From: Tomas Vondra Date: Tue, 31 Aug 2021 16:03:05 +0000 (+0200) Subject: Fix lookup error in extended stats ownership check X-Git-Tag: REL_10_19~75 X-Git-Url: http://git.postgresql.org/gitweb/?a=commitdiff_plain;h=bfb732c0e849705a04c7c07800edf7f407742f9f;p=postgresql.git Fix lookup error in extended stats ownership check When an ownership check on extended statistics object failed, the code was calling aclcheck_error_type to report the failure, which is clearly wrong, resulting in cache lookup errors. Fix by calling aclcheck_error. This issue exists since the introduction of extended statistics, so backpatch all the way back to PostgreSQL 10. It went unnoticed because there were no tests triggering the error, so add one. Reported-by: Mark Dilger Backpatch-through: 10, where extended stats were introduced Discussion: https://postgr.es/m/1F238937-7CC2-4703-A1B1-6DC225B8978A%40enterprisedb.com --- diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 9520059c3d5..4f377e32a4f 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -2425,7 +2425,8 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address, break; case OBJECT_STATISTIC_EXT: if (!pg_statistics_object_ownercheck(address.objectId, roleid)) - aclcheck_error_type(ACLCHECK_NOT_OWNER, address.objectId); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_STATISTICS, + NameListToString(castNode(List, object))); break; default: elog(ERROR, "unrecognized object type: %d", diff --git a/src/test/regress/expected/stats_ext.out b/src/test/regress/expected/stats_ext.out index 914e3f14730..d9c371831dd 100644 --- a/src/test/regress/expected/stats_ext.out +++ b/src/test/regress/expected/stats_ext.out @@ -35,6 +35,17 @@ DROP TABLE ext_stats_test; -- Ensure stats are dropped sanely, and test IF NOT EXISTS while at it CREATE TABLE ab1 (a INTEGER, b INTEGER, c INTEGER); CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1; +COMMENT ON STATISTICS ab1_a_b_stats IS 'new comment'; +CREATE ROLE temp_role; +SET SESSION AUTHORIZATION temp_role; +COMMENT ON STATISTICS ab1_a_b_stats IS 'changed comment'; +ERROR: must be owner of statistics object ab1_a_b_stats +DROP STATISTICS ab1_a_b_stats; +ERROR: must be owner of statistics object ab1_a_b_stats +ALTER STATISTICS ab1_a_b_stats RENAME TO ab1_a_b_stats_new; +ERROR: must be owner of statistics object ab1_a_b_stats +RESET SESSION AUTHORIZATION; +DROP ROLE temp_role; CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1; NOTICE: statistics object "ab1_a_b_stats" already exists, skipping DROP STATISTICS ab1_a_b_stats; diff --git a/src/test/regress/sql/stats_ext.sql b/src/test/regress/sql/stats_ext.sql index c1dda8ca7de..ed5a58d3f7e 100644 --- a/src/test/regress/sql/stats_ext.sql +++ b/src/test/regress/sql/stats_ext.sql @@ -23,6 +23,15 @@ DROP TABLE ext_stats_test; -- Ensure stats are dropped sanely, and test IF NOT EXISTS while at it CREATE TABLE ab1 (a INTEGER, b INTEGER, c INTEGER); CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1; +COMMENT ON STATISTICS ab1_a_b_stats IS 'new comment'; +CREATE ROLE temp_role; +SET SESSION AUTHORIZATION temp_role; +COMMENT ON STATISTICS ab1_a_b_stats IS 'changed comment'; +DROP STATISTICS ab1_a_b_stats; +ALTER STATISTICS ab1_a_b_stats RENAME TO ab1_a_b_stats_new; +RESET SESSION AUTHORIZATION; +DROP ROLE temp_role; + CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1; DROP STATISTICS ab1_a_b_stats;