public inbox for pgsql-hackers@postgresql.org
help / color / mirror / Atom feedFrom: lu feng <fnlo1995@gmail.com>
To: Chao Li <li.evan.chao@gmail.com>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Cc: Andrew Dunstan <andrew@dunslane.net>
Cc: Matheus Alcantara <matheusssilv97@gmail.com>
Subject: Re: Avoid leaking system path from pg_available_extensions
Date: Thu, 21 May 2026 16:55:47 +0800
Message-ID: <CAFsXenbKCL+kShYcGY_ET5_bdtD_YhN7mCXEFc1qenq9BF02EA@mail.gmail.com> (raw)
In-Reply-To: <07A40FBE-F3F8-4D3F-95CA-F82CECF94EEB@gmail.com>
References: <357C774A-ECE9-4455-B641-315205D4D9A1@gmail.com>
<07A40FBE-F3F8-4D3F-95CA-F82CECF94EEB@gmail.com>
Chao Li <li.evan.chao@gmail.com> 于2026年5月20日周三 09:08写道:
>
>
> > On May 20, 2026, at 09:00, Chao Li <li.evan.chao@gmail.com> wrote:
> >
> > Hi,
> >
> > I just tested “Add paths of extensions to pg_available_extensions”, and
> found an issue.
> >
> > This is a simple repro:
> > ```
> > evantest=# reset extension_control_path;
> > RESET
> > evantest=# select * from pg_available_extensions where name = 'plpgsql';
> > name | default_version | installed_version | location |
> comment
> >
> ---------+-----------------+-------------------+----------+------------------------------
> > plpgsql | 1.0 | 1.0 | $system | PL/pgSQL
> procedural language
> > (1 row)
> >
> > evantest=# set extension_control_path='';
> > SET
> > evantest=# select * from pg_available_extensions where name = 'plpgsql';
> > name | default_version | installed_version | location
> | comment
> >
> ---------+-----------------+-------------------+----------------------------------+------------------------------
> > plpgsql | 1.0 | 1.0 |
> /usr/local/pgsql/share/extension | PL/pgSQL procedural language
> > (1 row)
> > ```
> >
> > When extension_control_path is not set, location shows “$system", which
> is consistent with what the documentation says:
> > ```
> > <para>
> > The default value for this parameter is
> > <literal>'$system'</literal>. If the value is set to an empty
> > string, the default <literal>'$system'</literal> is also assumed.
> > </para>
> > ```
> >
> > However, as shown above, when I set extension_control_path to an empty
> string, the absolute system path is displayed. I consider this an
> information leakage bug.
> >
> > The fix is straightforward; see the attached patch for details. After
> the fix, when extension_control_path is an empty string, location shows
> “$system” now:
> > ```
> > evantest=# set extension_control_path='';
> > SET
> > evantest=# select * from pg_available_extensions where name = 'plpgsql';
> > name | default_version | installed_version | location |
> comment
> >
> ---------+-----------------+-------------------+----------+------------------------------
> > plpgsql | 1.0 | 1.0 | $system | PL/pgSQL
> procedural language
> > (1 row)
> > ```
> >
> > Best regards,
> > --
> > Chao Li (Evan)
> > HighGo Software Co., Ltd.
> > https://www.highgo.com/
> >
> >
> >
> >
>
> Oops, forgot the attachment. Here comes it.
>
> Best regards,
> --
> Chao Li (Evan)
> HighGo Software Co., Ltd.
> https://www.highgo.com/
>
>
>
>
> Thanks for the patch. I just reproduced the problem and verified the fix.
So this patch looks good to me.
Regards,
Lu Feng
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: pgsql-hackers@postgresql.org
Cc: fnlo1995@gmail.com, li.evan.chao@gmail.com, andrew@dunslane.net, matheusssilv97@gmail.com
Subject: Re: Avoid leaking system path from pg_available_extensions
In-Reply-To: <CAFsXenbKCL+kShYcGY_ET5_bdtD_YhN7mCXEFc1qenq9BF02EA@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox