[SCM] PostGIS branch stable-3.4 updated. 3.4.2-20-g77bc5c2f9

Fri Mar 15 11:44:13 PDT 2024

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "PostGIS".

The branch, stable-3.4 has been updated
       via  77bc5c2f96dfc42b4be6d19f524acd476f54c249 (commit)
      from  9246ff35de88027c0beb31bc2b525fb616d00fbc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 77bc5c2f96dfc42b4be6d19f524acd476f54c249
Author: Regina Obe <lr at pcorp.us>
Date:   Fri Mar 15 14:42:45 2024 -0400

    Revise postgis_get_full_version_schema() to not
    rely on search_path
    Closes #5687 for PostGIS 3.4.3

diff --git a/NEWS b/NEWS
index 45c849ad6..98cc60b7b 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,8 @@ To take advantage of all SFCGAL featurs, SFCGAL 1.4.1+ is needed.
           in extension upgrade SQL scripts (James Addison)
  - #5671, Bug in ST_Area function with use_spheroid=false
           (Paul Ramsey, Regina Obe)
+ - #5687, Don't rely on search_path to determine postgis schema
+           Fix for PG17 security change (Regina Obe)
 
 
 PostGIS 3.4.2
diff --git a/libpgcommon/lwgeom_pg.c b/libpgcommon/lwgeom_pg.c
index 4a5a99d4f..ba4d80e11 100644
--- a/libpgcommon/lwgeom_pg.c
+++ b/libpgcommon/lwgeom_pg.c
@@ -100,23 +100,52 @@ postgis_get_extension_schema(Oid ext_oid)
 static Oid
 postgis_get_full_version_schema()
 {
-	const char* proname = "postgis_full_version";
+	const char* query =  "SELECT pronamespace "
+		" FROM pg_catalog.pg_proc "
+		" WHERE proname = 'postgis_full_version'";
+	int spi_result;
+	Oid funcNameSpaceOid;
 
-	#if POSTGIS_PGSQL_VERSION < 160
-	List* names = stringToQualifiedNameList(proname);
-	#else
-	List* names = stringToQualifiedNameList(proname, NULL);
-	#endif
-
-	#if POSTGIS_PGSQL_VERSION < 140
-	FuncCandidateList clist = FuncnameGetCandidates(names, -1, NIL, false, false, false);
-	#else
-	FuncCandidateList clist = FuncnameGetCandidates(names, -1, NIL, false, false, false, false);
-	#endif
-	if (!clist)
+	if (SPI_OK_CONNECT != SPI_connect())
+	{
+		elog(ERROR, "%s: could not connect to SPI manager", __func__);
 		return InvalidOid;
+	}
 
-	return get_func_namespace(clist->oid);
+	/* Execute the query, noting the readonly status of this SQL */
+	spi_result = SPI_execute(query, true, 0);
+
+	if (spi_result != SPI_OK_SELECT || SPI_tuptable == NULL){
+		elog(ERROR, "%s: error executing query %d", __func__, spi_result);
+		SPI_finish();
+		return InvalidOid;
+	}
+
+	/* Read back the OID of the function namespace, only if one result returned
+	  If more than one, then this install is f..cked.
+		If 0 then postgis is not installed at all */
+	if (SPI_processed == 1)
+	{
+		TupleDesc tupdesc;
+		SPITupleTable *tuptable = SPI_tuptable;
+		HeapTuple tuple;
+
+		tupdesc = SPI_tuptable->tupdesc;
+		tuptable = SPI_tuptable;
+		tuple = tuptable->vals[0];
+		funcNameSpaceOid = atoi(SPI_getvalue(tuple, tupdesc, 1));
+
+		if (SPI_tuptable) SPI_freetuptable(tuptable);
+		SPI_finish();
+	}
+	else
+	{
+		elog(ERROR, "Cannot determine install schema of postgis_full_version function.");
+		SPI_finish();
+		return InvalidOid;
+	}
+
+	return funcNameSpaceOid;
 }
 
 

-----------------------------------------------------------------------

Summary of changes:
 NEWS                    |  2 ++
 libpgcommon/lwgeom_pg.c | 59 ++++++++++++++++++++++++++++++++++++-------------
 2 files changed, 46 insertions(+), 15 deletions(-)


hooks/post-receive
-- 
PostGIS
