diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2022-08-13 15:21:28 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2022-08-13 15:21:28 -0400 |
| commit | 60f876317efc7b9ad624b11ae2f4b8208e408ef4 (patch) | |
| tree | a1d861c68c93f91d63116a7a2a2dc92ea3633b4f /src | |
| parent | 8b2638fdd4ac87052afb5ebc0d3251bb1ace4bcb (diff) | |
| download | postgresql-60f876317efc7b9ad624b11ae2f4b8208e408ef4.tar.gz | |
Catch stack overflow when recursing in transformFromClauseItem().
Most parts of the parser can expect that the stack overflow check
in transformExprRecurse() will trigger before things get desperate.
However, transformFromClauseItem() can recurse directly to self
without having analyzed any expressions, so it's possible to drive
it to a stack-overrun crash. Add a check to prevent that.
Per bug #17583 from Egor Chindyaskin. Back-patch to all supported
branches.
Richard Guo
Discussion: https://postgr.es/m/17583-33be55b9f981f75c@postgresql.org
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/parser/parse_clause.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c index 855e3b50b1..c6a328c110 100644 --- a/src/backend/parser/parse_clause.c +++ b/src/backend/parser/parse_clause.c @@ -1055,6 +1055,9 @@ transformFromClauseItem(ParseState *pstate, Node *n, ParseNamespaceItem **top_nsitem, List **namespace) { + /* Guard against stack overflow due to overly deep subtree */ + check_stack_depth(); + if (IsA(n, RangeVar)) { /* Plain relation reference, or perhaps a CTE reference */ |