRAINT %s',
727727
partition_relid::TEXT,
728728
@[email protected]_check_constraint_name(partition_relid));
729729

@@ -744,8 +744,8 @@ DECLARE
744744
BEGIN
745745
seq_name := @[email protected]_sequence_name(parent_relid);
746746

747-
EXECUTE format('DROP SEQUENCE IF EXISTS %s', seq_name);
748-
EXECUTE format('CREATE SEQUENCE %s START 1', seq_name);
747+
EXECUTE pg_catalog.format('DROP SEQUENCE IF EXISTS %s', seq_name);
748+
EXECUTE pg_catalog.format('CREATE SEQUENCE %s START 1', seq_name);
749749

750750
RETURN seq_name;
751751
END
@@ -764,7 +764,7 @@ DECLARE
764764
BEGIN
765765
seq_name := @[email protected]_sequence_name(parent_relid);
766766

767-
EXECUTE format('DROP SEQUENCE IF EXISTS %s', seq_name);
767+
EXECUTE pg_catalog.format('DROP SEQUENCE IF EXISTS %s', seq_name);
768768
END
769769
$$ LANGUAGE plpgsql
770770
SET client_min_messages = WARNING; /* mute NOTICE message */

0 commit comments

Comments
 (0)