Обсуждение: restoring user id and SecContext before logging error in ri_PlanCheck
Hi,
I was looking at the code in ri_PlanCheck of src/backend/utils/adt/ri_triggers.c starting at line 2289.
When qplan is NULL, we log an error. This would skip calling SetUserIdAndSecContext().
I think the intention of the code should be restoring user id and SecContext regardless of the outcome from SPI_prepare().
If my understanding is correct, please take a look at the patch.
Thanks
Looking down in ri_PerformCheck(), I see there may be case where error from SPI_execute_snapshot() would skip restoring UID.
Please look at patch v2 which tried to handle such case.
Thanks
Вложения
On Wed, Nov 02, 2022 at 08:00:58AM -0700, Zhihong Yu wrote:
> Looking down in ri_PerformCheck(), I see there may be case where error from
> SPI_execute_snapshot() would skip restoring UID.
> @@ -2405,13 +2405,19 @@ ri_PerformCheck(const RI_ConstraintInfo *riinfo,
> SECURITY_NOFORCE_RLS);
>
> /* Finally we can run the query. */
> - spi_result = SPI_execute_snapshot(qplan,
> - vals, nulls,
> - test_snapshot, crosscheck_snapshot,
> - false, false, limit);
> -
> - /* Restore UID and security context */
> - SetUserIdAndSecContext(save_userid, save_sec_context);
> + PG_TRY();
> + {
> + spi_result = SPI_execute_snapshot(qplan,
> + vals, nulls,
> + test_snapshot, crosscheck_snapshot,
> + false, false, limit);
> + }
> + PG_FINALLY();
> + {
> + /* Restore UID and security context */
> + SetUserIdAndSecContext(save_userid, save_sec_context);
> + }
> + PG_END_TRY();
After an error, AbortSubTransaction() or AbortTransaction() will restore
userid and sec_context. That makes such changes unnecessary.