pgsql: Avoid repeated table name lookups in createPartitionTable()

Avoid repeated table name lookups in createPartitionTable()

Currently, createPartitionTable() opens newly created table using its name.
This approach is prone to privilege escalation attack, because we might end
up opening another table than we just created.

This commit address the issue above by opening newly created table by its
OID.  It appears to be tricky to get a relation OID out of ProcessUtility().
We have to extend TableLikeClause with new newRelationOid field, which is
filled within ProcessUtility() to be further accessed by caller.

Security: CVE-2014-0062
Reported-by: Noah Misch
Discussion: https://postgr.es/m/20240808171351.a9.nmisch%40google.com
Reviewed-by: Pavel Borisov, Dmitry Koval

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/04158e7fa37c2dda9c3421ca922d02807b86df19

Modified Files
--------------
src/backend/commands/tablecmds.c | 3 ++-
src/backend/parser/gram.y        | 1 +
src/backend/tcop/utility.c       | 6 ++++++
src/include/nodes/parsenodes.h   | 1 +
4 files changed, 10 insertions(+), 1 deletion(-)