[ Thread moved to hackers.]

Crash reproduced here.

My guess is that you are recursing and crashing the backend, which then
forces the other backends to reset. I think we need to fix this by
either setting a limit in the amount of function recursion, or allowing
only the offending backend to crash without forcing all the other
backends to crash.


Marcin Owsiany wrote:
> CREATE FUNCTION "x" (integer) RETURNS integer AS '
>       RETURN x(0);
> END' LANGUAGE 'plpgsql' WITH ( isstrict );
> SELECT x(0);
> server closed the connection unexpectedly
>         This probably means the server terminated abnormally
>         before or while processing the request.
> The connection to the server was lost. Attempting reset: Failed.
> !>
> The log says:
>  DEBUG:  server process (pid 3550) was terminated by signal 11
>  DEBUG:  terminating any other active server processes
> The thing that worries me most is the last message: postmaster terminates all
> other backends, therefore overflowing the stack via a plpgsql function can be
> used to DoS-attack the server.
> Is there anything one (as a postgresql installation admin) can do?  Disabling
> procedural languages in databases of the users I don't trust comes to mind, but
> does it really make me safe? I mean: won't such attack still be possible with
> pure SQL?
> regards,
> Marcin
> -- 
> Marcin Owsiany <[EMAIL PROTECTED]>              http://marcin.owsiany.pl/
> GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216
> "Every program in development at MIT expands until it can read mail."
>                                                               -- Unknown
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

  Bruce Momjian                        |  http://candle.pha.pa.us
  [EMAIL PROTECTED]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Reply via email to