E.171. Release 8.3.7
Release date: 2009-03-16
This release contains a variety of fixes from 8.3.6. For information about new features in the 8.3 major release, see Section E.178 .
E.171.1. Migration to Version 8.3.7
A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.5, see Section E.173 .
E.171.2. Changes
-
Prevent error recursion crashes when encoding conversion fails (Tom)
This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that any error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922)
-
Disallow
CREATE CONVERSION
with the wrong encodings for the specified conversion function (Heikki)This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area.
-
Fix
xpath()
to not modify the path expression unless necessary, and to make a saner attempt at it when necessary (Andrew)The SQL standard suggests that
xpath
should work on data that is a document fragment, but libxml doesn't support that, and indeed it's not clear that this is sensible according to the XPath standard.xpath
attempted to work around this mismatch by modifying both the data and the path expression, but the modification was buggy and could cause valid searches to fail. Now,xpath
checks whether the data is in fact a well-formed document, and if so invokes libxml with no change to the data or path expression. Otherwise, a different modification method that is somewhat less likely to fail is used.Note
The new modification method is still not 100% satisfactory, and it seems likely that no real solution is possible. This patch should therefore be viewed as a band-aid to keep from breaking existing applications unnecessarily. It is likely that PostgreSQL 8.4 will simply reject use of
xpath
on data that is not a well-formed document. -
Fix core dump when
to_char()
is given format codes that are inappropriate for the type of the data argument (Tom) -
Fix possible failure in text search when C locale is used with a multi-byte encoding (Teodor)
Crashes were possible on platforms where
wchar_t
is narrower thanint
; Windows in particular. -
Fix extreme inefficiency in text search parser's handling of an email-like string containing multiple
@
characters (Heikki) -
Fix planner problem with sub-
SELECT
in the output list of a larger subquery (Tom)The known symptom of this bug is a " failed to locate grouping columns " error that is dependent on the datatype involved; but there could be other issues as well.
-
Fix decompilation of
CASE WHEN
with an implicit coercion (Tom)This mistake could lead to Assert failures in an Assert-enabled build, or an " unexpected CASE WHEN clause " error message in other cases, when trying to examine or dump a view.
-
Fix possible misassignment of the owner of a TOAST table's rowtype (Tom)
If
CLUSTER
or a rewriting variant ofALTER TABLE
were executed by someone other than the table owner, thepg_type
entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or " owner of data type appears to be invalid " warnings from pg_dump after having done so (in 8.3). -
Change
UNLISTEN
to exit quickly if the current session has never executed anyLISTEN
command (Tom)Most of the time this is not a particularly useful optimization, but since
DISCARD ALL
invokesUNLISTEN
, the previous coding caused a substantial performance problem for applications that made heavy use ofDISCARD ALL
. -
Fix PL/pgSQL to not treat
INTO
afterINSERT
as an INTO-variables clause anywhere in the string, not only at the start; in particular, don't fail forINSERT INTO
withinCREATE RULE
(Tom) -
Clean up PL/pgSQL error status variables fully at block exit (Ashesh Vashi and Dave Page)
This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function.
-
Retry failed calls to
CallNamedPipe()
on Windows (Steve Marshall, Magnus)It appears that this function can sometimes fail transiently; we previously treated any failure as a hard error, which could confuse
LISTEN
/NOTIFY
as well as other operations. -
Add
MUST
(Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud)