Alvaro Herrera 3e1338475f Add missing checks to some of pageinspect's BRIN functions ... brin_page_type() and brin_metapage_info() did not enforce being called by superuser, like other pageinspect functions that take bytea do. Since they don't verify the passed page thoroughly, it is possible to use them to read the server memory with a carefully crafted bytea value, up to a file kilobytes from where the input bytea is located. Have them throw errors if called by a non-superuser. Report and initial patch: Andreas Seltenreich Security: CVE-2016-3065		2016-03-28 10:57:42 -03:00
..
brinfuncs.c	Add missing checks to some of pageinspect's BRIN functions	2016-03-28 10:57:42 -03:00
btreefuncs.c	Restructure index access method API to hide most of it at the C level.	2016-01-17 19:36:59 -05:00
fsmfuncs.c	Update copyright for 2016	2016-01-02 13:33:40 -05:00
ginfuncs.c	Update copyright for 2016	2016-01-02 13:33:40 -05:00
heapfuncs.c	Update copyright for 2016	2016-01-02 13:33:40 -05:00
Makefile	Improve pageinspect module	2015-11-25 16:31:55 +03:00
pageinspect--1.0--1.1.sql	Fix typos in some error messages thrown by extension scripts when fed to psql.	2014-08-25 18:30:37 +02:00
pageinspect--1.1--1.2.sql	Fix typos in some error messages thrown by extension scripts when fed to psql.	2014-08-25 18:30:37 +02:00
pageinspect--1.2--1.3.sql	pageinspect/BRIN: minor tweaks	2014-12-02 12:20:50 -03:00
pageinspect--1.3--1.4.sql	Add forgotten file in commit d6061f83a1	2015-11-25 16:59:07 +03:00
pageinspect--1.4.sql	Improve pageinspect module	2015-11-25 16:31:55 +03:00
pageinspect--unpackaged--1.0.sql	Fix typos in some error messages thrown by extension scripts when fed to psql.	2014-08-25 18:30:37 +02:00
pageinspect.control	Improve pageinspect module	2015-11-25 16:31:55 +03:00
rawpage.c	Update copyright for 2016	2016-01-02 13:33:40 -05:00