Fix oversight in commit b5415e3.

tglsfdc · tglsfdc · commit b2edbbd02d30 · 2018-12-31T12:39:15.000-05:00
While rearranging code in tidpath.c, I overlooked the fact that we ought
to check restriction_is_securely_promotable when trying to use a join
clause as a TID qual.  Since tideq itself is leakproof, this wouldn't
really allow any interesting leak AFAICT, but it still seems like we
had better check it.

For consistency with the corresponding logic in indxpath.c, also
check rinfo-&gt;pseudoconstant.  I'm not sure right now that it's
possible for that to be set in a join clause, but if it were,
a match couldn't be made anyway.
diff --git a/src/backend/optimizer/path/tidpath.c b/src/backend/optimizer/path/tidpath.c
@@ -329,9 +329,14 @@ BuildParameterizedTidPaths(PlannerInfo *root, RelOptInfo *rel, List *clauses)
 		 *
 		 * We currently consider only TidEqual join clauses.  In principle we
 		 * might find a suitable ScalarArrayOpExpr in the rel's joininfo list,
-		 * but it seems unlikely to be worth checking for.
+		 * but it seems unlikely to be worth expending the cycles to check.
+		 * And we definitely won't find a CurrentOfExpr here.  Hence, we don't
+		 * use TidQualFromRestrictInfo; but this must match that function
+		 * otherwise.
 		 */
-		if (!IsTidEqualClause(rinfo, rel))
+		if (rinfo->pseudoconstant ||
+			!restriction_is_securely_promotable(rinfo, rel) ||
+			!IsTidEqualClause(rinfo, rel))
 			continue;
 
 		/*
