diff options
| -rw-r--r-- | src/backend/replication/libpqwalreceiver/libpqwalreceiver.c | 17 | ||||
| -rw-r--r-- | src/backend/replication/logical/worker.c | 6 | ||||
| -rw-r--r-- | src/test/subscription/t/001_rep_changes.pl | 4 |
3 files changed, 27 insertions, 0 deletions
diff --git a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c index e9057230e40..8afa5a29b48 100644 --- a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c +++ b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c @@ -21,6 +21,7 @@ #include "access/xlog.h" #include "catalog/pg_type.h" +#include "common/connect.h" #include "funcapi.h" #include "libpq-fe.h" #include "mb/pg_wchar.h" @@ -213,6 +214,22 @@ libpqrcv_connect(const char *conninfo, bool logical, const char *appname, return NULL; } + if (logical) + { + PGresult *res; + + res = libpqrcv_PQexec(conn->streamConn, + ALWAYS_SECURE_SEARCH_PATH_SQL); + if (PQresultStatus(res) != PGRES_TUPLES_OK) + { + PQclear(res); + ereport(ERROR, + (errmsg("could not clear search path: %s", + pchomp(PQerrorMessage(conn->streamConn))))); + } + PQclear(res); + } + conn->logical = logical; return conn; diff --git a/src/backend/replication/logical/worker.c b/src/backend/replication/logical/worker.c index 2fcf2e61bc3..b576e342cb7 100644 --- a/src/backend/replication/logical/worker.c +++ b/src/backend/replication/logical/worker.c @@ -2019,6 +2019,12 @@ ApplyWorkerMain(Datum main_arg) MyLogicalRepWorker->userid, 0); + /* + * Set always-secure search path, so malicious users can't redirect user + * code (e.g. pg_index.indexprs). + */ + SetConfigOption("search_path", "", PGC_SUSET, PGC_S_OVERRIDE); + /* Load the subscription into persistent memory context. */ ApplyContext = AllocSetContextCreate(TopMemoryContext, "ApplyContext", diff --git a/src/test/subscription/t/001_rep_changes.pl b/src/test/subscription/t/001_rep_changes.pl index 3f8318fc7cc..0680f44a1aa 100644 --- a/src/test/subscription/t/001_rep_changes.pl +++ b/src/test/subscription/t/001_rep_changes.pl @@ -16,6 +16,10 @@ $node_subscriber->init(allows_streaming => 'logical'); $node_subscriber->start; # Create some preexisting content on publisher +$node_publisher->safe_psql( + 'postgres', + "CREATE FUNCTION public.pg_get_replica_identity_index(int) + RETURNS regclass LANGUAGE sql AS 'SELECT 1/0'"); # shall not call $node_publisher->safe_psql('postgres', "CREATE TABLE tab_notrep AS SELECT generate_series(1,10) AS a"); $node_publisher->safe_psql('postgres', |