[SCM] PostGIS branch master updated. 3.6.0rc2-400-gc4426d4ba

git at osgeo.org git at osgeo.org
Wed Mar 18 09:33:29 PDT 2026 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "PostGIS".

The branch, master has been updated
       via  c4426d4baaaed9a3e8ba6fbab2a05ba962dccdea (commit)
       via  4fab474e4961ba69d847151133fdfa991414bc58 (commit)
      from  cf949fa33a6bd0d5b64136ec518320a4bb237bd0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c4426d4baaaed9a3e8ba6fbab2a05ba962dccdea
Merge: cf949fa33 4fab474e4
Author: Paul Ramsey <pramsey at cleverelephant.ca>
Date:   Wed Mar 18 09:33:25 2026 -0700

    Merge branch 'a8m-readonlyspi'


commit 4fab474e4961ba69d847151133fdfa991414bc58
Author: Ariel Mashraki <ariel at mashraki.co.il>
Date:   Wed Mar 18 13:03:43 2026 +0200

    Use read-only SPI execution for user-supplied expressions in ST_MapAlgebraExpr

diff --git a/raster/rt_pg/rtpg_mapalgebra.c b/raster/rt_pg/rtpg_mapalgebra.c
index a97d98f0f..8a0e0516d 100644
--- a/raster/rt_pg/rtpg_mapalgebra.c
+++ b/raster/rt_pg/rtpg_mapalgebra.c
@@ -4935,7 +4935,7 @@ Datum RASTER_mapAlgebraExpr(PG_FUNCTION_ARGS)
         };
 
         /* Execute the expression into newval */
-        ret = SPI_execute(initexpr, FALSE, 0);
+        ret = SPI_execute(initexpr, TRUE, 0);
 
         if (ret != SPI_OK_SELECT || SPI_tuptable == NULL || SPI_processed != 1) {
 
@@ -5165,7 +5165,7 @@ Datum RASTER_mapAlgebraExpr(PG_FUNCTION_ARGS)
 
                         }
 
-                        ret = SPI_execute_plan(spi_plan, values, nulls, FALSE, 0);
+                        ret = SPI_execute_plan(spi_plan, values, nulls, TRUE, 0);
                         if (ret != SPI_OK_SELECT || SPI_tuptable == NULL ||
                                 SPI_processed != 1) {
                             if (SPI_tuptable)
diff --git a/raster/test/regress/rt_mapalgebra_expr.sql b/raster/test/regress/rt_mapalgebra_expr.sql
index 78f90bb21..e1dd3a5a7 100644
--- a/raster/test/regress/rt_mapalgebra_expr.sql
+++ b/raster/test/regress/rt_mapalgebra_expr.sql
@@ -160,6 +160,39 @@ SELECT 'T12',
     '[rast.x]'
   ) AS rast;
 
+-- Test read-only expression (prepared plan path via [rast.val])
+CREATE TABLE _rast_dml_guard (id int);
+SELECT 'T13', ST_MapAlgebraExpr(
+    ST_AddBand(ST_MakeEmptyRaster(1, 1, 0, 0, 1, 1, 0, 0, 0), '8BUI'::text, 1, 0),
+    1, '8BUI'::text,
+    '[rast.val])::double precision; INSERT INTO _rast_dml_guard VALUES(1); SELECT (1'::text,
+    NULL::double precision
+) IS NULL;
+DROP TABLE _rast_dml_guard;
+
+-- Test read-only expression blocks COPY TO PROGRAM (constant expression path)
+SELECT 'T14', ST_MapAlgebraExpr(
+    ST_AddBand(ST_MakeEmptyRaster(1, 1, 0, 0, 1, 1, 0, 0, 0), '8BUI'::text, 1, 0),
+    1, '8BUI'::text,
+    '1)::double precision; COPY (SELECT 1) TO PROGRAM ''touch /tmp/pwned''--'::text,
+    NULL::double precision
+) IS NULL;
+
+-- Parameterized queries do not prevent injection; expression is concatenated inside SPI_execute.
+CREATE TABLE _rast_drop_guard (id int);
+PREPARE _rast_safe_query(raster, int, text, text, float8) AS
+    SELECT ST_MapAlgebraExpr($1, $2, $3, $4, $5);
+EXECUTE _rast_safe_query(
+    ST_AddBand(ST_MakeEmptyRaster(1,1,0,0,1,1,0,0,0), '8BUI'::text, 1, 0),
+    1, '8BUI',
+    '1)::double precision FROM generate_series(1,1); DROP TABLE _rast_drop_guard; SELECT (1',
+    NULL
+);
+DEALLOCATE _rast_safe_query;
+-- Table must still exist after the blocked DROP
+SELECT 'T15', COUNT(*) = 0 FROM _rast_drop_guard;
+DROP TABLE _rast_drop_guard;
+
 DROP FUNCTION ST_TestRaster(ulx float8, uly float8, val float8);
 DROP FUNCTION raster_plus_twenty(pixel FLOAT, VARIADIC args TEXT[]);
 DROP FUNCTION raster_plus_arg1(pixel FLOAT, VARIADIC args TEXT[]);
diff --git a/raster/test/regress/rt_mapalgebra_expr_expected b/raster/test/regress/rt_mapalgebra_expr_expected
index dccd7fc46..e6974dfbc 100644
--- a/raster/test/regress/rt_mapalgebra_expr_expected
+++ b/raster/test/regress/rt_mapalgebra_expr_expected
@@ -22,6 +22,10 @@ ERROR:  rtpg_nmapalgebraexpr_callback: rast2 argument specified in single-raster
 T11.1|10|2
 T11.2|10|2
 T12|t|t|t|t
+ERROR:  INSERT is not allowed in a non-volatile function
+ERROR:  COPY is not allowed in a non-volatile function
+ERROR:  DROP TABLE is not allowed in a non-volatile function
+T15|t
 0|1|INTERSECTION|0.000|0.000|2|2|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000
 0|2|INTERSECTION|1.000|-1.000|1|2|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000
 0|3|INTERSECTION|1.000|1.000|1|1|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000

-----------------------------------------------------------------------

Summary of changes:
 raster/rt_pg/rtpg_mapalgebra.c                  |  4 +--
 raster/test/regress/rt_mapalgebra_expr.sql      | 33 +++++++++++++++++++++++++
 raster/test/regress/rt_mapalgebra_expr_expected |  4 +++
 3 files changed, 39 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
PostGIS

More information about the postgis-tickets mailing list