Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wQ559-001Gyl-0Z
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 21 May 2026 15:13:07 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wQ556-00ARbC-0Y
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 21 May 2026 15:13:05 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <matheusssilv97@gmail.com>)
	id 1wQ555-00ARb4-2q
	for pgsql-hackers@lists.postgresql.org;
	Thu, 21 May 2026 15:13:04 +0000
Received: from mail-vk1-xa29.google.com ([2607:f8b0:4864:20::a29])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <matheusssilv97@gmail.com>)
	id 1wQ554-00000000kVg-2lDZ
	for pgsql-hackers@postgresql.org;
	Thu, 21 May 2026 15:13:04 +0000
Received: by mail-vk1-xa29.google.com with SMTP id
 71dfb90a1353d-575267e3398so5148751e0c.1
        for <pgsql-hackers@postgresql.org>;
 Thu, 21 May 2026 08:13:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1779376380; x=1779981180;
 darn=postgresql.org;
        h=content-transfer-encoding:in-reply-to:from:content-language
         :references:cc:to:subject:user-agent:mime-version:date:message-id
         :from:to:cc:subject:date:message-id:reply-to;
        bh=3yucu2k5jnCG/bdQgn5KHGX1TdP2KHufTxQrBxXb8a0=;
        b=qHddIL3lAw9AYY6KO7bod9YpqrGatnXPpG+FUflhn934/M5z7v1eo9JJKkuf/5LI92
         bm/0SkYzZ7v3pQtYbOiNniJm2l24mgAHRyq2OB/bNRudB/WdT0donDOUqgp+s3lLenRB
         EV426BCFxgMHxhIq7FHwgPp5jy2luGysA+IyeEUolsPyX/O5J2X3MgBzCH/YqC8sUp29
         Iityx/oKkOE/eMTfMscfg/BhMVcy8K5zz6EBvVMlxsmIiRaiOMSAjC+VF3cSj9tDq3ex
         PJZuIV0cwN3Hg/EKfH5Ue64zdkdj5oIM3s8NcmMmvm3EeiIynUBpQvjZSXBJYY3GpCiJ
         2BKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779376380; x=1779981180;
        h=content-transfer-encoding:in-reply-to:from:content-language
         :references:cc:to:subject:user-agent:mime-version:date:message-id
         :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=3yucu2k5jnCG/bdQgn5KHGX1TdP2KHufTxQrBxXb8a0=;
        b=VPa2TzlRIYg5GKhTn283C1K9qB/rlJIujvSHsoQwYGbz1i1QZbDTKio3li4MVZyUZV
         dKil1OQ6rQuSHWhncS95PnVQLjmQk++i0xOeOmfqUOwMYHrQMbG9RJL3uoCODcGPN80C
         YVe9QEbQZGIfBV6W+mvJXKt7P+TMbJHX8RCqd00K4efW6apphtVT8cGKD7EB33GQrlIu
         iA2AE/ZHmTmEnm2rIQtUhGRbIuj0RD6yFsOVG/7YXPuy/z3CUNIE7YIjOmbsKSVOTaj6
         IUDdylnaN9x6LCuAcE1m6CXjNSl+QCeyzoH427K1nsb0P0Wge1j+N2oY/Vro9xROVNTt
         KrIg==
X-Forwarded-Encrypted: i=1;
 AFNElJ/l/e1xy0iiXlZfzFbd8oOBy0ms5pJQDifsZBI1IFqSiO+joNIIxEVOo3E8XPBrvq5dqItQOEwGKOFU/0vF@postgresql.org
X-Gm-Message-State: AOJu0Yx7Aj3+RYGhdnxxVwjZsCTe3IVDPjtKohObpAzmYSml4HZhKV6S
	EQViAAyVZX9Yf/YqEQra+WNs215MpTE85QG5QsjzbaHBNdYEdX3+IR2P
X-Gm-Gg: Acq92OHJSRwNn1IlO+9LS3Sfq5yHz45hKXy/ZZJizToduIRSqkyzDDHdxJbj4n2dKDd
	3hRbPqRJZnhQl9S2NqlugExWSKJYjwqTv42y5pzYfQ6dOqQfTGPWnMHv6qSMeJhE6PkS60t0619
	QwG3NUjSsF2NQ+fsPREFbb1WNl47J7m4DiN2den5w+s1JRZH4izXnngn9FAwMPiGCWxjojM0D92
	4HUXYW6plzrWWI6kzPASsG3uAtM2MWpEWcmpWDEXRYQ3O3/unbqko2fw3tadELWMWyFk+esnCsH
	LdbsFTSxXxQMyHJiitPY3KrAOEF0w5DiOyzi1Z2+xaEp99dJI/GHxJGXN9YFUQYtEoPXuaurOYE
	uLaCgBTU9vDPacaoWoq162rIJiw+ySmx5m7Yxp+xjayGJ+4TbX5R45TGdGYkEcPbwT1H8DQszTn
	Z1iPUlUjIwEPKv0HOR3jdbr8PNui8eZKGc5SFPVv0nbi2l/CURlUHVgdQ1upzRgDpmKRFmVw1U/
	7b5gHsIwkBDwaHw2+A=
X-Received: by 2002:a05:6122:a29:b0:56c:e871:31a8 with SMTP id
 71dfb90a1353d-5842214de35mr1907916e0c.7.1779376380137;
        Thu, 21 May 2026 08:13:00 -0700 (PDT)
Received: from ?IPV6:2804:14d:328a:a59c:4ce5:985:14dc:4308?
 ([2804:14d:328a:a59c:4ce5:985:14dc:4308])
        by smtp.gmail.com with ESMTPSA id
 71dfb90a1353d-585743a0bacsm1096050e0c.13.2026.05.21.08.12.58
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 21 May 2026 08:12:59 -0700 (PDT)
Message-ID: <96203151-6929-4d88-85a0-d552ee258a24@gmail.com>
Date: Thu, 21 May 2026 12:12:56 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: Avoid leaking system path from pg_available_extensions
To: Chao Li <li.evan.chao@gmail.com>,
 PostgreSQL-development <pgsql-hackers@postgresql.org>
Cc: Andrew Dunstan <andrew@dunslane.net>
References: <357C774A-ECE9-4455-B641-315205D4D9A1@gmail.com>
Content-Language: en-US
From: Matheus Alcantara <matheusssilv97@gmail.com>
In-Reply-To: <357C774A-ECE9-4455-B641-315205D4D9A1@gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/96203151-6929-4d88-85a0-d552ee258a24%40gmail.com>
Precedence: bulk

On 19/05/26 22:00, Chao Li wrote:
> I just tested “Add paths of extensions to pg_available_extensions”, and found an issue.
> 
> This is a simple repro:
> ```
> evantest=# reset extension_control_path;
> RESET
> evantest=# select * from pg_available_extensions where name = 'plpgsql';
>    name   | default_version | installed_version | location |           comment
> ---------+-----------------+-------------------+----------+------------------------------
>   plpgsql | 1.0             | 1.0               | $system  | PL/pgSQL procedural language
> (1 row)
> 
> evantest=# set extension_control_path='';
> SET
> evantest=# select * from pg_available_extensions where name = 'plpgsql';
>    name   | default_version | installed_version |             location             |           comment
> ---------+-----------------+-------------------+----------------------------------+------------------------------
>   plpgsql | 1.0             | 1.0               | /usr/local/pgsql/share/extension | PL/pgSQL procedural language
> (1 row)
> ```
> 
> When extension_control_path is not set, location shows “$system", which is consistent with what the documentation says:
> ```
>         <para>
>          The default value for this parameter is
>          <literal>'$system'</literal>. If the value is set to an empty
>          string, the default <literal>'$system'</literal> is also assumed.
>         </para>
> ```
> 
> However, as shown above, when I set extension_control_path to an empty string, the absolute system path is displayed. I consider this an information leakage bug.
> 
> The fix is straightforward; see the attached patch for details. After the fix, when extension_control_path is an empty string, location shows “$system” now:
> ```
> evantest=# set extension_control_path='';
> SET
> evantest=# select * from pg_available_extensions where name = 'plpgsql';
>    name   | default_version | installed_version | location |           comment
> ---------+-----------------+-------------------+----------+------------------------------
>   plpgsql | 1.0             | 1.0               | $system  | PL/pgSQL procedural language
> (1 row)
> ```
> 

Hi, thank you for sharing the bug with the fix.

I've reproduced the issue and the fix looks correct to me.

--
Matheus Alcantara
EDB: https://www.enterprisedb.com