Hi Naoya
I think, you should change the subject line to "Unquoted service path
containing space is vulnerable and can be exploited on Windows" to get the
attention.. :)
BTW, in your case, the file "Program" should be an exe and not just any
other file to exploit this vulnerability. Right?
On
Hi,Sandeep
Thanks.
Sorry, There was a mistake in what I said.
I said
> Not only "pg_ctl.exe" but "postgres.exe" also have the same problem.
but, to say it correctly,
"postgres.exe" does not have the problem.
Source that contains the problem is only "pg_ctl.c".
> So, this is not an instal
Yes. It should not be installer issue as installer is using pg_ctl to
register and run the service on Windows. Thanks.
Best Regards,
Muhammad Asif Naeem
On Tue, Oct 29, 2013 at 9:57 AM, Sandeep Thakkar <
sandeep.thak...@enterprisedb.com> wrote:
> So, this is not an installer issue. Is this bug
On Wed, Oct 23, 2013 at 3:46 AM, Alvaro Herrera
wrote:
> Hi,
>
> There has been some interest in keeping track of timestamp of
> transaction commits. This patch implements that.
Some of the use cases, I could think of are
1. Is it for usecases such that if user want to read all data of table
whe
So, this is not an installer issue. Is this bug raised to the PostgreSQL
community? If yes, you should submit the patch there.
On Tue, Oct 29, 2013 at 6:23 AM, Naoya Anzai
wrote:
> Hi, Asif
>
> Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf.
>
> > Good finding. I have
The following trigger is a PL/PgSQL prototype of a row-security trigger
to enforce row-security policy on writes.
I'm not proposing it for use as-is obviously, I'm just looking into how
things work and things to fix.
The biggest problem here is that the policy can by bypassed by a trigger
that ru
On Mon, Oct 28, 2013 at 6:27 PM, Tom Lane wrote:
> roleid = get_role_oid(port->user_name, true);
Thank you for that, that appears to work very well to my purpose, as
does ClientAuthentication_hook, now.
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make chang
Andres Freund writes:
> On 2013-10-28 21:14:48 -0400, Tom Lane wrote:
>> 2. valgrind causes autovacuum to dump core, at least on my box (RHEL6).
> Yea, I know which bug that is, I've pushed the valgrind guys into fixing
> it...
> https://bugs.kde.org/show_bug.cgi?id=280114
Thanks, I whined to Re
On Mon, Oct 28, 2013 at 10:30:10PM -0400, Tom Lane wrote:
> Noah Misch writes:
> > On Mon, Oct 28, 2013 at 09:14:48PM -0400, Tom Lane wrote:
> >> 2. valgrind causes autovacuum to dump core, at least on my box (RHEL6).
>
> > Don't bother with versions older than Valgrind 3.8.1.
>
> $ rpm -qa | gr
On 2013-10-28 22:20:02 -0400, Noah Misch wrote:
> > 2. valgrind causes autovacuum to dump core, at least on my box (RHEL6).
>
> Don't bother with versions older than Valgrind 3.8.1. Besides having a fix
> for that bug, it runs PostgreSQL an order of magnitude faster, per the comment
> in pg_confi
Noah Misch writes:
> On Mon, Oct 28, 2013 at 09:14:48PM -0400, Tom Lane wrote:
>> 2. valgrind causes autovacuum to dump core, at least on my box (RHEL6).
> Don't bother with versions older than Valgrind 3.8.1.
$ rpm -qa | grep valgrind
valgrind-3.8.1-3.2.el6.x86_64
regar
On Mon, Oct 28, 2013 at 04:02:36PM -0400, Tom Lane wrote:
> It seems to me the most reasonable fix for this is to make
> TupleDescInitEntry notice that the passed "attributeName" points
> at the tupdesc's name field and not call namestrcpy if so.
+1
--
Noah Misch
EnterpriseDB
On Mon, Oct 28, 2013 at 09:14:48PM -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2013-10-28 16:02:36 -0400, Tom Lane wrote:
> >> The larger problem though is what you'd do with the output. There's
> >> enough false-positive noise from valgrind that I can't see having
> >> the buildfarm ru
Andres Freund writes:
> On 2013-10-28 21:14:48 -0400, Tom Lane wrote:
>> They're not all gone according to my testing; but there are far worse
>> problems:
> Spurious or real bugs? Inside PG or libc?
I saw a bunch of uninitialized-value complaints in initdb, apparently from
places in BootstrapXL
On 2013-10-28 21:14:48 -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2013-10-28 16:02:36 -0400, Tom Lane wrote:
> >> The larger problem though is what you'd do with the output. There's
> >> enough false-positive noise from valgrind that I can't see having
> >> the buildfarm run just fail
On 10/28/2013 05:52 PM, Stéphan BEUZE wrote:
> Is it OK if I send a test case written in Java ? Or is there a well
> defined way to post test case ?
A standalone test case written in Java is pretty easy to run. Just
provide build and run instructions - for example, if it's a stand-alone
file, inst
Daniel Farina writes:
> What hook would you recommend that matches this criteria:
> * Runs post-authentication
> * ..Once
ClientAuthentication_hook
> My general approach has been to try to use
> GetUserNameFromId(GetSessionUserId()), but this requires
> InitializeSessionUserId be called first,
Hi,
I've started a valgrind run earlier when trying to run the regression
tests with valgrind --error-exitcode=122 (to cause the regression tests
to fail visibly) but it crashed frequently...
One of them was:
==2184== Invalid write of size 8
==2184==at 0x76787F: smgrclose (smgr.c:284)
==2184
Andres Freund writes:
> On 2013-10-28 16:02:36 -0400, Tom Lane wrote:
>> The larger problem though is what you'd do with the output. There's
>> enough false-positive noise from valgrind that I can't see having
>> the buildfarm run just fail if there are any messages. What to do
>> instead isn't
Hi, Asif
Thank you for providing my patch (pg_ctl.c.patch) to Sandeep on my behalf.
> Good finding. I have attached another version of patch
> (pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of code
> changes, can you please take a look ?. Thanks.
I think your patch is not
What hook would you recommend that matches this criteria:
* Runs post-authentication
* ..Once
I was putting together a little extension module[0] intended to do
connection limits out-of-band with the catalog (so that hot standbys
and primaries can have different imposed connection limits), but a
On 10/28/13, 4:11 PM, Peter Geoghegan wrote:
> On Mon, Oct 28, 2013 at 6:11 PM, Tom Lane wrote:
>> Both gcc and glibc have been moving steadily in the direction of
>> aggressively exploiting "undefined behavior" cases for optimization
>> purposes. I don't know if there is yet a platform where str
Hi Sandeep,
PFA Naoya's patch (pg_ctl.c.patch).
Hi Naoya,
Good finding. I have attached another version of patch
(pg_ctl.c_windows_vulnerability.patch) attached that has fewer lines of
code changes, can you please take a look ?. Thanks.
Best Regards,
Asif Naeem
On Mon, Oct 28, 2013 at 4:46 PM
On 2013-10-28 16:29:35 -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2013-10-28 16:06:47 -0400, Tom Lane wrote:
> >> You're both just handwaving. How many is "many", and which ones might
> >> we actually have enough use for to justify dealing with such a dependency?
> >> I don't think we
On 2013-10-28 16:02:36 -0400, Tom Lane wrote:
> Andres Freund writes:
> > It'd be relatively easy to add support for make check (not installcheck)
> > wrapping postgres in valgrind via pg_regress, but I am not sure that's
> > the best way to go.
>
> > I think defining an additional CFLAG (USE_VAL
Andres Freund writes:
> On 2013-10-28 16:06:47 -0400, Tom Lane wrote:
>> You're both just handwaving. How many is "many", and which ones might
>> we actually have enough use for to justify dealing with such a dependency?
>> I don't think we should buy into this without some pretty concrete
>> jus
On 2013-10-28 16:06:47 -0400, Tom Lane wrote:
> Heikki Linnakangas writes:
> > On 28.10.2013 21:32, Andres Freund wrote:
> >> I think there are quite some algorithms relying on 16byte CAS, that's
> >> why I was thinking about it at all. I think it's easier to add support
> >> for it in the easier
Andres Freund writes:
> On 2013-10-28 14:26:20 -0400, Tom Lane wrote:
>> No; see my upthread comments. I think what we want to do is to have
>> PG_DETOAST_DATUM automatically flatten non-flat datums, and to require
>> functions that can cope with non-flat inputs to use a new argument
>> fetching
On Mon, Oct 28, 2013 at 6:11 PM, Tom Lane wrote:
> Both gcc and glibc have been moving steadily in the direction of
> aggressively exploiting "undefined behavior" cases for optimization
> purposes. I don't know if there is yet a platform where strncpy with
> src == dest behaves oddly, but we'd be
Heikki Linnakangas writes:
> On 28.10.2013 21:32, Andres Freund wrote:
>> I think there are quite some algorithms relying on 16byte CAS, that's
>> why I was thinking about it at all. I think it's easier to add support
>> for it in the easier trawl through the compilers, but I won't argue much
>> f
On 28.10.2013 21:32, Andres Freund wrote:
On 2013-10-28 15:02:41 -0400, Robert Haas wrote:
Most of the academic papers I've read on
implementing lock-free or highly-parallel constructs attempt to
confine themselves to 8-byte operations with 8-byte compare-and-swap,
and I'm a bit disposed to thin
Andres Freund writes:
> It'd be relatively easy to add support for make check (not installcheck)
> wrapping postgres in valgrind via pg_regress, but I am not sure that's
> the best way to go.
> I think defining an additional CFLAG (USE_VALGRIND) shouldn't be a
> problem?
CFLAGS doesn't seem to h
On Mon, Oct 28, 2013 at 3:32 PM, Andres Freund wrote:
>> I wonder whether it'd be safe to assume that any machine where
>> pointers are 8 bytes has 8-byte atomic loads and stores. I bet there
>> is a counterexample somewhere. :-(
>
> Sparc64 :(.
>
> Btw, could you quickly give some keywords what
On 2013-10-28 15:20:20 -0400, Andrew Dunstan wrote:
>
> On 10/28/2013 02:26 PM, Andres Freund wrote:
> >
> >It'd be neat if we could get a buildfarm animal up that uses valgrind -
> >which would catch such and lots of other errors. That's where the topic
> >has come up in the past:
> >http://www.p
On 2013-10-28 15:02:41 -0400, Robert Haas wrote:
> On Mon, Oct 28, 2013 at 2:19 PM, Andres Freund wrote:
> >> I'm not terribly excited about relying on 16-byte CAS, but I agree
> >> that 8-byte math, at least, is important. I've not been successful in
> >> finding any evidence that gcc has prepro
On 10/28/2013 02:26 PM, Andres Freund wrote:
It'd be neat if we could get a buildfarm animal up that uses valgrind -
which would catch such and lots of other errors. That's where the topic
has come up in the past:
http://www.postgresql.org/message-id/20110312133224.GA7833%40tornado.gateway.2wir
Done, thanks.
2013/10/28 Robert Haas
> On Sat, Oct 26, 2013 at 9:17 AM, Rodolfo Campero
> wrote:
> > The attached patch add support of domains over arrays to PL/Python (eg:
> > CREATE DOMAIN my_domain AS integer[]).
> >
> > Basically it just uses get_base_element_type instead of get_element_ty
On 2013-10-28 14:26:20 -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2013-10-28 13:41:46 -0400, Tom Lane wrote:
> >> I don't think that's a safe assumption at all. We need to be able to do
> >> flattening anywhere PG_DETOAST_DATUM() can be called.
>
> > I am not sure we want things to wo
On Mon, Oct 28, 2013 at 2:19 PM, Andres Freund wrote:
>> I'm not terribly excited about relying on 16-byte CAS, but I agree
>> that 8-byte math, at least, is important. I've not been successful in
>> finding any evidence that gcc has preprocessor symbols to tell us
>> about the properties of 8-by
Hi,
On Mon, Oct 28, 2013 at 7:11 PM, Tom Lane wrote:
>
> If copying takes place between objects that overlap, the behavior is
> undefined.
>
> Both gcc and glibc have been moving steadily in the direction of
> aggressively exploiting "undefined behavior" cases for optimization
> purposes. I do
On 2013-10-28 14:11:12 -0400, Tom Lane wrote:
> Robert Haas writes:
> > On Mon, Oct 28, 2013 at 12:11 PM, Andres Freund
> > wrote:
> >> There have been previous discussions about fixing strcpy calls with
> >> identical source/destination (same for memcpy) but it was deemed not
> >> worth the eff
Andres Freund writes:
> On 2013-10-28 13:41:46 -0400, Tom Lane wrote:
>> I don't think that's a safe assumption at all. We need to be able to do
>> flattening anywhere PG_DETOAST_DATUM() can be called.
> I am not sure we want things to work along those lines. I'd rather make
> PG_DETOAST_DATUM p
On 2013-10-28 14:10:48 -0400, Robert Haas wrote:
> On Wed, Oct 16, 2013 at 12:52 PM, Andres Freund
> wrote:
> >> I have a related problem, which is that some code I'm currently
> >> working on vis-a-vis parallelism can run lock-free on platforms with
> >> atomic 8 bit assignment but needs a spinl
On Wed, Oct 16, 2013 at 12:52 PM, Andres Freund wrote:
>> I have a related problem, which is that some code I'm currently
>> working on vis-a-vis parallelism can run lock-free on platforms with
>> atomic 8 bit assignment but needs a spinlock or two elsewhere. So I'd
>> want to use pg_atomic_store
Robert Haas writes:
> On Mon, Oct 28, 2013 at 12:11 PM, Andres Freund
> wrote:
>> There have been previous discussions about fixing strcpy calls with
>> identical source/destination (same for memcpy) but it was deemed not
>> worth the effort. I don't really see an alternative to fixing it now.
On 2013-10-28 13:41:46 -0400, Tom Lane wrote:
> Andres Freund writes:
> > On 2013-10-28 12:42:28 -0400, Tom Lane wrote:
> >> Meh. If you don't include a function pointer you will still need the OID
> >> of the datatype or the decompression function, so it's not like omitting
> >> it is free.
>
>
On Mon, Oct 28, 2013 at 12:34 PM, Tom Lane wrote:
> Robert Haas writes:
>> ... we could leave the parentheses out in
>> whichever case it's equivalent to.
>
> Ah, I see what you're getting at now. Yeah, that might be a useful
> readability improvement.
>
>> ... I fairly commonly
>> write queries
On Mon, Oct 28, 2013 at 05:48:55PM +0100, Andres Freund wrote:
> On 2013-10-28 12:42:28 -0400, Tom Lane wrote:
> > Robert Haas writes:
> > > On Mon, Oct 28, 2013 at 11:12 AM, Tom Lane wrote:
> > >> The idea I'm thinking about at the moment is that toast tokens of this
> > >> sort might each conta
Andres Freund writes:
> On 2013-10-28 12:42:28 -0400, Tom Lane wrote:
>> Meh. If you don't include a function pointer you will still need the OID
>> of the datatype or the decompression function, so it's not like omitting
>> it is free.
> That's what I thought at first too - but I am not sure it
On 2013-10-28 12:42:28 -0400, Tom Lane wrote:
> Robert Haas writes:
> > On Mon, Oct 28, 2013 at 11:12 AM, Tom Lane wrote:
> >> The idea I'm thinking about at the moment is that toast tokens of this
> >> sort might each contain a function pointer to the required flattening
> >> function.
>
> > Th
Robert Haas writes:
> On Mon, Oct 28, 2013 at 11:12 AM, Tom Lane wrote:
>> The idea I'm thinking about at the moment is that toast tokens of this
>> sort might each contain a function pointer to the required flattening
>> function.
> This might be OK, but it bloats the in-memory representation.
Robert Haas writes:
> ... we could leave the parentheses out in
> whichever case it's equivalent to.
Ah, I see what you're getting at now. Yeah, that might be a useful
readability improvement.
> ... I fairly commonly
> write queries that involve multiple UNION ALL branches and, no matter
> how
On Mon, Oct 28, 2013 at 11:12 AM, Tom Lane wrote:
> The idea I'm thinking about at the moment is that toast tokens of this
> sort might each contain a function pointer to the required flattening
> function. This avoids an expensive catalog lookup when flattening is
> needed. We'd never accept su
On Mon, Oct 28, 2013 at 12:11 PM, Andres Freund wrote:
> Hi,
>
> On -bugs it was reported that initdb of 9.3 failed with a
> assertion.
>
> On 2013-10-28 16:52:13 +0100, Matthias Schmitt wrote:
>> > In that case, could you enable coredumps and get a backtrace from that
>> > coredump? I unfortunate
Andres Freund writes:
> There have been previous discussions about fixing strcpy calls with
> identical source/destination (same for memcpy) but it was deemed not
> worth the effort. I don't really see an alternative to fixing it now.
I'm not seeing this with bare-bones
./configure --enable
On Mon, Oct 28, 2013 at 12:10 PM, Tom Lane wrote:
> Robert Haas writes:
>> On Sat, Oct 26, 2013 at 12:02 PM, Andres Freund
>> wrote:
>>> Imo what it does looks sane - it adds parentheses whenever a child of a
>>> set operation is a set operation again to make sure the order in which
>>> the gen
On Mon, Oct 28, 2013 at 12:17 PM, Andres Freund wrote:
>> In general, I don't think waiting on an XID is sufficient because a
>> process can acquire a heavyweight lock without having an XID. Perhaps
>> use the VXID instead?
>
> But decoding doesn't care about transactions that haven't "used" an X
On 2013-10-28 12:04:01 -0400, Robert Haas wrote:
> On Fri, Oct 25, 2013 at 8:14 AM, Andres Freund wrote:
> > I wonder if this is isn't maybe sufficient. Yes, it can deadlock, but
> > that's already the case for VACUUM FULLs of system tables, although less
> > likely. And it will be detected/handl
On Sun, Oct 27, 2013 at 11:34 PM, Noah Misch wrote:
> On Fri, Oct 25, 2013 at 10:11:41PM -0400, Robert Haas wrote:
>> When I wrote the dynamic shared memory patch, I used uint64 everywhere
>> to measure sizes - rather than, as we do for the main shared memory
>> segment, Size. This now seems to m
Hi,
On -bugs it was reported that initdb of 9.3 failed with a
assertion.
On 2013-10-28 16:52:13 +0100, Matthias Schmitt wrote:
> > In that case, could you enable coredumps and get a backtrace from that
> > coredump? I unfortunately have zero clue about OSX, so I can't really
> > help you with tha
Robert Haas writes:
> On Sat, Oct 26, 2013 at 12:02 PM, Andres Freund
> wrote:
>> Imo what it does looks sane - it adds parentheses whenever a child of a
>> set operation is a set operation again to make sure the order in which
>> the generated set operations are parsed/interpreted stays the sam
On Sat, Oct 26, 2013 at 9:17 AM, Rodolfo Campero
wrote:
> The attached patch add support of domains over arrays to PL/Python (eg:
> CREATE DOMAIN my_domain AS integer[]).
>
> Basically it just uses get_base_element_type instead of get_element_type in
> plpy_typeio.c, and uses domain_check before r
On Sat, Oct 26, 2013 at 12:02 PM, Andres Freund wrote:
> Imo what it does looks sane - it adds parentheses whenever a child of a
> set operation is a set operation again to make sure the order in which
> the generated set operations are parsed/interpreted stays the same.
But UNION ALL is associat
>
>
>
> > Agree that windowing function will return all the rows compared to max
> and
> > group by returing only max rows per group. But even while arriving at the
> > aggregate/sorting windowing function seems to spend more effort than
> group
> > by/order by.
>
> (I'll apologise in advance for p
On Fri, Oct 25, 2013 at 8:14 AM, Andres Freund wrote:
> So, I thought about this for some more and I think I've a partial
> solution to the problem.
>
> The worst thing about deadlocks that occur in the above is that they
> could be the VACUUM FULL waiting for the "restart LSN"[1] of a decoding
>
On Fri, Oct 25, 2013 at 7:57 AM, Andres Freund wrote:
>> However, I'm leery about the idea of using a relation fork for this.
>> I'm not sure whether that's what you had it mind, but it gives me the
>> willies. First, it adds distributed overhead to the system, as
>> previously discussed; and sec
Hugo Mercier writes:
> Le 25/10/2013 18:44, Tom Lane a écrit :
>> The point I'm trying to make is that in the first case, foo would be
>> receiving a first argument that was flat and a second that was not flat;
>> while in the second case, it would be receiving a first argument that was
>> not fla
"Etsuro Fujita" writes:
> I wrote:
>> ISTM the document in alter_foreign_data_wrapper.sgml and the comment in
>> foreigncmds.c should be updated. Please find attached a patch.
> I've noticed that the document in create_foreign_data_wrapper.sgml should also
> be updated. Attached is an updated v
On Mon, Oct 28, 2013 at 3:22 PM, Stéphan BEUZE
wrote:
> Le 19/10/2013 05:21, Amit Kapila a écrit :
>> On Fri, Oct 18, 2013 at 3:43 PM, Stéphan BEUZE
>> wrote:
>>> * CONTEXT
>>> Two Java threads are created. One is connected with 'rec' user, while the
>>> other one
>>> is connected with 'rec_lct'
Hi Dave
We register the service using pg_ctl. When I manually executed the
following on the command prompt, I saw that the service path of the
registered service did not have the pg_ctl.exe path in quotes. May be it
should be handled in the pg_ctl code.
*c:\Users\Sandeep Thakkar\Documents>*"c:\Pr
2013/10/28 Andres Freund
> On 2013-10-28 10:12:41 +0100, Pavel Stehule wrote:
> > > I think we'd need another argument to CREATE FUNCTION like SERIALIZE
> > > pointing to a function that that has to return data that can be stored
> > > on disk. Deserialization would be up to individual functions.
Le 19/10/2013 05:21, Amit Kapila a écrit :
On Fri, Oct 18, 2013 at 3:43 PM, Stéphan BEUZE
wrote:
Here I provide more details about the environment where the error occurs:
* ENVIRONMENT
Client:
Java Web Application running on JBoss 5.0.0.GA - JDK 1.6.0_24 64bit
Server:
Postgresql 9
On 2013-10-28 10:29:59 +0100, Hugo Mercier wrote:
> Le 28/10/2013 09:39, Andres Freund a écrit :
> > On 2013-10-28 09:13:06 +0100, Hugo Mercier wrote:
> >> Le 25/10/2013 18:44, Tom Lane a écrit :
> >>> Hugo Mercier writes:
> Le 25/10/2013 17:20, Tom Lane a écrit :
> > How do you tell the
Le 28/10/2013 09:39, Andres Freund a écrit :
> On 2013-10-28 09:13:06 +0100, Hugo Mercier wrote:
>> Le 25/10/2013 18:44, Tom Lane a écrit :
>>> Hugo Mercier writes:
Le 25/10/2013 17:20, Tom Lane a écrit :
> How do you tell the difference between
>>> The point I'm trying to make is that i
On 2013-10-28 10:12:41 +0100, Pavel Stehule wrote:
> > I think we'd need another argument to CREATE FUNCTION like SERIALIZE
> > pointing to a function that that has to return data that can be stored
> > on disk. Deserialization would be up to individual functions.
> >
> > Depending on the specifica
Sandeep, can you look at this please? Thanks.
On Mon, Oct 28, 2013 at 8:18 AM, Asif Naeem wrote:
> It is related to windows unquoted service path vulnerability in the the
> installer that creates service path without quotes that make service.exe to
> look for undesirable path for executable.
>
>
2013/10/28 Andres Freund
> On 2013-10-28 09:13:06 +0100, Hugo Mercier wrote:
> > Le 25/10/2013 18:44, Tom Lane a écrit :
> > > Hugo Mercier writes:
> > >> Le 25/10/2013 17:20, Tom Lane a écrit :
> > >>> How do you tell the difference between
> > >>>
> > >>> foo(col1, bar(col2))
> > >>> foo(bar(c
I wrote:
> ISTM the document in alter_foreign_data_wrapper.sgml and the comment in
> foreigncmds.c should be updated. Please find attached a patch.
I've noticed that the document in create_foreign_data_wrapper.sgml should also
be updated. Attached is an updated version of the patch.
Thanks,
Be
On 2013-10-28 09:13:06 +0100, Hugo Mercier wrote:
> Le 25/10/2013 18:44, Tom Lane a écrit :
> > Hugo Mercier writes:
> >> Le 25/10/2013 17:20, Tom Lane a écrit :
> >>> How do you tell the difference between
> >>>
> >>> foo(col1, bar(col2))
> >>> foo(bar(col1), col2)
> >
> >> Still not sure to und
It is related to windows unquoted service path vulnerability in the the
installer that creates service path without quotes that make service.exe to
look for undesirable path for executable.
postgresql-9.3 service path : C:/Users/asif/Desktop/Program
files/9.3/bin/pg_ctl.exe runservice -N "postgres
Le 25/10/2013 18:44, Tom Lane a écrit :
> Hugo Mercier writes:
>> Le 25/10/2013 17:20, Tom Lane a écrit :
>>> How do you tell the difference between
>>>
>>> foo(col1, bar(col2))
>>> foo(bar(col1), col2)
>
>> Still not sure to understand ...
>> I assume foo() takes two argument of type A.
>> bar()
Hi, Asif.
Thank you for response.
> C:\Users\asif\Desktop\Program files\9.3>"bin\pg_ctl" -D
> "C:\Users\asif\Desktop\Program files\9.3\data1" -l logfile start
> server starting
This failure does not occur by the command line.
PostgreSQL needs to start by Windows Service.
Additiona
No adding OFFSET there too didn't give the expected result. The lateral was
handled in subquery and passed as param to the underlying table scan.
I am particularly interested in tables (unlike functions or subqueries)
since, the table scans are shipped to the datanodes and I wanted to test
the eff
83 matches
Mail list logo
