git.postgresql.org Git - postgresql.git/commit

projects / postgresql.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 35edcc0) | patch

author	Noah Misch <noah@leadboat.com>
	Mon, 9 May 2022 15:35:08 +0000 (08:35 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 9 May 2022 15:35:12 +0000 (08:35 -0700)
commit	88743d581e1bdedc13e4ca33c5a6597a5d2dbdc4
tree	0296a15ba8e01096ed35dac9c2ea26cda2465c25	tree
parent	35edcc0cee7bf7d4746e3e5b7966b1f0ec509560	commit \| diff

In REFRESH MATERIALIZED VIEW, set user ID before running user code.

It intended to, but did not, achieve this.  Adopt the new standard of
setting user ID just after locking the relation.  Back-patch to v10 (all
supported versions).

Reviewed by Simon Riggs.  Reported by Alvaro Herrera.

Security: CVE-2022-1552

src/backend/commands/matview.c		diff \| blob \| blame \| history
src/test/regress/expected/privileges.out		diff \| blob \| blame \| history
src/test/regress/sql/privileges.sql		diff \| blob \| blame \| history

This is the main PostgreSQL git repository.