Further fixes to the pg_get_expr() security fix in back branches. It now emerges that the JDBC driver expects to be able to use pg_get_expr() on an output of a sub-SELECT. So extend the check logic to be able to recurse into a sub-SELECT to see if the argument is ultimately coming from an appropriate column. Per report from Thomas Kellerer.
Branch ------ REL8_4_STABLE Details ------- http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=78b0a0d8c026d20788b584266c2aef5f5add16b2 Modified Files -------------- src/backend/parser/parse_func.c | 84 +++++++++++++++++++++++++++------------ 1 files changed, 58 insertions(+), 26 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
