public inbox for [email protected]
help / color / mirror / Atom feedFrom: Andrew Dunstan <[email protected]>
To: [email protected]
Subject: pgsql: Avoid leaking system path from pg_available_extensions
Date: Sat, 30 May 2026 01:59:04 +0000
Message-ID: <[email protected]> (raw)
Avoid leaking system path from pg_available_extensions
The documentation says that when extension_control_path is set to an
empty string, the default '$system' path is still assumed. However,
get_extension_control_directories() added the system extension directory
with a NULL macro in that case. As a result, pg_available_extensions
could expose the expanded system directory path instead of reporting
'$system' as the location.
Record the implicitly-added system directory with the '$system' macro, so
pg_available_extensions reports the documented symbolic location and does
not leak the actual system path.
Update the extension_control_path TAP test to check the reported location
directly.
Author: Chao Li <[email protected]>
Reviewed-by: Lu Feng <[email protected]>
Reviewed-by: Matheus Alcantara <[email protected]>
Reviewed-by: Jim Jones <[email protected]>
Discussion: https://postgr.es/m/[email protected]
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/db5ed03217b9c238703df8b4b286115d6e940488
Modified Files
--------------
src/backend/commands/extension.c | 8 +++++---
src/test/modules/test_extensions/t/001_extension_control_path.pl | 6 +++---
2 files changed, 8 insertions(+), 6 deletions(-)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: pgsql: Avoid leaking system path from pg_available_extensions
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox