Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wPVJB-000m8q-2L
	for pgsql-hackers@arkaria.postgresql.org;
	Wed, 20 May 2026 01:01:13 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wPVJ9-005WDw-0g
	for pgsql-hackers@arkaria.postgresql.org;
	Wed, 20 May 2026 01:01:12 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <li.evan.chao@gmail.com>)
	id 1wPVJ8-005WDo-2q
	for pgsql-hackers@lists.postgresql.org;
	Wed, 20 May 2026 01:01:11 +0000
Received: from mail-pl1-x633.google.com ([2607:f8b0:4864:20::633])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <li.evan.chao@gmail.com>)
	id 1wPVJ6-00000000PQ5-1snY
	for pgsql-hackers@postgresql.org;
	Wed, 20 May 2026 01:01:10 +0000
Received: by mail-pl1-x633.google.com with SMTP id
 d9443c01a7336-2bd2c147abaso25087925ad.3
        for <pgsql-hackers@postgresql.org>;
 Tue, 19 May 2026 18:01:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1779238867; x=1779843667;
 darn=postgresql.org;
        h=to:cc:date:message-id:subject:mime-version
         :content-transfer-encoding:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=UotD2K8+iIWl7Il0M0KaVVsWL/Fbgonpe/yiuefZwfA=;
        b=HWoZn/Im5OxQx1lDd20FPsUtjhuIiY4Gsstj4AVMaTnMwHNV8u4k5DYy6CtWrIJP6x
         lJ79yGbgSb7llAuSuS1Gc9ybhpUUeJu11alChaPzdjiYTVm/OXbY6jFXF/LGjhMsBZ0G
         m39uCs4sV3Qd71PgF6W6zI6kvdKE0O4gOVtq7vUl5bhpeShvuWeV3GBqy7wkI/LPAjHI
         Ha3ls7vEnlHOcp0x49pxFXlIhKAU/oy5fE7p3sXEP5T3sA6ZMO80EUjyLM13CyuO2/ys
         XPWIfEyiMN91Lbg0gfCta0kLF/R2fuQ73k1Qp0NOQv+pz8saiKUOBc5c6CRpK/F3IPR4
         kesA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779238867; x=1779843667;
        h=to:cc:date:message-id:subject:mime-version
         :content-transfer-encoding:from:x-gm-gg:x-gm-message-state:from:to
         :cc:subject:date:message-id:reply-to;
        bh=UotD2K8+iIWl7Il0M0KaVVsWL/Fbgonpe/yiuefZwfA=;
        b=S5AIPCegfRhg+7b3XbTz9ZzLotCRXbHNeSIoo+gJlqOK9pYj1phxKfK3WPwbloM7N1
         LHUiMbv+R/LFwqf5oobR40E0cQkd1rDd5u6p/ZS9GJ+IYF9dGEsWCd1Y54G6CFvBUr5R
         v12qALZgRb4xU+Zm9JxZyY8+Yh10lW4gHNiDXAskzB2ORmZYp817CCoYwKPf5lvXvtp5
         rwrZg4eUo6uAsEbVcYOB1H03EXXayeBhXjxpDqnTzelKv6wks672xPv6cFPRxr54nOYp
         f4Z++hXKo6KQ+4+F8EticQvPnDuAuvE+kV3tUm015/9yU7QIVrKJBtkMM+XL03WEsNY3
         vVBw==
X-Gm-Message-State: AOJu0Yy1/V2zyIRQPXTIqUBb7wX7Ovm90LuYKNLVfwEE2uFOLqHT2O2W
	glM69koRYX/dSokuHIw/nb9QAulDm2iJGKsHuwZ7sZhiWXkM7sJyOCZD9HAfw3ID2no=
X-Gm-Gg: Acq92OEPGg4vrlWiElpgROaP72cyVkelIrhJEoIvFapgsr8HnI4Kr7+65HcXZMSn2YX
	X2F3+59Mhyi7MfE84BXDLiEa7RUWa7kOX7TVawuWwukjU2VI8Q8gT3fqS2YkOsIrEbfsnipSw4B
	Pxdzh9KCQmDgKSzi4M3rPXWObTfk8wFxJlG5FFCuPMO1mRfFe6iBy+0AildpGL0xpaSh5iaZhYR
	/YnnQjXevoGIsTVDS2jKU2YgCqz+XMGNc++54PG4PWSE2NQTDHxw1hY3XNVXcpX01rB1KdRl7iY
	5q5zSywpWEw0nB/HGqRIwwV1lYcu7+MGNIDF7CTNUejqoWMNtZ4wC8uPpEfMb9XxqA3NNNnqAZB
	/BhoK7pIutsgZ3IBhFwL3EDfp4dM+/88GDbS66ziH6kXy5H9zl3W1Gt4WYI+KNLY1kyvJho0H7H
	PFXZIuqcPiRQCl8qZWIoAmBvPofWIfUpr1UvER26amXA==
X-Received: by 2002:a17:902:7d86:b0:2bc:7486:21cf with SMTP id
 d9443c01a7336-2bd7e9056dfmr149137835ad.36.1779238867235;
        Tue, 19 May 2026 18:01:07 -0700 (PDT)
Received: from smtpclient.apple ([45.32.121.103])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-2bd5cfe49a4sm183749535ad.38.2026.05.19.18.01.05
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 19 May 2026 18:01:06 -0700 (PDT)
From: Chao Li <li.evan.chao@gmail.com>
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.400.21\))
Subject: Avoid leaking system path from pg_available_extensions
Message-Id: <357C774A-ECE9-4455-B641-315205D4D9A1@gmail.com>
Date: Wed, 20 May 2026 09:00:29 +0800
Cc: Andrew Dunstan <andrew@dunslane.net>,
 Matheus Alcantara <matheusssilv97@gmail.com>
To: PostgreSQL-development <pgsql-hackers@postgresql.org>
X-Mailer: Apple Mail (2.3864.400.21)
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/357C774A-ECE9-4455-B641-315205D4D9A1%40gmail.com>
Precedence: bulk

Hi,

I just tested =E2=80=9CAdd paths of extensions to =
pg_available_extensions=E2=80=9D, and found an issue.

This is a simple repro:
```
evantest=3D# reset extension_control_path;
RESET
evantest=3D# select * from pg_available_extensions where name =3D =
'plpgsql';
  name   | default_version | installed_version | location |           =
comment
=
---------+-----------------+-------------------+----------+---------------=
---------------
 plpgsql | 1.0             | 1.0               | $system  | PL/pgSQL =
procedural language
(1 row)

evantest=3D# set extension_control_path=3D'';
SET
evantest=3D# select * from pg_available_extensions where name =3D =
'plpgsql';
  name   | default_version | installed_version |             location    =
         |           comment
=
---------+-----------------+-------------------+--------------------------=
--------+------------------------------
 plpgsql | 1.0             | 1.0               | =
/usr/local/pgsql/share/extension | PL/pgSQL procedural language
(1 row)
```

When extension_control_path is not set, location shows =E2=80=9C$system", =
which is consistent with what the documentation says:
```
       <para>
        The default value for this parameter is
        <literal>'$system'</literal>. If the value is set to an empty
        string, the default <literal>'$system'</literal> is also =
assumed.
       </para>
```

However, as shown above, when I set extension_control_path to an empty =
string, the absolute system path is displayed. I consider this an =
information leakage bug.

The fix is straightforward; see the attached patch for details. After =
the fix, when extension_control_path is an empty string, location shows =
=E2=80=9C$system=E2=80=9D now:
```
evantest=3D# set extension_control_path=3D'';
SET
evantest=3D# select * from pg_available_extensions where name =3D =
'plpgsql';
  name   | default_version | installed_version | location |           =
comment
=
---------+-----------------+-------------------+----------+---------------=
---------------
 plpgsql | 1.0             | 1.0               | $system  | PL/pgSQL =
procedural language
(1 row)
```

Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/