From 4fceb454f2df57f63d05ccb4a26a9f49c377f28c Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 22 Dec 2022 10:35:03 -0500 Subject: [PATCH] Add some recursion and looping defenses in prepjointree.c. Andrey Lepikhov demonstrated a case where we spend an unreasonable amount of time in pull_up_subqueries(). Not only is that recursing with no explicit check for stack overrun, but the code seems not interruptable by control-C. Let's stick a CHECK_FOR_INTERRUPTS there, along with sprinkling some stack depth checks. An actual fix for the excessive time consumption seems a bit risky to back-patch; but this isn't, so let's do so. Discussion: https://postgr.es/m/703c09a2-08f3-d2ec-b33d-dbecd62428b8@postgrespro.ru --- src/backend/optimizer/prep/prepjointree.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/backend/optimizer/prep/prepjointree.c b/src/backend/optimizer/prep/prepjointree.c index abdcf826c2..999bd3ec56 100644 --- a/src/backend/optimizer/prep/prepjointree.c +++ b/src/backend/optimizer/prep/prepjointree.c @@ -27,6 +27,7 @@ #include "catalog/pg_type.h" #include "funcapi.h" +#include "miscadmin.h" #include "nodes/makefuncs.h" #include "nodes/nodeFuncs.h" #include "optimizer/clauses.h" @@ -239,6 +240,9 @@ static Node * pull_up_sublinks_jointree_recurse(PlannerInfo *root, Node *jtnode, Relids *relids) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (jtnode == NULL) { *relids = NULL; @@ -736,6 +740,11 @@ pull_up_subqueries_recurse(PlannerInfo *root, Node *jtnode, JoinExpr *lowest_nulling_outer_join, AppendRelInfo *containing_appendrel) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + /* Also, since it's a bit expensive, let's check for query cancel. */ + CHECK_FOR_INTERRUPTS(); + Assert(jtnode != NULL); if (IsA(jtnode, RangeTblRef)) { @@ -1855,6 +1864,9 @@ is_simple_union_all(Query *subquery) static bool is_simple_union_all_recurse(Node *setOp, Query *setOpQuery, List *colTypes) { + /* Since this function recurses, it could be driven to stack overflow. */ + check_stack_depth(); + if (IsA(setOp, RangeTblRef)) { RangeTblRef *rtr = (RangeTblRef *) setOp;