pgsql: Avoid a performance regression in float overflow/underflow detec

2020-02-13 Thread Tom Lane
Avoid a performance regression in float overflow/underflow detection. Commit 6bf0bc842 replaced float.c's CHECKFLOATVAL() macro with static inline subroutines, but that wasn't too well thought out. In the original coding, the unlikely condition (isinf(result) or result == 0) was checked first, an

pgsql: Avoid a performance regression in float overflow/underflow detec

2020-02-13 Thread Tom Lane
Avoid a performance regression in float overflow/underflow detection. Commit 6bf0bc842 replaced float.c's CHECKFLOATVAL() macro with static inline subroutines, but that wasn't too well thought out. In the original coding, the unlikely condition (isinf(result) or result == 0) was checked first, an

pgsql: Logical Tape Set: lazily allocate read buffer.

2020-02-13 Thread Jeff Davis
Logical Tape Set: lazily allocate read buffer. The write buffer was already lazily-allocated, so this is more symmetric. It also means that a freshly-rewound tape (whether for reading or writing) is not consuming memory for the buffer. Discussion: https://postgr.es/m/97c46a59c27f3c38e486ca170fcb

pgsql: Fix priv checks for ALTER DEPENDS ON EXTENSION

2020-02-13 Thread Alvaro Herrera
Fix priv checks for ALTER DEPENDS ON EXTENSION Marking an object as dependant on an extension did not have any privilege check whatsoever; this allowed any user to mark objects as droppable by anyone able to DROP EXTENSION, which could be used to cause system-wide havoc. Disallow by checking tha

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL_12_STABLE Details --- https://git.postgresql.org/pg/commitdiff/ce5a2d2c3e8e1353d1cb31ab143730accbb1ac75 Modified Files -- doc/src/sgml/release-12.sgml | 42 ++

pgsql: Fix priv checks for ALTER DEPENDS ON EXTENSION

2020-02-13 Thread Alvaro Herrera
Fix priv checks for ALTER DEPENDS ON EXTENSION Marking an object as dependant on an extension did not have any privilege check whatsoever; this allowed any user to mark objects as droppable by anyone able to DROP EXTENSION, which could be used to cause system-wide havoc. Disallow by checking tha

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL9_4_STABLE Details --- https://git.postgresql.org/pg/commitdiff/f6117744d14017cb11a6ddd95d4f44b114d871c7 Modified Files -- doc/src/sgml/release-9.4.sgml | 18 ++ 1 file changed, 18 ins

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL9_6_STABLE Details --- https://git.postgresql.org/pg/commitdiff/3ede4280bce9ce567834cb79e9dfe66344526b18 Modified Files -- doc/src/sgml/release-9.6.sgml | 42 +

pgsql: Fix priv checks for ALTER DEPENDS ON EXTENSION

2020-02-13 Thread Alvaro Herrera
Fix priv checks for ALTER DEPENDS ON EXTENSION Marking an object as dependant on an extension did not have any privilege check whatsoever; this allowed any user to mark objects as droppable by anyone able to DROP EXTENSION, which could be used to cause system-wide havoc. Disallow by checking tha

pgsql: Fix priv checks for ALTER DEPENDS ON EXTENSION

2020-02-13 Thread Alvaro Herrera
Fix priv checks for ALTER DEPENDS ON EXTENSION Marking an object as dependant on an extension did not have any privilege check whatsoever; this allowed any user to mark objects as droppable by anyone able to DROP EXTENSION, which could be used to cause system-wide havoc. Disallow by checking tha

pgsql: Fix priv checks for ALTER DEPENDS ON EXTENSION

2020-02-13 Thread Alvaro Herrera
Fix priv checks for ALTER DEPENDS ON EXTENSION Marking an object as dependant on an extension did not have any privilege check whatsoever; this allowed any user to mark objects as droppable by anyone able to DROP EXTENSION, which could be used to cause system-wide havoc. Disallow by checking tha

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL_10_STABLE Details --- https://git.postgresql.org/pg/commitdiff/27cfad5c8630428f7a2f63fd53b2e4a4fb248a90 Modified Files -- doc/src/sgml/release-10.sgml | 42 ++

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL_11_STABLE Details --- https://git.postgresql.org/pg/commitdiff/f1a336887e1cc754b4985c82827aa70f847980ba Modified Files -- doc/src/sgml/release-11.sgml | 42 ++

pgsql: Last-minute updates for release notes.

2020-02-13 Thread Tom Lane
Last-minute updates for release notes. Security: CVE-2020-1720 Branch -- REL9_5_STABLE Details --- https://git.postgresql.org/pg/commitdiff/4153ac0d703593987f2fcac082d7fc04546c28cc Modified Files -- doc/src/sgml/release-9.5.sgml | 18 ++ 1 file changed, 18 ins

pgsql: Mark some contrib modules as "trusted".

2020-02-13 Thread Tom Lane
Mark some contrib modules as "trusted". This allows these modules to be installed into a database without superuser privileges (assuming that the DBA or sysadmin has installed the module's files in the expected place). You only need CREATE privilege on the current database, which by default would

pgsql: Remove some dead code in contrib/adminpack/

2020-02-13 Thread Michael Paquier
Remove some dead code in contrib/adminpack/ Since its introduction in fe59e56, the code in charge of validating and converting a file path includes some extra handling for absolute paths pointing to an external log_directory, but this has never been used. Author: Antonin Houska Reviewed-by: Julie