From 6c96188cb5561bc6d58e43243fa0a76bfa938a9b Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Mon, 27 Aug 2007 01:39:25 +0000 Subject: [PATCH] Remove the 'not in' operator (!!=). This was a hangover from Berkeley days that was obsolete the moment we had IN (SELECT ...) capability. It's arguably a security hole since it applied no permissions check to the table it searched, and since it was never documented anywhere, removing it seems more appropriate than fixing it. --- src/backend/utils/adt/Makefile | 4 +- src/backend/utils/adt/not_in.c | 124 ------------------------------ src/include/catalog/catversion.h | 4 +- src/include/catalog/pg_operator.h | 4 +- src/include/catalog/pg_proc.h | 6 +- src/include/utils/builtins.h | 6 +- 6 files changed, 7 insertions(+), 141 deletions(-) delete mode 100644 src/backend/utils/adt/not_in.c diff --git a/src/backend/utils/adt/Makefile b/src/backend/utils/adt/Makefile index 73fcebb496..a1f233dca8 100644 --- a/src/backend/utils/adt/Makefile +++ b/src/backend/utils/adt/Makefile @@ -1,7 +1,7 @@ # # Makefile for utils/adt # -# $PostgreSQL: pgsql/src/backend/utils/adt/Makefile,v 1.65 2007/08/21 01:11:18 tgl Exp $ +# $PostgreSQL: pgsql/src/backend/utils/adt/Makefile,v 1.66 2007/08/27 01:39:24 tgl Exp $ # subdir = src/backend/utils/adt @@ -19,7 +19,7 @@ OBJS = acl.o arrayfuncs.o array_userfuncs.o arrayutils.o bool.o \ cash.o char.o date.o datetime.o datum.o domains.o \ enum.o float.o format_type.o \ geo_ops.o geo_selfuncs.o int.o int8.o like.o lockfuncs.o \ - misc.o nabstime.o name.o not_in.o numeric.o numutils.o \ + misc.o nabstime.o name.o numeric.o numutils.o \ oid.o oracle_compat.o pseudotypes.o rowtypes.o \ regexp.o regproc.o ruleutils.o selfuncs.o \ tid.o timestamp.o varbit.o varchar.o varlena.o version.o xid.o \ diff --git a/src/backend/utils/adt/not_in.c b/src/backend/utils/adt/not_in.c deleted file mode 100644 index 26ce2d1528..0000000000 --- a/src/backend/utils/adt/not_in.c +++ /dev/null @@ -1,124 +0,0 @@ -/*------------------------------------------------------------------------- - * - * not_in.c - * Executes the "not_in" operator for any data type - * - * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group - * Portions Copyright (c) 1994, Regents of the University of California - * - * - * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/adt/not_in.c,v 1.46 2007/01/05 22:19:41 momjian Exp $ - * - *------------------------------------------------------------------------- - */ -/* - * - * XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - * X HACK WARNING!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! X - * XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - * - * This code is the OLD not-in code that is HACKED - * into place until operators that can have arguments as - * columns are ******REALLY****** implemented!!!!!!!!!!! - * - */ - -#include "postgres.h" - -#include "access/heapam.h" -#include "catalog/namespace.h" -#include "parser/parse_relation.h" -#include "utils/builtins.h" - - -/* ---------------------------------------------------------------- - * - * ---------------------------------------------------------------- - */ -Datum -int4notin(PG_FUNCTION_ARGS) -{ - int32 not_in_arg = PG_GETARG_INT32(0); - text *relation_and_attr = PG_GETARG_TEXT_P(1); - List *names; - int nnames; - RangeVar *relrv; - char *attribute; - Relation relation_to_scan; - int32 integer_value; - HeapTuple current_tuple; - HeapScanDesc scan_descriptor; - bool isNull, - retval; - int attrid; - Datum value; - - /* Parse the argument */ - - names = textToQualifiedNameList(relation_and_attr); - nnames = list_length(names); - if (nnames < 2) - ereport(ERROR, - (errcode(ERRCODE_INVALID_NAME), - errmsg("invalid name syntax"), - errhint("Must provide \"relationname.columnname\"."))); - attribute = strVal(llast(names)); - names = list_truncate(names, nnames - 1); - relrv = makeRangeVarFromNameList(names); - - /* Open the relation and get a relation descriptor */ - relation_to_scan = heap_openrv(relrv, AccessShareLock); - - /* Find the column to search */ - attrid = attnameAttNum(relation_to_scan, attribute, true); - if (attrid == InvalidAttrNumber) - ereport(ERROR, - (errcode(ERRCODE_UNDEFINED_COLUMN), - errmsg("column \"%s\" of relation \"%s\" does not exist", - attribute, - RelationGetRelationName(relation_to_scan)))); - - scan_descriptor = heap_beginscan(relation_to_scan, SnapshotNow, - 0, (ScanKey) NULL); - - retval = true; - - /* do a scan of the relation, and do the check */ - while ((current_tuple = heap_getnext(scan_descriptor, ForwardScanDirection)) != NULL) - { - value = heap_getattr(current_tuple, - (AttrNumber) attrid, - RelationGetDescr(relation_to_scan), - &isNull); - if (isNull) - continue; - integer_value = DatumGetInt32(value); - if (not_in_arg == integer_value) - { - retval = false; - break; /* can stop scanning now */ - } - } - - /* close the relation */ - heap_endscan(scan_descriptor); - heap_close(relation_to_scan, AccessShareLock); - - PG_RETURN_BOOL(retval); -} - -Datum -oidnotin(PG_FUNCTION_ARGS) -{ - Oid the_oid = PG_GETARG_OID(0); - -#ifdef NOT_USED - text *relation_and_attr = PG_GETARG_TEXT_P(1); -#endif - - if (the_oid == InvalidOid) - PG_RETURN_BOOL(false); - /* XXX assume oid maps to int4 */ - return int4notin(fcinfo); -} diff --git a/src/include/catalog/catversion.h b/src/include/catalog/catversion.h index 13658efacf..2fe3104136 100644 --- a/src/include/catalog/catversion.h +++ b/src/include/catalog/catversion.h @@ -37,7 +37,7 @@ * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/include/catalog/catversion.h,v 1.418 2007/08/25 01:06:25 tgl Exp $ + * $PostgreSQL: pgsql/src/include/catalog/catversion.h,v 1.419 2007/08/27 01:39:24 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -53,6 +53,6 @@ */ /* yyyymmddN */ -#define CATALOG_VERSION_NO 200708241 +#define CATALOG_VERSION_NO 200708261 #endif diff --git a/src/include/catalog/pg_operator.h b/src/include/catalog/pg_operator.h index 4b6f257557..7300dd2969 100644 --- a/src/include/catalog/pg_operator.h +++ b/src/include/catalog/pg_operator.h @@ -8,7 +8,7 @@ * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/include/catalog/pg_operator.h,v 1.154 2007/08/21 01:11:25 tgl Exp $ + * $PostgreSQL: pgsql/src/include/catalog/pg_operator.h,v 1.155 2007/08/27 01:39:24 tgl Exp $ * * NOTES * the genbki.sh script reads this file and generates .bki @@ -290,8 +290,6 @@ DATA(insert OID = 622 ( "<" PGNSP PGUID b f f 700 700 16 623 625 float4lt s DATA(insert OID = 623 ( ">" PGNSP PGUID b f f 700 700 16 622 624 float4gt scalargtsel scalargtjoinsel )); DATA(insert OID = 624 ( "<=" PGNSP PGUID b f f 700 700 16 625 623 float4le scalarltsel scalarltjoinsel )); DATA(insert OID = 625 ( ">=" PGNSP PGUID b f f 700 700 16 624 622 float4ge scalargtsel scalargtjoinsel )); -DATA(insert OID = 626 ( "!!=" PGNSP PGUID b f f 23 25 16 0 0 int4notin - - )); -DATA(insert OID = 627 ( "!!=" PGNSP PGUID b f f 26 25 16 0 0 oidnotin - - )); DATA(insert OID = 630 ( "<>" PGNSP PGUID b f f 18 18 16 630 92 charne neqsel neqjoinsel )); DATA(insert OID = 631 ( "<" PGNSP PGUID b f f 18 18 16 633 634 charlt scalarltsel scalarltjoinsel )); diff --git a/src/include/catalog/pg_proc.h b/src/include/catalog/pg_proc.h index a19bda2ab7..eb1bcdf355 100644 --- a/src/include/catalog/pg_proc.h +++ b/src/include/catalog/pg_proc.h @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/include/catalog/pg_proc.h,v 1.464 2007/08/22 01:39:45 tgl Exp $ + * $PostgreSQL: pgsql/src/include/catalog/pg_proc.h,v 1.465 2007/08/27 01:39:24 tgl Exp $ * * NOTES * The script catalog/genbki.sh reads this file and generates .bki @@ -902,10 +902,6 @@ DESCR("convert int8 to int2"); DATA(insert OID = 754 ( int8 PGNSP PGUID 12 1 0 f f t f i 1 20 "21" _null_ _null_ _null_ int28 - _null_ )); DESCR("convert int2 to int8"); -DATA(insert OID = 1285 ( int4notin PGNSP PGUID 12 1 0 f f t f s 2 16 "23 25" _null_ _null_ _null_ int4notin - _null_ )); -DESCR("not in"); -DATA(insert OID = 1286 ( oidnotin PGNSP PGUID 12 1 0 f f t f s 2 16 "26 25" _null_ _null_ _null_ oidnotin - _null_ )); -DESCR("not in"); DATA(insert OID = 655 ( namelt PGNSP PGUID 12 1 0 f f t f i 2 16 "19 19" _null_ _null_ _null_ namelt - _null_ )); DESCR("less-than"); DATA(insert OID = 656 ( namele PGNSP PGUID 12 1 0 f f t f i 2 16 "19 19" _null_ _null_ _null_ namele - _null_ )); diff --git a/src/include/utils/builtins.h b/src/include/utils/builtins.h index ee0532f63b..8feb54c208 100644 --- a/src/include/utils/builtins.h +++ b/src/include/utils/builtins.h @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/include/utils/builtins.h,v 1.300 2007/08/21 01:11:30 tgl Exp $ + * $PostgreSQL: pgsql/src/include/utils/builtins.h,v 1.301 2007/08/27 01:39:25 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -418,10 +418,6 @@ extern Datum pg_tablespace_databases(PG_FUNCTION_ARGS); extern Datum pg_rotate_logfile(PG_FUNCTION_ARGS); extern Datum pg_sleep(PG_FUNCTION_ARGS); -/* not_in.c */ -extern Datum int4notin(PG_FUNCTION_ARGS); -extern Datum oidnotin(PG_FUNCTION_ARGS); - /* oid.c */ extern Datum oidin(PG_FUNCTION_ARGS); extern Datum oidout(PG_FUNCTION_ARGS); -- GitLab