Merge pull request #385 from diffix/cristian/bugfix

cristianberneanu · web-flow · commit d96c6169b6cf · 2022-06-22T13:55:59.000+03:00
More fixes to statement validation.
diff --git a/src/auth.c b/src/auth.c
@@ -99,10 +99,11 @@ static bool is_metadata_relation(Oid relation_oid)
   if (namespace_oid == PG_CATALOG_NAMESPACE)
     return true; /* PG_CATALOG relations are checked in `ExecutorCheckPerms` hook. */
 
-  if (strcmp(get_namespace_name(namespace_oid), "information_schema") == 0)
-    return true; /* INFORMATION_SCHEMA relations are safe to query. */
+  char *namespace_name = get_namespace_name(namespace_oid);
+  bool result = strcmp(namespace_name, "information_schema") == 0; /* INFORMATION_SCHEMA relations are safe to query. */
+  pfree(namespace_name);
 
-  return false;
+  return result;
 }
 
 bool is_personal_relation(Oid relation_oid)
diff --git a/src/query/validation.c b/src/query/validation.c
@@ -53,6 +53,7 @@ void verify_utility_command(Node *utility_stmt)
     case T_DeclareCursorStmt:
     case T_DeallocateStmt:
     case T_FetchStmt:
+    case T_ClosePortalStmt:
       break;
     default:
       FAILWITH("Statement requires direct access level.");
