[SCM] PostGIS branch stable-3.4 updated. 3.4.5-11-gc8f4d72ea

git at osgeo.org git at osgeo.org
Wed Mar 18 14:42:17 PDT 2026 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "PostGIS".

The branch, stable-3.4 has been updated
       via  c8f4d72ea474b30b6e2b6271d26c3eed8c3e2ef9 (commit)
      from  05b736d089ae4bc3bdc148eb4fe58e5764a18cd7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c8f4d72ea474b30b6e2b6271d26c3eed8c3e2ef9
Author: Ariel Mashraki <ariel at mashraki.co.il>
Date:   Wed Mar 18 13:03:43 2026 +0200

    Use read-only SPI execution for user-supplied expressions in ST_MapAlgebraExpr

diff --git a/raster/rt_pg/rtpg_mapalgebra.c b/raster/rt_pg/rtpg_mapalgebra.c
index a9b7152d7..66d8c9d34 100644
--- a/raster/rt_pg/rtpg_mapalgebra.c
+++ b/raster/rt_pg/rtpg_mapalgebra.c
@@ -4751,8 +4751,8 @@ Datum RASTER_mapAlgebraExpr(PG_FUNCTION_ARGS)
             PG_RETURN_NULL();
         };
 
-        /* Execute the expresion into newval */
-        ret = SPI_execute(initexpr, FALSE, 0);
+        /* Execute the expression into newval */
+        ret = SPI_execute(initexpr, TRUE, 0);
 
         if (ret != SPI_OK_SELECT || SPI_tuptable == NULL || SPI_processed != 1) {
 
@@ -4982,7 +4982,7 @@ Datum RASTER_mapAlgebraExpr(PG_FUNCTION_ARGS)
 
                         }
 
-                        ret = SPI_execute_plan(spi_plan, values, nulls, FALSE, 0);
+                        ret = SPI_execute_plan(spi_plan, values, nulls, TRUE, 0);
                         if (ret != SPI_OK_SELECT || SPI_tuptable == NULL ||
                                 SPI_processed != 1) {
                             if (SPI_tuptable)
diff --git a/raster/test/regress/rt_mapalgebra_expr.sql b/raster/test/regress/rt_mapalgebra_expr.sql
index 78f90bb21..e1dd3a5a7 100644
--- a/raster/test/regress/rt_mapalgebra_expr.sql
+++ b/raster/test/regress/rt_mapalgebra_expr.sql
@@ -160,6 +160,39 @@ SELECT 'T12',
     '[rast.x]'
   ) AS rast;
 
+-- Test read-only expression (prepared plan path via [rast.val])
+CREATE TABLE _rast_dml_guard (id int);
+SELECT 'T13', ST_MapAlgebraExpr(
+    ST_AddBand(ST_MakeEmptyRaster(1, 1, 0, 0, 1, 1, 0, 0, 0), '8BUI'::text, 1, 0),
+    1, '8BUI'::text,
+    '[rast.val])::double precision; INSERT INTO _rast_dml_guard VALUES(1); SELECT (1'::text,
+    NULL::double precision
+) IS NULL;
+DROP TABLE _rast_dml_guard;
+
+-- Test read-only expression blocks COPY TO PROGRAM (constant expression path)
+SELECT 'T14', ST_MapAlgebraExpr(
+    ST_AddBand(ST_MakeEmptyRaster(1, 1, 0, 0, 1, 1, 0, 0, 0), '8BUI'::text, 1, 0),
+    1, '8BUI'::text,
+    '1)::double precision; COPY (SELECT 1) TO PROGRAM ''touch /tmp/pwned''--'::text,
+    NULL::double precision
+) IS NULL;
+
+-- Parameterized queries do not prevent injection; expression is concatenated inside SPI_execute.
+CREATE TABLE _rast_drop_guard (id int);
+PREPARE _rast_safe_query(raster, int, text, text, float8) AS
+    SELECT ST_MapAlgebraExpr($1, $2, $3, $4, $5);
+EXECUTE _rast_safe_query(
+    ST_AddBand(ST_MakeEmptyRaster(1,1,0,0,1,1,0,0,0), '8BUI'::text, 1, 0),
+    1, '8BUI',
+    '1)::double precision FROM generate_series(1,1); DROP TABLE _rast_drop_guard; SELECT (1',
+    NULL
+);
+DEALLOCATE _rast_safe_query;
+-- Table must still exist after the blocked DROP
+SELECT 'T15', COUNT(*) = 0 FROM _rast_drop_guard;
+DROP TABLE _rast_drop_guard;
+
 DROP FUNCTION ST_TestRaster(ulx float8, uly float8, val float8);
 DROP FUNCTION raster_plus_twenty(pixel FLOAT, VARIADIC args TEXT[]);
 DROP FUNCTION raster_plus_arg1(pixel FLOAT, VARIADIC args TEXT[]);
diff --git a/raster/test/regress/rt_mapalgebra_expr_expected b/raster/test/regress/rt_mapalgebra_expr_expected
index dccd7fc46..e6974dfbc 100644
--- a/raster/test/regress/rt_mapalgebra_expr_expected
+++ b/raster/test/regress/rt_mapalgebra_expr_expected
@@ -22,6 +22,10 @@ ERROR:  rtpg_nmapalgebraexpr_callback: rast2 argument specified in single-raster
 T11.1|10|2
 T11.2|10|2
 T12|t|t|t|t
+ERROR:  INSERT is not allowed in a non-volatile function
+ERROR:  COPY is not allowed in a non-volatile function
+ERROR:  DROP TABLE is not allowed in a non-volatile function
+T15|t
 0|1|INTERSECTION|0.000|0.000|2|2|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000
 0|2|INTERSECTION|1.000|-1.000|1|2|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000
 0|3|INTERSECTION|1.000|1.000|1|1|1.000|1.000|0.000|0.000|0|1|32BF|0.000|1.000|1.000

-----------------------------------------------------------------------

Summary of changes:
 raster/rt_pg/rtpg_mapalgebra.c                  |  6 ++---
 raster/test/regress/rt_mapalgebra_expr.sql      | 33 +++++++++++++++++++++++++
 raster/test/regress/rt_mapalgebra_expr_expected |  4 +++
 3 files changed, 40 insertions(+), 3 deletions(-)


hooks/post-receive
-- 
PostGIS

More information about the postgis-tickets mailing list