Hi,
On 2024-04-18 10:33:30 +0200, Peter Eisentraut wrote:
> > Attached are fixes for struct option and a few more occurrences I've found
> > with a bit of grepping.
>
> These look good to me.
Thoughts about when to apply these? Arguably they're fixing mildly broken
code, making it appropriate to fix in 17, but it's also something that we
could end up fixing for a while...
There are some variations of this that are a bit harder to fix, btw. We have
objdump -j .data -t src/backend/postgres|sort -k5
...
0000000001474d00 g O .data 00000000000015f0 ConfigureNamesReal
0000000001479a80 g O .data 0000000000001fb0 ConfigureNamesEnum
0000000001476300 g O .data 0000000000003778 ConfigureNamesString
...
00000000014682e0 g O .data 0000000000005848 ConfigureNamesBool
000000000146db40 g O .data 00000000000071c0 ConfigureNamesInt
Not that thta's all *that* much these days, but it's still pretty silly to use
~80kB of memory in every postgres instance just because we didn't set
conf->gen.vartype = PGC_BOOL;
etc at compile time.
Large modifiable arrays with callbacks are also quite useful for exploitation,
as one doesn't need to figure out precise addresses.
Greetings,
Andres Freund