Postgres Pro
Downloads
Home   >   mailing lists

Thread: 6. PostgreSQL Server Subprocess Went down at Function 'has_dangerous_join_using'

6. PostgreSQL Server Subprocess Went down at Function 'has_dangerous_join_using'

From
Date:

Description: PostgreSQL Server Subprocess Went down at Function ‘has_dangerous_join_using’

PostgreSQL Server Version: PostgreSQL 15.2 on x86_64-pc-linux-gnu, compiled by Ubuntu clang version 12.0.1, 64-bit

Discoverer: Jingzhou Fu, Jie Liang and Zhiyong Wu in WingTecher Lab of Tsinghua University and Shuimuyulin ltd

Email address: fjz22@mails.tsinghua.edu.cn  ,   wuzy21@mails.tsinghua.edu.cn  ,  ljiee@mail.tsinghua.edu.cn

 

Way to Reproduce with Docker (write the poc content into file PoC.sql):

```bash

docker container rm some-postgres -f

docker run --name some-postgres -p 5432:5432 -e POSTGRES_PASSWORD=mysecretpassword -d postgres:15.2

 

sleep 5 # wait the server start …

 

docker exec -i some-postgres psql --user=postgres < PoC.sql

 

# Output:

#   server closed the connection unexpectedly

#          This probably means the server terminated abnormally

#          before or while processing the request.

#   connection to server was lost

```

 

PoC:

```sql

CREATE TABLE i (t int, b text, gist_point_tbl text) PARTITION BY RANGE (t);

CREATE VIEW gist_point_tbl WITH (security_barrier) AS

       SELECT * FROM i l NATURAL JOIN i r;

UPDATE pg_attribute SET attisdropped = true

    WHERE attrelid = 'i'::regclass AND attname = 'gist_point_tbl';

select pg_get_viewdef('gist_point_tbl');

```

 

Backtrace:

```

#0 0x1accaf3 (has_dangerous_join_using+0x883)

#1 0x1acc79c (has_dangerous_join_using+0x52c)

#2 0x1ac3b4f (set_deparse_for_query+0x49f)

#3 0x1aadfe3 (get_query_def+0x5d3)

#4 0x1aeb96b (make_viewdef+0x3db)

#5 0x1aa8a54 (pg_get_viewdef_worker+0x654)

#6 0x1aa8f13 (pg_get_viewdef_name+0x83)

#7 0xe84bc5 (ExecInterpExpr+0x23e5)

#8 0xe81cee (ExecInterpExprStillValid+0xbe)

#9 0xfc4805 (ExecEvalExprSwitchContext+0x85)

#10 0xfc45ff (ExecProject+0x18f)

#11 0xfc3f93 (ExecResult+0x463)

#12 0xedbf36 (ExecProcNodeFirst+0x116)

#13 0xec0e2c (ExecProcNode+0x7c)

#14 0xeb3a9f (ExecutePlan+0x1df)

#15 0xeb3780 (standard_ExecutorRun+0x550)

#16 0xeb3224 (ExecutorRun+0x64)

#17 0x16f6361 (PortalRunSelect+0x241)

#18 0x16f53bd (PortalRun+0x7ed)

#19 0x16e9694 (exec_simple_query+0xe04)

#20 0x16e7a63 (PostgresMain+0x1523)

#21 0x144c17b (BackendRun+0xbb)

#22 0x144ad85 (BackendStartup+0x525)

#23 0x14481e6 (ServerLoop+0x616)

#24 0x1443e0f (PostmasterMain+0x30cf)

#25 0x106ebf2 (main+0x5a2)

#26 0x7feec1f2d083 (__libc_start_main+0xf3)

#27 0x49fc0e (_start+0x2e)

```