Re: Incorrect matching of sql/json PASSING variable names

Поиск
Список
Период
Сортировка
От Amit Langote
Тема Re: Incorrect matching of sql/json PASSING variable names
Дата
Msg-id CA+HiwqG4PSQf9E=c7+BzzRvnfQLEmmL=c6dDmio+ztc9_wx69w@mail.gmail.com
обсуждение исходный текст
Ответ на Incorrect matching of sql/json PASSING variable names  (Amit Langote <amitlangote09@gmail.com>)
Ответы Re: Incorrect matching of sql/json PASSING variable names
Список pgsql-hackers
Дерево обсуждения 
On Thu, Jun 6, 2024 at 6:20 PM Amit Langote <amitlangote09@gmail.com> wrote:
>
> Hi,
>
> Alvaro reported off-list that the following should really fail,
> because the jsonpath expression refers to a PASSING variable that
> doesn't exist:
>
> select json_query('"1"', jsonpath '$xy' passing 2 AS xyz);
>  json_query
> ------------
>  2
> (1 row)
>
> This works because of a bug in GetJsonPathVar() whereby it allows a
> jsonpath expression to reference any prefix of the PASSING variable
> names.
>
> Attached is a patch to fix that.

Here's an updated version that I'll push tomorrow.

--
Thanks, Amit Langote
Вложения

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Michael Paquier
Дата:
Сообщение: Re: Doc: fix a description regarding WAL summarizer on glossary page
Следующее
От: Ashutosh Sharma
Дата:
Сообщение: Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions