From a580bedefc7b216b20af61948db3cc0e55e45cf4 Mon Sep 17 00:00:00 2001 From: Raul Marin Date: Thu, 3 Oct 2019 17:37:11 +0200 Subject: [PATCH] Set safe schema on some functions --- scripts-available/CDB_AnalysisCheck.sql | 7 +++++-- scripts-available/CDB_EstimateRowCount.sql | 7 ++++++- scripts-available/CDB_Overviews.sql | 8 ++++++-- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/scripts-available/CDB_AnalysisCheck.sql b/scripts-available/CDB_AnalysisCheck.sql index 8645967..9800f7d 100644 --- a/scripts-available/CDB_AnalysisCheck.sql +++ b/scripts-available/CDB_AnalysisCheck.sql @@ -6,8 +6,11 @@ $$ BEGIN RETURN @extschema@.CDB_Conf_GetConf('analysis_quota_factor')::text::float8; END; -$$ -LANGUAGE 'plpgsql' STABLE PARALLEL SAFE SECURITY DEFINER; +$$ LANGUAGE 'plpgsql' + STABLE + PARALLEL SAFE + SECURITY DEFINER + SET search_path = pg_temp; -- Get the factor (fraction of the quota) for Camshaft cached analysis tables diff --git a/scripts-available/CDB_EstimateRowCount.sql b/scripts-available/CDB_EstimateRowCount.sql index 06e65de..a7e3f51 100644 --- a/scripts-available/CDB_EstimateRowCount.sql +++ b/scripts-available/CDB_EstimateRowCount.sql @@ -12,7 +12,12 @@ BEGIN EXECUTE Format('ANALYZE %s;', reloid); END IF; END -$$ LANGUAGE 'plpgsql' VOLATILE STRICT PARALLEL UNSAFE SECURITY DEFINER; +$$ LANGUAGE 'plpgsql' + VOLATILE + STRICT + PARALLEL UNSAFE + SECURITY DEFINER + SET search_path = pg_temp; -- Return a row count estimate of the result of a query using statistics CREATE OR REPLACE FUNCTION @extschema@.CDB_EstimateRowCount(query text) diff --git a/scripts-available/CDB_Overviews.sql b/scripts-available/CDB_Overviews.sql index 216c294..ec4d307 100644 --- a/scripts-available/CDB_Overviews.sql +++ b/scripts-available/CDB_Overviews.sql @@ -318,7 +318,7 @@ $$ LANGUAGE PLPGSQL VOLATILE PARALLEL UNSAFE; -- This function is declared SECURITY DEFINER so it executes with the privileges -- of the function creator to have a chance to alter the privileges of the -- overview table to match those of the dataset. It will only perform any change --- if the overview table belgons to the same scheme as the dataset and it +-- if the overview table belongs to the same scheme as the dataset and it -- matches the scheme naming for overview tables. CREATE OR REPLACE FUNCTION @extschema@._CDB_Register_Overview(dataset REGCLASS, overview_table REGCLASS, overview_z INTEGER) RETURNS VOID @@ -362,7 +362,11 @@ AS $$ -- it should be done here (CDB_Overviews would consume such metadata) END IF; END -$$ LANGUAGE PLPGSQL VOLATILE PARALLEL UNSAFE SECURITY DEFINER; +$$ LANGUAGE PLPGSQL + VOLATILE + PARALLEL UNSAFE + SECURITY DEFINER + SET search_path = pg_temp; -- Dataset attributes (column names other than the -- CartoDB primary key and geometry columns) which should be aggregated