Ensure cached plans are correctly marked as dependent on role. If a CTE, subquery, sublink, security invoker view, or coercion projection references a table with row-level security policies, we neglected to mark the plan as potentially dependent on which role is executing it. This could lead to later executions in the same session returning or hiding rows that should have been hidden or returned instead.
Reported-by: Wolfgang Walther Reviewed-by: Noah Misch Security: CVE-2024-10976 Backpatch-through: 12 Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/cd7ab57532bb4fbf2e636b1f7d132e6e2d9ac5fc Modified Files -------------- src/backend/executor/functions.c | 6 ++ src/backend/rewrite/rewriteHandler.c | 67 ++++++++++++++++++-- src/test/regress/expected/rowsecurity.out | 100 ++++++++++++++++++++++++++++++ src/test/regress/sql/rowsecurity.sql | 58 +++++++++++++++++ src/tools/pgindent/typedefs.list | 1 + 5 files changed, 226 insertions(+), 6 deletions(-)
