The following issues were found
test/sql/grant_hypertable.sql
12 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE TABLE conditions(
time TIMESTAMPTZ NOT NULL,
device INTEGER,
temperature FLOAT
Reported by SQLint.
Line: 18
Column: 1
INSERT INTO conditions
SELECT time, (random()*30)::int, random()*80 - 40
FROM generate_series('2018-12-01 00:00'::timestamp, '2018-12-10 00:00'::timestamp, '1h') AS time;
\z conditions
\z _timescaledb_internal.*chunk
-- Add privileges and show that they propagate to the chunks
GRANT SELECT, INSERT ON conditions TO PUBLIC;
\z conditions
Reported by SQLint.
Line: 23
Column: 1
-- Add privileges and show that they propagate to the chunks
GRANT SELECT, INSERT ON conditions TO PUBLIC;
\z conditions
\z _timescaledb_internal.*chunk
-- Create some more chunks and show that they also get the privileges.
INSERT INTO conditions
SELECT time, (random()*30)::int, random()*80 - 40
Reported by SQLint.
Line: 30
Column: 1
INSERT INTO conditions
SELECT time, (random()*30)::int, random()*80 - 40
FROM generate_series('2018-12-10 00:00'::timestamp, '2018-12-20 00:00'::timestamp, '1h') AS time;
\z conditions
\z _timescaledb_internal.*chunk
-- Revoke one of the privileges and show that it propagate to the
-- chunks.
REVOKE INSERT ON conditions FROM PUBLIC;
Reported by SQLint.
Line: 36
Column: 1
-- Revoke one of the privileges and show that it propagate to the
-- chunks.
REVOKE INSERT ON conditions FROM PUBLIC;
\z conditions
\z _timescaledb_internal.*chunk
-- Add some more chunks and show that it inherits the grants from the
-- hypertable.
INSERT INTO conditions
Reported by SQLint.
Line: 44
Column: 1
INSERT INTO conditions
SELECT time, (random()*30)::int, random()*80 - 40
FROM generate_series('2018-12-20 00:00'::timestamp, '2018-12-30 00:00'::timestamp, '1h') AS time;
\z conditions
\z _timescaledb_internal.*chunk
-- Change grants of one chunk explicitly and check that it is possible
\z _timescaledb_internal._hyper_1_1_chunk
GRANT UPDATE ON _timescaledb_internal._hyper_1_1_chunk TO PUBLIC;
Reported by SQLint.
Line: 50
Column: 1
-- Change grants of one chunk explicitly and check that it is possible
\z _timescaledb_internal._hyper_1_1_chunk
GRANT UPDATE ON _timescaledb_internal._hyper_1_1_chunk TO PUBLIC;
\z _timescaledb_internal._hyper_1_1_chunk
REVOKE SELECT ON _timescaledb_internal._hyper_1_1_chunk FROM PUBLIC;
\z _timescaledb_internal._hyper_1_1_chunk
-- Check that revoking a permission first on the chunk and then on the
-- hypertable that was added through the hypertable (INSERT and
Reported by SQLint.
Line: 52
Column: 1
GRANT UPDATE ON _timescaledb_internal._hyper_1_1_chunk TO PUBLIC;
\z _timescaledb_internal._hyper_1_1_chunk
REVOKE SELECT ON _timescaledb_internal._hyper_1_1_chunk FROM PUBLIC;
\z _timescaledb_internal._hyper_1_1_chunk
-- Check that revoking a permission first on the chunk and then on the
-- hypertable that was added through the hypertable (INSERT and
-- SELECT, in this case) still do not copy permissions from the
-- hypertable (so there should not be a select permission to public on
Reported by SQLint.
Line: 60
Column: 1
-- hypertable (so there should not be a select permission to public on
-- the chunk but there should be one on the hypertable).
GRANT INSERT ON conditions TO PUBLIC;
\z conditions
\z _timescaledb_internal._hyper_1_2_chunk
REVOKE SELECT ON _timescaledb_internal._hyper_1_2_chunk FROM PUBLIC;
REVOKE INSERT ON conditions FROM PUBLIC;
\z conditions
\z _timescaledb_internal._hyper_1_2_chunk
Reported by SQLint.
Line: 64
Column: 1
\z _timescaledb_internal._hyper_1_2_chunk
REVOKE SELECT ON _timescaledb_internal._hyper_1_2_chunk FROM PUBLIC;
REVOKE INSERT ON conditions FROM PUBLIC;
\z conditions
\z _timescaledb_internal._hyper_1_2_chunk
-- Check that granting permissions through hypertable does not remove
-- separate grants on chunk.
GRANT UPDATE ON _timescaledb_internal._hyper_1_3_chunk TO PUBLIC;
Reported by SQLint.
test/sql/tablespace.sql
12 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\set ON_ERROR_STOP 0
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE VIEW hypertable_tablespaces AS
SELECT cls.relname AS hypertable,
(SELECT spcname FROM pg_tablespace WHERE oid = reltablespace) AS tablespace
Reported by SQLint.
Line: 20
Column: 1
--attach the test name as prefix to allow tests to be executed in
--parallel.
CREATE TABLESPACE tablespace1 OWNER :ROLE_DEFAULT_PERM_USER LOCATION :TEST_TABLESPACE1_PATH;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
--assigning a tablespace via the main table should work
CREATE TABLE tspace_2dim(time timestamp, temp float, device text) TABLESPACE tablespace1;
SELECT create_hypertable('tspace_2dim', 'time', 'device', 2);
Reported by SQLint.
Line: 55
Column: 1
--no error if if_not_attached is given
SELECT attach_tablespace('tablespace1', 'tspace_2dim', if_not_attached => true);
\c :TEST_DBNAME :ROLE_SUPERUSER
--Tablespaces are cluster-wide, so we attach the test name as prefix
--to allow tests to be executed in parallel.
CREATE TABLESPACE tablespace2 OWNER :ROLE_DEFAULT_PERM_USER_2 LOCATION :TEST_TABLESPACE2_PATH;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
Reported by SQLint.
Line: 59
Column: 1
--Tablespaces are cluster-wide, so we attach the test name as prefix
--to allow tests to be executed in parallel.
CREATE TABLESPACE tablespace2 OWNER :ROLE_DEFAULT_PERM_USER_2 LOCATION :TEST_TABLESPACE2_PATH;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
--attach without permissions on the table should fail
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
Reported by SQLint.
Line: 64
Column: 1
--attach without permissions on the table should fail
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
--attach without permissions on the tablespace should also fail
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
\c :TEST_DBNAME :ROLE_SUPERUSER
Reported by SQLint.
Line: 69
Column: 1
--attach without permissions on the tablespace should also fail
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
\c :TEST_DBNAME :ROLE_SUPERUSER
GRANT :ROLE_DEFAULT_PERM_USER_2 TO :ROLE_DEFAULT_PERM_USER;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
--should work with permissions on both the table and the tablespace
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
Reported by SQLint.
Line: 71
Column: 1
\c :TEST_DBNAME :ROLE_SUPERUSER
GRANT :ROLE_DEFAULT_PERM_USER_2 TO :ROLE_DEFAULT_PERM_USER;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
--should work with permissions on both the table and the tablespace
SELECT attach_tablespace('tablespace2', 'tspace_2dim');
SELECT * FROM _timescaledb_catalog.tablespace;
Reported by SQLint.
Line: 87
Column: 1
--indexes should inherit the tablespace of their chunk
SELECT * FROM test.show_indexesp('_timescaledb_internal._hyper%_chunk');
\x
SELECT * FROM timescaledb_information.hypertables
ORDER BY hypertable_schema, hypertable_name;
SELECT * FROM timescaledb_information.chunks ORDER BY chunk_name;
\x
--
Reported by SQLint.
Line: 91
Column: 1
SELECT * FROM timescaledb_information.hypertables
ORDER BY hypertable_schema, hypertable_name;
SELECT * FROM timescaledb_information.chunks ORDER BY chunk_name;
\x
--
SET ROLE :ROLE_DEFAULT_PERM_USER_2;
CREATE TABLE tspace_1dim(time timestamp, temp float, device text);
SELECT create_hypertable('tspace_1dim', 'time');
--user doesn't have permission on tablespace1 --> error
Reported by SQLint.
Line: 158
Column: 1
SELECT detach_tablespace('tablespace2', 'tspace_2dim');
SELECT detach_tablespaces('tspace_2dim');
\c :TEST_DBNAME :ROLE_SUPERUSER
-- PERM_USER_2 owns tablespace2, and PERM_USER owns the table
-- 'tspace_2dim', which has tablespace2 attached. Revoking PERM_USER_2
-- FROM PERM_USER should therefore fail
REVOKE :ROLE_DEFAULT_PERM_USER_2 FROM :ROLE_DEFAULT_PERM_USER;
SET ROLE :ROLE_DEFAULT_PERM_USER_2;
Reported by SQLint.
tsl/test/sql/compression_segment_meta.sql
12 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-TIMESCALE for a copy of the license.
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE OR REPLACE FUNCTION _timescaledb_internal.ts_segment_meta_min_max_append(internal, ANYELEMENT)
RETURNS internal
AS :TSL_MODULE_PATHNAME, 'ts_segment_meta_min_max_append'
LANGUAGE C IMMUTABLE PARALLEL SAFE;
Reported by SQLint.
Line: 36
Column: 1
FINALFUNC_EXTRA
);
\ir include/rand_generator.sql
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
CREATE TABLE metric (i int);
insert into metric select i from generate_series(1, 10) i;
Reported by SQLint.
Line: 43
Column: 1
CREATE TABLE metric (i int);
insert into metric select i from generate_series(1, 10) i;
\set TYPE int
\set TABLE metric
\ir include/compression_test_segment_meta.sql
----NULL tests
--First
Reported by SQLint.
Line: 51
Column: 1
--First
truncate metric;
insert into metric select NULLIF(i,1) from generate_series(1, 10) i;
\ir include/compression_test_segment_meta.sql
--Last
truncate metric;
insert into metric select NULLIF(i,10) from generate_series(1, 10) i;
\ir include/compression_test_segment_meta.sql
Reported by SQLint.
Line: 56
Column: 1
--Last
truncate metric;
insert into metric select NULLIF(i,10) from generate_series(1, 10) i;
\ir include/compression_test_segment_meta.sql
--Middle
truncate metric;
insert into metric select NULLIF(i,5) from generate_series(1, 10) i;
\ir include/compression_test_segment_meta.sql
Reported by SQLint.
Line: 61
Column: 1
--Middle
truncate metric;
insert into metric select NULLIF(i,5) from generate_series(1, 10) i;
\ir include/compression_test_segment_meta.sql
--All NULLS should return null object
truncate metric;
insert into metric select NULL from generate_series(1, 10) i;
SELECT
Reported by SQLint.
Line: 84
Column: 1
ORDER BY gen_rand_minstd()
) sub;
\set TYPE text
\set TABLE base_texts
\ir include/compression_test_segment_meta.sql
--toasted text
DROP TABLE base_texts;
Reported by SQLint.
Line: 102
Column: 1
FROM pg_class c
WHERE relname = 'base_texts';
\ir include/compression_test_segment_meta.sql
--name is a fixed-length pass by reference type
CREATE TABLE base_name AS SELECT
item::name as i
FROM
Reported by SQLint.
Line: 113
Column: 1
ORDER BY gen_rand_minstd()
) sub;
\set TYPE name
\set TABLE base_name
\ir include/compression_test_segment_meta.sql
--array
Reported by SQLint.
Line: 128
Column: 1
ORDER BY gen_rand_minstd()
) sub;
\set TYPE text[]
\set TABLE text_array
\ir include/compression_test_segment_meta.sql
--Points doesn't have an ordering so make sure it errors
CREATE TABLE points AS SELECT
Reported by SQLint.
test/sql/chunk_adaptive.sql
11 issues
Line: 36
Column: 1
SELECT * FROM test.set_memory_cache_size('2GB');
-- test NULL handling
\set ON_ERROR_STOP 0
SELECT * FROM set_adaptive_chunking(NULL,NULL);
\set ON_ERROR_STOP 1
CREATE TABLE test_adaptive(time timestamptz, temp float, location int);
Reported by SQLint.
Line: 38
Column: 1
-- test NULL handling
\set ON_ERROR_STOP 0
SELECT * FROM set_adaptive_chunking(NULL,NULL);
\set ON_ERROR_STOP 1
CREATE TABLE test_adaptive(time timestamptz, temp float, location int);
\set ON_ERROR_STOP 0
-- Bad signature of sizing func should fail
Reported by SQLint.
Line: 42
Column: 1
CREATE TABLE test_adaptive(time timestamptz, temp float, location int);
\set ON_ERROR_STOP 0
-- Bad signature of sizing func should fail
SELECT create_hypertable('test_adaptive', 'time',
chunk_target_size => '1MB',
chunk_sizing_func => 'bad_calculate_chunk_interval');
\set ON_ERROR_STOP 1
Reported by SQLint.
Line: 47
Column: 1
SELECT create_hypertable('test_adaptive', 'time',
chunk_target_size => '1MB',
chunk_sizing_func => 'bad_calculate_chunk_interval');
\set ON_ERROR_STOP 1
-- Setting sizing func with correct signature should work
SELECT create_hypertable('test_adaptive', 'time',
chunk_target_size => '1MB',
chunk_sizing_func => 'calculate_chunk_interval');
Reported by SQLint.
Line: 73
Column: 1
SELECT table_name, chunk_sizing_func_schema, chunk_sizing_func_name, chunk_target_size
FROM _timescaledb_catalog.hypertable;
\set ON_ERROR_STOP 0
-- Setting NULL func should fail
SELECT * FROM set_adaptive_chunking('test_adaptive', '1MB', NULL);
\set ON_ERROR_STOP 1
-- Setting NULL size disables adaptive chunking
Reported by SQLint.
Line: 76
Column: 1
\set ON_ERROR_STOP 0
-- Setting NULL func should fail
SELECT * FROM set_adaptive_chunking('test_adaptive', '1MB', NULL);
\set ON_ERROR_STOP 1
-- Setting NULL size disables adaptive chunking
SELECT * FROM set_adaptive_chunking('test_adaptive', NULL);
SELECT table_name, chunk_sizing_func_schema, chunk_sizing_func_name, chunk_target_size
FROM _timescaledb_catalog.hypertable;
Reported by SQLint.
Line: 266
Column: 1
'2017-03-07T18:18:03+00'::timestamptz,
'2 minutes') as time;
\x
SELECT chunk_name, range_start, range_end
FROM timescaledb_information.chunks
WHERE hypertable_name = 'test_adaptive_space' ORDER BY chunk_name;
SELECT *
FROM timescaledb_information.dimensions
Reported by SQLint.
Line: 273
Column: 1
SELECT *
FROM timescaledb_information.dimensions
WHERE hypertable_name = 'test_adaptive_space' ORDER BY dimension_number;
\x
SELECT *
FROM chunks_detailed_size('test_adaptive_space') ORDER BY chunk_name;
SELECT id, hypertable_id, interval_length FROM _timescaledb_catalog.dimension;
-- A previous version stopped working as soon as hypertable_id stopped being
Reported by SQLint.
Line: 288
Column: 1
create_default_indexes => true);
INSERT INTO test_adaptive_after_multiple_dims VALUES('2018-01-01T00:00:00+00'::timestamptz, 0.0, 5);
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
\set ON_ERROR_STOP 0
SELECT * FROM set_adaptive_chunking('test_adaptive', '2MB');
\set ON_ERROR_STOP 1
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
Reported by SQLint.
Line: 291
Column: 1
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
\set ON_ERROR_STOP 0
SELECT * FROM set_adaptive_chunking('test_adaptive', '2MB');
\set ON_ERROR_STOP 1
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
-- Now make sure renaming schema gets propagated to the func_schema
DROP TABLE test_adaptive;
Reported by SQLint.
tsl/test/sql/bgw_custom.sql
11 issues
Line: 35
Column: 1
END
$$;
\set ON_ERROR_STOP 0
-- test bad input
SELECT add_job(NULL, '1h');
SELECT add_job(0, '1h');
-- this will return an error about Oid 4294967295
-- while regproc is unsigned int postgres has an implicit cast from int to regproc
Reported by SQLint.
Line: 45
Column: 1
SELECT add_job('invalid_func', '1h');
SELECT add_job('custom_func', NULL);
SELECT add_job('custom_func', 'invalid interval');
\set ON_ERROR_STOP 1
SELECT add_job('custom_func','1h', config:='{"type":"function"}'::jsonb);
SELECT add_job('custom_proc','1h', config:='{"type":"procedure"}'::jsonb);
SELECT add_job('custom_proc2','1h', config:= '{"type":"procedure"}'::jsonb);
Reported by SQLint.
Line: 59
Column: 1
-- check for corrects counts in telemetry
SELECT json_object_field(get_telemetry_report(always_display_report := true)::json,'num_user_defined_actions');
\set ON_ERROR_STOP 0
-- test bad input
CALL run_job(NULL);
CALL run_job(-1);
\set ON_ERROR_STOP 1
Reported by SQLint.
Line: 63
Column: 1
-- test bad input
CALL run_job(NULL);
CALL run_job(-1);
\set ON_ERROR_STOP 1
CALL run_job(1000);
CALL run_job(1001);
CALL run_job(1002);
CALL run_job(1003);
Reported by SQLint.
Line: 74
Column: 1
SELECT * FROM custom_log ORDER BY job_id, extra;
\set ON_ERROR_STOP 0
-- test bad input
SELECT delete_job(NULL);
SELECT delete_job(-1);
\set ON_ERROR_STOP 1
Reported by SQLint.
Line: 78
Column: 1
-- test bad input
SELECT delete_job(NULL);
SELECT delete_job(-1);
\set ON_ERROR_STOP 1
SELECT delete_job(1000);
SELECT delete_job(1001);
SELECT delete_job(1002);
SELECT delete_job(1003);
Reported by SQLint.
Line: 89
Column: 1
-- check jobs got removed
SELECT count(*) FROM timescaledb_information.jobs WHERE job_id >= 1000;
\c :TEST_DBNAME :ROLE_SUPERUSER
\set ON_ERROR_STOP 0
-- test bad input
SELECT alter_job(NULL, if_exists => false);
SELECT alter_job(-1, if_exists => false);
Reported by SQLint.
Line: 95
Column: 1
-- test bad input
SELECT alter_job(NULL, if_exists => false);
SELECT alter_job(-1, if_exists => false);
\set ON_ERROR_STOP 1
-- test bad input but don't fail
SELECT alter_job(NULL, if_exists => true);
SELECT alter_job(-1, if_exists => true);
-- test altering job with NULL config
Reported by SQLint.
Line: 113
Column: 1
SELECT * FROM timescaledb_information.jobs WHERE job_id = 1;
--test for #2793
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
-- background workers are disabled, so the job will not run --
SELECT add_job( proc=>'custom_func',
schedule_interval=>'1h', initial_start =>'2018-01-01 10:00:00-05');
SELECT job_id, next_start, scheduled, schedule_interval
Reported by SQLint.
Line: 120
Column: 1
SELECT job_id, next_start, scheduled, schedule_interval
FROM timescaledb_information.jobs WHERE job_id > 1000;
\x
SELECT * FROM timescaledb_information.job_stats WHERE job_id > 1000;
\x
Reported by SQLint.
src/hypertable.c
11 issues
Line: 978
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
memset(NameStr(default_associated_table_prefix), '\0', NAMEDATALEN);
Assert(replication_factor >= 0);
if (replication_factor == 0)
snprintf(NameStr(default_associated_table_prefix),
NAMEDATALEN,
DEFAULT_ASSOCIATED_TABLE_PREFIX_FORMAT,
fd.id);
else
snprintf(NameStr(default_associated_table_prefix),
Reported by FlawFinder.
Line: 983
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
DEFAULT_ASSOCIATED_TABLE_PREFIX_FORMAT,
fd.id);
else
snprintf(NameStr(default_associated_table_prefix),
NAMEDATALEN,
DEFAULT_ASSOCIATED_DISTRIBUTED_TABLE_PREFIX_FORMAT,
fd.id);
namestrcpy(&fd.associated_table_prefix, NameStr(default_associated_table_prefix));
}
Reported by FlawFinder.
Line: 196
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
Assert(!nulls[AttrNumberGetAttrOffset(Anum_hypertable_compression_state)]);
fd->id = DatumGetInt32(values[AttrNumberGetAttrOffset(Anum_hypertable_id)]);
memcpy(&fd->schema_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_schema_name)]),
NAMEDATALEN);
memcpy(&fd->table_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_table_name)]),
NAMEDATALEN);
Reported by FlawFinder.
Line: 199
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&fd->schema_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_schema_name)]),
NAMEDATALEN);
memcpy(&fd->table_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_table_name)]),
NAMEDATALEN);
memcpy(&fd->associated_schema_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_associated_schema_name)]),
NAMEDATALEN);
Reported by FlawFinder.
Line: 202
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&fd->table_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_table_name)]),
NAMEDATALEN);
memcpy(&fd->associated_schema_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_associated_schema_name)]),
NAMEDATALEN);
memcpy(&fd->associated_table_prefix,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_associated_table_prefix)]),
NAMEDATALEN);
Reported by FlawFinder.
Line: 205
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&fd->associated_schema_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_associated_schema_name)]),
NAMEDATALEN);
memcpy(&fd->associated_table_prefix,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_associated_table_prefix)]),
NAMEDATALEN);
fd->num_dimensions =
DatumGetInt16(values[AttrNumberGetAttrOffset(Anum_hypertable_num_dimensions)]);
Reported by FlawFinder.
Line: 212
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fd->num_dimensions =
DatumGetInt16(values[AttrNumberGetAttrOffset(Anum_hypertable_num_dimensions)]);
memcpy(&fd->chunk_sizing_func_schema,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_chunk_sizing_func_schema)]),
NAMEDATALEN);
memcpy(&fd->chunk_sizing_func_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_chunk_sizing_func_name)]),
NAMEDATALEN);
Reported by FlawFinder.
Line: 215
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&fd->chunk_sizing_func_schema,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_chunk_sizing_func_schema)]),
NAMEDATALEN);
memcpy(&fd->chunk_sizing_func_name,
DatumGetName(values[AttrNumberGetAttrOffset(Anum_hypertable_chunk_sizing_func_name)]),
NAMEDATALEN);
fd->chunk_target_size =
DatumGetInt64(values[AttrNumberGetAttrOffset(Anum_hypertable_chunk_target_size)]);
Reported by FlawFinder.
Line: 2291
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void
ts_hypertables_rename_schema_name(const char *old_name, const char *new_name)
{
const char *schema_names[2] = { old_name, new_name };
Catalog *catalog = ts_catalog_get();
ScannerCtx scanctx = {
.table = catalog_get_table_id(catalog, HYPERTABLE),
.index = InvalidOid,
Reported by FlawFinder.
Line: 2630
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
HypertableDataNode *copy = palloc(sizeof(HypertableDataNode));
memcpy(copy, node, sizeof(HypertableDataNode));
return copy;
}
static List *
get_hypertable_data_node_values(const Hypertable *ht, hypertable_data_node_filter filter,
Reported by FlawFinder.
tsl/test/sql/continuous_aggs_permissions.sql
11 issues
Line: 6
Column: 1
-- LICENSE-TIMESCALE for a copy of the license.
-- initialize the bgw mock state to prevent the materialization workers from running
\c :TEST_DBNAME :ROLE_SUPERUSER
-- remove any default jobs, e.g., telemetry so bgw_job isn't polluted
DELETE FROM _timescaledb_config.bgw_job WHERE TRUE;
CREATE VIEW cagg_info AS
Reported by SQLint.
Line: 33
Column: 1
FROM pg_class JOIN caggs ON pg_class.oid = caggs.mat_relid;
GRANT SELECT ON cagg_info TO PUBLIC;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
CREATE TABLE conditions (
timec INT NOT NULL,
location TEXT NOT NULL,
temperature DOUBLE PRECISION NULL,
Reported by SQLint.
Line: 64
Column: 84
CALL refresh_continuous_aggregate(' mat_refresh_test', NULL, NULL);
SELECT id as cagg_job_id FROM _timescaledb_config.bgw_job order by id desc limit 1 \gset
SELECT format('%I.%I', materialization_hypertable_schema, materialization_hypertable_name ) as materialization_hypertable
FROM timescaledb_information.continuous_aggregates
WHERE view_name = 'mat_refresh_test' \gset
SELECT mat_hypertable_id FROM _timescaledb_catalog.continuous_agg WHERE user_view_name = 'mat_refresh_test' \gset
Reported by SQLint.
Line: 113
Column: 1
--need both select and trigger permissions to create a materialized view on top of it.
GRANT SELECT, TRIGGER ON conditions_for_perm_check_w_grant TO public;
\c :TEST_DBNAME :ROLE_SUPERUSER
create schema custom_schema;
CREATE FUNCTION get_constant() RETURNS INTEGER LANGUAGE SQL IMMUTABLE AS
$BODY$
Reported by SQLint.
Line: 124
Column: 1
REVOKE EXECUTE ON FUNCTION get_constant() FROM PUBLIC;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
\set ON_ERROR_STOP 0
select from alter_job(:cagg_job_id, max_runtime => NULL);
--make sure that commands fail
Reported by SQLint.
Line: 178
Column: 1
CALL refresh_continuous_aggregate('mat_perm_view_test', NULL, NULL);
SELECT * FROM mat_perm_view_test;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
--revoke select permissions from role with mat view
REVOKE SELECT ON conditions_for_perm_check_w_grant FROM public;
insert into conditions_for_perm_check_w_grant
select generate_series(100, 130, 10), 'POR', 65, 85, 30, 90, NULL;
Reported by SQLint.
Line: 185
Column: 1
insert into conditions_for_perm_check_w_grant
select generate_series(100, 130, 10), 'POR', 65, 85, 30, 90, NULL;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
--refresh mat view should now fail due to lack of permissions
CALL refresh_continuous_aggregate('mat_perm_view_test', NULL, NULL);
--but the old data will still be there
SELECT * FROM mat_perm_view_test;
Reported by SQLint.
Line: 192
Column: 1
--but the old data will still be there
SELECT * FROM mat_perm_view_test;
\set VERBOSITY default
-- Test that grants and revokes are propagated to the implementation
-- objects, that is, the user view, the partial view, the direct view,
-- and the materialization table.
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
Reported by SQLint.
Line: 212
Column: 1
SELECT time, (random() * 30)::int, random() * 80
FROM generate_series('2020-02-01 00:00:00'::timestamptz, '2020-03-01 00:00:00', '1 hour') AS time;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER_2
CREATE MATERIALIZED VIEW devices_summary
WITH (timescaledb.continuous, timescaledb.materialized_only=true)
AS SELECT time_bucket('1 day', time) AS bucket, device, MAX(temp)
FROM devices GROUP BY bucket, device WITH NO DATA;
Reported by SQLint.
Line: 219
Column: 1
AS SELECT time_bucket('1 day', time) AS bucket, device, MAX(temp)
FROM devices GROUP BY bucket, device WITH NO DATA;
\x on
SELECT * FROM cagg_info WHERE user_view::text = 'devices_summary';
GRANT ALL ON devices_summary TO :ROLE_DEFAULT_PERM_USER;
SELECT * FROM cagg_info WHERE user_view::text = 'devices_summary';
REVOKE SELECT, UPDATE ON devices_summary FROM :ROLE_DEFAULT_PERM_USER;
SELECT * FROM cagg_info WHERE user_view::text = 'devices_summary';
Reported by SQLint.
tsl/test/sql/continuous_aggs_bgw_drop_chunks.sql
11 issues
Line: 8
Column: 1
--
-- Setup for testing bgw jobs ---
--
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE OR REPLACE FUNCTION ts_bgw_db_scheduler_test_run_and_wait_for_scheduler_finish(timeout INT = -1) RETURNS VOID
AS :MODULE_PATHNAME LANGUAGE C VOLATILE;
CREATE OR REPLACE FUNCTION ts_bgw_params_create() RETURNS VOID
AS :MODULE_PATHNAME LANGUAGE C VOLATILE;
Reported by SQLint.
Line: 15
Column: 1
CREATE OR REPLACE FUNCTION ts_bgw_params_create() RETURNS VOID
AS :MODULE_PATHNAME LANGUAGE C VOLATILE;
\set WAIT_ON_JOB 0
\set IMMEDIATELY_SET_UNTIL 1
\set WAIT_FOR_OTHER_TO_ADVANCE 2
-- Remove any default jobs, e.g., telemetry
DELETE FROM _timescaledb_config.bgw_job WHERE TRUE;
Reported by SQLint.
Line: 23
Column: 1
DELETE FROM _timescaledb_config.bgw_job WHERE TRUE;
TRUNCATE _timescaledb_internal.bgw_job_stat;
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
CREATE TABLE public.bgw_log(
msg_no INT,
mock_time BIGINT,
application_name TEXT,
msg TEXT
Reported by SQLint.
Line: 42
Column: 1
-- test drop chunks policy runs for materialized hypertables created for
-- cont. aggregates
-----------------------------------
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
CREATE TABLE drop_chunks_table(time BIGINT, data INTEGER);
SELECT hypertable_id AS drop_chunks_table_nid
FROM create_hypertable('drop_chunks_table', 'time', chunk_time_interval => 1) \gset
Reported by SQLint.
Line: 46
Column: 83
CREATE TABLE drop_chunks_table(time BIGINT, data INTEGER);
SELECT hypertable_id AS drop_chunks_table_nid
FROM create_hypertable('drop_chunks_table', 'time', chunk_time_interval => 1) \gset
CREATE OR REPLACE FUNCTION integer_now_test2() returns bigint LANGUAGE SQL STABLE as $$ SELECT 40::bigint $$;
SELECT set_integer_now_func('drop_chunks_table', 'integer_now_test2');
Reported by SQLint.
Line: 60
Column: 1
--raw hypertable will have 40 chunks and the mat. hypertable will have 2 and 4
-- chunks respectively
SELECT set_chunk_time_interval('_timescaledb_internal._materialized_hypertable_2', 10);
\set ON_ERROR_STOP 0
INSERT INTO drop_chunks_table SELECT i, i FROM generate_series(1, 39) AS i;
\set ON_ERROR_STOP 1
CALL refresh_continuous_aggregate('drop_chunks_view1', NULL, NULL);
--TEST1 specify drop chunks policy on mat. hypertable by
Reported by SQLint.
Line: 62
Column: 1
SELECT set_chunk_time_interval('_timescaledb_internal._materialized_hypertable_2', 10);
\set ON_ERROR_STOP 0
INSERT INTO drop_chunks_table SELECT i, i FROM generate_series(1, 39) AS i;
\set ON_ERROR_STOP 1
CALL refresh_continuous_aggregate('drop_chunks_view1', NULL, NULL);
--TEST1 specify drop chunks policy on mat. hypertable by
-- directly does not work
Reported by SQLint.
Line: 68
Column: 1
--TEST1 specify drop chunks policy on mat. hypertable by
-- directly does not work
\set ON_ERROR_STOP 0
SELECT add_retention_policy( '_timescaledb_internal._materialized_hypertable_2', drop_after => -50) as drop_chunks_job_id1 \gset
\set ON_ERROR_STOP 1
--TEST2 specify drop chunks policy on cont. aggregate
-- integer_now func on raw hypertable is used by the drop
Reported by SQLint.
Line: 83
Column: 92
FROM timescaledb_information.chunks
WHERE hypertable_name = '_materialized_hypertable_2' ORDER BY range_start_integer;
SELECT add_retention_policy( 'drop_chunks_view1', drop_after => 10) as drop_chunks_job_id1 \gset
SELECT alter_job(:drop_chunks_job_id1, schedule_interval => INTERVAL '1 second');
SELECT ts_bgw_db_scheduler_test_run_and_wait_for_scheduler_finish(2000000);
SELECT count(c) from show_chunks('drop_chunks_view1') as c ;
SELECT remove_retention_policy('drop_chunks_view1');
Reported by SQLint.
Line: 89
Column: 1
SELECT count(c) from show_chunks('drop_chunks_view1') as c ;
SELECT remove_retention_policy('drop_chunks_view1');
\set ON_ERROR_STOP 0
SELECT remove_retention_policy('unknown');
SELECT remove_retention_policy('1');
\set ON_ERROR_STOP 1
Reported by SQLint.
tsl/test/sql/compress_table.sql
10 issues
Line: 5
Column: 1
-- Please see the included NOTICE for copyright information and
-- LICENSE-TIMESCALE for a copy of the license.
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE OR REPLACE FUNCTION ts_compress_table(in_table REGCLASS, out_table REGCLASS, compression_info _timescaledb_catalog.hypertable_compression[])
RETURNS VOID
AS :TSL_MODULE_PATHNAME LANGUAGE C STRICT VOLATILE;
CREATE OR REPLACE FUNCTION ts_decompress_table(in_table REGCLASS, out_table REGCLASS)
Reported by SQLint.
Line: 13
Column: 1
CREATE OR REPLACE FUNCTION ts_decompress_table(in_table REGCLASS, out_table REGCLASS)
RETURNS VOID
AS :TSL_MODULE_PATHNAME LANGUAGE C STRICT VOLATILE;
\ir include/compression_utils.sql
\c :TEST_DBNAME :ROLE_DEFAULT_PERM_USER
-- column name, algorithm, idx, asc, nulls_first
--no sgement_byindex (use 0 to indicate that)
CREATE FUNCTION ord(TEXT, INT, INT, BOOL = true, BOOL = false)
Reported by SQLint.
Line: 64
Column: 1
nulls _timescaledb_internal.compressed_data,
texts _timescaledb_internal.compressed_data);
\set DATA_IN uncompressed
\set DATA_OUT uncompressed
-- compression algorithms
\set array 1
\set dictionary 2
Reported by SQLint.
Line: 94
Column: 1
SELECT generate_series(16,20), d, d % 3, d / 3.0, NULL, d
FROM generate_series(1, 5) d;
\ir include/compress_table_test.sql
TRUNCATE compressed;
-- test gorilla on ints
SELECT ARRAY[ord('time', :deltadelta, 0), seg('device', 0), com('data', :gorilla), com('floats', :gorilla), com('nulls', :array), com('texts', :dictionary)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
Reported by SQLint.
Line: 126
Column: 1
ALTER TABLE compressed DROP COLUMN data;
ALTER TABLE compressed DROP COLUMN nulls;
\set DECOMPRESS_FORWARD_CMD _timescaledb_internal.decompress_forward(time::_timescaledb_internal.compressed_data, NULL::INT) t, device, _timescaledb_internal.decompress_forward(floats::_timescaledb_internal.compressed_data, NULL::FLOAT(26)) f, _timescaledb_internal.decompress_forward(texts::_timescaledb_internal.compressed_data, NULL::TEXT) e
SELECT ARRAY[ord('time', :deltadelta, 0), seg('device', 0), com('floats', :gorilla), com('texts', :dictionary)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
\ir include/compress_table_test.sql
TRUNCATE compressed;
Reported by SQLint.
Line: 139
Column: 1
ALTER TABLE compressed ADD COLUMN dat2 _timescaledb_internal.compressed_data;
ALTER TABLE compressed ADD COLUMN ord _timescaledb_internal.compressed_data;
\set DECOMPRESS_FORWARD_CMD _timescaledb_internal.decompress_forward(time::_timescaledb_internal.compressed_data, NULL::INT) t, device, _timescaledb_internal.decompress_forward(floats::_timescaledb_internal.compressed_data, NULL::FLOAT(26)) f, _timescaledb_internal.decompress_forward(texts::_timescaledb_internal.compressed_data, NULL::TEXT) e, _timescaledb_internal.decompress_forward(dat2::_timescaledb_internal.compressed_data, NULL::INT) d2, _timescaledb_internal.decompress_forward(ord::_timescaledb_internal.compressed_data, NULL::INT) o
SELECT ARRAY[ord('time', :deltadelta, 0), seg('device', 0), com('floats', :gorilla), com('texts', :dictionary), ord('ord', :deltadelta, 1), com('dat2', :deltadelta)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
\ir include/compress_table_test.sql
TRUNCATE compressed;
Reported by SQLint.
Line: 148
Column: 1
-- test skipping columns
CREATE TABLE missing_columns AS SELECT time, device, dat2 FROM uncompressed;
\set DATA_OUT missing_columns
\set DECOMPRESS_FORWARD_CMD _timescaledb_internal.decompress_forward(time::_timescaledb_internal.compressed_data, NULL::INT) t, device, _timescaledb_internal.decompress_forward(dat2::_timescaledb_internal.compressed_data, NULL::INT) d2
SELECT ARRAY[ord('time', :deltadelta, 0), seg('device', 0), com('dat2', :deltadelta)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
Reported by SQLint.
Line: 158
Column: 1
TRUNCATE compressed;
\set ON_ERROR_STOP 0
-- test compressing a non-existent column
SELECT ARRAY[ord('time', :deltadelta, 0), seg('device', 0), com('floats', :gorilla), com('texts', :dictionary), ord('ord', :deltadelta, 1), com('dat2', :deltadelta), com('fictional', :deltadelta)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
SELECT ts_compress_table(:'DATA_IN'::REGCLASS, 'compressed'::REGCLASS,:'COMPRESSION_INFO'::_timescaledb_catalog.hypertable_compression[]);
Reported by SQLint.
Line: 166
Column: 1
SELECT ts_compress_table(:'DATA_IN'::REGCLASS, 'compressed'::REGCLASS,:'COMPRESSION_INFO'::_timescaledb_catalog.hypertable_compression[]);
TRUNCATE compressed;
\set ON_ERROR_STOP 1
TRUNCATE uncompressed;
DROP TABLE compressed;
DROP TABLE uncompressed;
Reported by SQLint.
Line: 188
Column: 1
device _timescaledb_internal.compressed_data,
time _timescaledb_internal.compressed_data);
\set DATA_IN uncompressed
\set DATA_OUT uncompressed
INSERT INTO uncompressed SELECT (i % 3)::BOOL, i, i / 3 FROM generate_series(1, 20) i;
SELECT ARRAY[ord('device', :deltadelta, 0), com('b', :deltadelta), com('time', :gorilla)]::_timescaledb_catalog.hypertable_compression[] AS "COMPRESSION_INFO" \gset
Reported by SQLint.
tsl/test/sql/continuous_aggs_refresh.sql
10 issues
Line: 6
Column: 1
-- LICENSE-TIMESCALE for a copy of the license.
-- Disable background workers since we are testing manual refresh
\c :TEST_DBNAME :ROLE_SUPERUSER
SELECT _timescaledb_internal.stop_background_workers();
SET ROLE :ROLE_DEFAULT_PERM_USER;
CREATE TABLE conditions (time timestamptz NOT NULL, device int, temp float);
SELECT create_hypertable('conditions', 'time');
Reported by SQLint.
Line: 44
Column: 1
CALL refresh_continuous_aggregate('daily_temp', '2020-05-03 00:00 UTC', '2020-05-04 00:00 UTC');
CALL refresh_continuous_aggregate('daily_temp', '2020-05-03 17:00 PDT', '2020-05-04 17:00 PDT');
\set ON_ERROR_STOP 0
\set VERBOSITY default
-- These refreshes will fail since they don't align with the bucket's
-- time zone
CALL refresh_continuous_aggregate('daily_temp', '2020-05-03', '2020-05-04');
CALL refresh_continuous_aggregate('daily_temp', '2020-05-03 00:00 PDT', '2020-05-04 00:00 PDT');
Reported by SQLint.
Line: 59
Column: 1
-- Refresh window: [----------)
-- Buckets: [------|------]
CALL refresh_continuous_aggregate('daily_temp', '2020-05-03 01:00 UTC', '2020-05-04 08:00 UTC');
\set VERBOSITY terse
\set ON_ERROR_STOP 1
-- Refresh the most recent few days:
CALL refresh_continuous_aggregate('daily_temp', '2020-05-02', '2020-05-05 17:00');
Reported by SQLint.
Line: 94
Column: 1
CALL refresh_continuous_aggregate('daily_temp', NULL, '2020-05-01');
-- Test bad input
\set ON_ERROR_STOP 0
-- Bad continuous aggregate name
CALL refresh_continuous_aggregate(NULL, '2020-05-03', '2020-05-05');
CALL refresh_continuous_aggregate('xyz', '2020-05-03', '2020-05-05');
-- Valid object, but not a continuous aggregate
CALL refresh_continuous_aggregate('conditions', '2020-05-03', '2020-05-05');
Reported by SQLint.
Line: 112
Column: 1
-- Bad time input
CALL refresh_continuous_aggregate('daily_temp', '2020-05-01'::text, '2020-05-03'::text);
CALL refresh_continuous_aggregate('daily_temp', 0, '2020-05-01');
\set ON_ERROR_STOP 1
-- Test different time types
CREATE TABLE conditions_date (time date NOT NULL, device int, temp float);
SELECT create_hypertable('conditions_date', 'time');
Reported by SQLint.
Line: 146
Column: 1
FROM conditions_smallint
$$;
\set ON_ERROR_STOP 0
-- First try to create an integer-based continuous aggregate without
-- an now function. This should not be allowed.
CREATE MATERIALIZED VIEW cond_20_smallint
WITH (timescaledb.continuous,
timescaledb.materialized_only=true)
Reported by SQLint.
Line: 156
Column: 1
SELECT time_bucket(SMALLINT '20', time) AS bucket, device, avg(temp) AS avg_temp
FROM conditions_smallint c
GROUP BY 1,2 WITH NO DATA;
\set ON_ERROR_STOP 1
SELECT set_integer_now_func('conditions_smallint', 'smallint_now');
CREATE MATERIALIZED VIEW cond_20_smallint
WITH (timescaledb.continuous,
Reported by SQLint.
Line: 265
Column: 1
SELECT * FROM weekly_temp_without_data;
SELECT * FROM weekly_temp_with_data ORDER BY 1,2;
\set ON_ERROR_STOP 0
-- REFRESH MATERIALIZED VIEW is blocked on continuous aggregates
REFRESH MATERIALIZED VIEW weekly_temp_without_data;
-- These should fail since we do not allow refreshing inside a
-- transaction, not even as part of CREATE MATERIALIZED VIEW.
Reported by SQLint.
Line: 291
Column: 1
GROUP BY 1,2 WITH DATA;
COMMIT;
\set ON_ERROR_STOP 1
-- This should not fail since we do not refresh the continuous
-- aggregate.
DO LANGUAGE PLPGSQL $$ BEGIN
CREATE MATERIALIZED VIEW weekly_conditions_1
Reported by SQLint.
Line: 303
Column: 5
SELECT time_bucket('7 days', time) AS day, device, avg(temp) AS avg_temp
FROM conditions
GROUP BY 1,2 WITH NO DATA;
END $$;
BEGIN;
CREATE MATERIALIZED VIEW weekly_conditions_2
WITH (timescaledb.continuous,
timescaledb.materialized_only=true)
Reported by SQLint.