From 573fe25203d8df257f01477bc429f0d0f311c3d6 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Wed, 1 Jan 2003 21:57:18 +0000 Subject: fastpath code neglected to check whether user has privileges to call the target function. Also, move SetQuerySnapshot() call to avoid assert failure when a fastpath call is attempted in an aborted transaction. --- src/backend/tcop/fastpath.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'src/backend/tcop/fastpath.c') diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c index 23cc25fc6de..c1353d0b312 100644 --- a/src/backend/tcop/fastpath.c +++ b/src/backend/tcop/fastpath.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.54 2002/08/24 15:00:46 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.54.2.1 2003/01/01 21:57:18 tgl Exp $ * * NOTES * This cruft is the server side of PQfn. @@ -65,8 +65,10 @@ #include "libpq/libpq.h" #include "libpq/pqformat.h" #include "tcop/fastpath.h" +#include "utils/acl.h" #include "utils/lsyscache.h" #include "utils/syscache.h" +#include "utils/tqual.h" /* ---------------- @@ -221,6 +223,7 @@ HandleFunctionRequest(void) int argsize; int nargs; int tmp; + AclResult aclresult; FunctionCallInfoData fcinfo; Datum retval; int i; @@ -337,6 +340,18 @@ HandleFunctionRequest(void) elog(ERROR, "current transaction is aborted, " "queries ignored until end of transaction block"); + /* Check permission to call function */ + aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE); + if (aclresult != ACLCHECK_OK) + aclcheck_error(aclresult, get_func_name(fid)); + + /* + * Set up a query snapshot in case function needs one. (It is not safe + * to do this if we are in transaction-abort state, so we have to postpone + * it till now. Ugh.) + */ + SetQuerySnapshot(); + #ifdef NO_FASTPATH /* force a NULL return */ retval = (Datum) 0; -- cgit v1.2.3