Fix possible logical replication crash.

Commit c3afe8cf5a1e465bd71e48e4bc717f5bfdc7a7d6 added a new password_required option but forgot that you need database access to check whether an arbitrary role ID is a superuser. Report and patch by Hou Zhijie. I added a comment. Thanks to Alexander Lakhin for devising a way to reproduce the crash. Discussion: http://postgr.es/m/OS0PR01MB5716BFD7EC44284C89F40808948F9@OS0PR01MB5716.jpnprd01.prod.outlook.com
author: Robert Haas 2023-04-03 17:11:00 +0000
committer: Robert Haas 2023-04-03 17:54:21 +0000
commit: e7e7da2f8d57bbe6c8fb463a9eec51486000ba2e (patch)
tree: ff333d6a9643e8568ffc65ba49a192ea02ad0200 /src/backend
parent: a8a00124f1ddb9c8506ff75317f6dd64cc480e61 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/backend/replication/logical/worker.c b/src/backend/replication/logical/worker.c
index 6fd674b5d60..ef2a6beb361 100644
--- a/src/backend/replication/logical/worker.c
+++ b/src/backend/replication/logical/worker.c
@@ -4545,12 +4545,14 @@ ApplyWorkerMain(Datum main_arg)
 		replorigin_session_setup(originid, 0);
 		replorigin_session_origin = originid;
 		origin_startpos = replorigin_session_get_progress(false);
-		CommitTransactionCommand();
 
 		/* Is the use of a password mandatory? */
 		must_use_password = MySubscription->passwordrequired &&
 			!superuser_arg(MySubscription->owner);
 
+		/* Note that the superuser_arg call can access the DB */
+		CommitTransactionCommand();
+
 		LogRepWorkerWalRcvConn = walrcv_connect(MySubscription->conninfo, true,
 												must_use_password,
 												MySubscription->name, &err);
author	Robert Haas	2023-04-03 17:11:00 +0000
committer	Robert Haas	2023-04-03 17:54:21 +0000
commit	e7e7da2f8d57bbe6c8fb463a9eec51486000ba2e (patch)
tree	ff333d6a9643e8568ffc65ba49a192ea02ad0200 /src/backend
parent	a8a00124f1ddb9c8506ff75317f6dd64cc480e61 (diff)