diff options
| author | Tom Lane | 2022-08-13 19:21:28 +0000 |
|---|---|---|
| committer | Tom Lane | 2022-08-13 19:21:28 +0000 |
| commit | e07ebd4b6e606a7c03ed3c6bf5d6bcbb725247b4 (patch) | |
| tree | a2352ab8afa0a175ad2ec14df3f37cc20c469679 | |
| parent | 8ded65682bee2a1c04392a88e0df0f4fc7552623 (diff) | |
Catch stack overflow when recursing in transformFromClauseItem().
Most parts of the parser can expect that the stack overflow check
in transformExprRecurse() will trigger before things get desperate.
However, transformFromClauseItem() can recurse directly to self
without having analyzed any expressions, so it's possible to drive
it to a stack-overrun crash. Add a check to prevent that.
Per bug #17583 from Egor Chindyaskin. Back-patch to all supported
branches.
Richard Guo
Discussion: https://postgr.es/m/[email protected]
| -rw-r--r-- | src/backend/parser/parse_clause.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c index 5a18107e79..b85fbebd00 100644 --- a/src/backend/parser/parse_clause.c +++ b/src/backend/parser/parse_clause.c @@ -1050,6 +1050,9 @@ transformFromClauseItem(ParseState *pstate, Node *n, ParseNamespaceItem **top_nsitem, List **namespace) { + /* Guard against stack overflow due to overly deep subtree */ + check_stack_depth(); + if (IsA(n, RangeVar)) { /* Plain relation reference, or perhaps a CTE reference */ |