Sophie

Sophie

distrib > Mageia > 7 > armv7hl > media > core-updates > by-pkgid > 5fea23694c765462b86d6ddf74461eab > files > 983

postgresql9.6-docs-9.6.22-1.mga7.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Functions</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.6.22 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Type Conversion"
HREF="typeconv.html"><LINK
REL="PREVIOUS"
TITLE="Operators"
HREF="typeconv-oper.html"><LINK
REL="NEXT"
TITLE="Value Storage"
HREF="typeconv-query.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2021-05-18T09:16:10"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="4"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.6.22 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Operators"
HREF="typeconv-oper.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="typeconv.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Chapter 10. Type Conversion</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Value Storage"
HREF="typeconv-query.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="TYPECONV-FUNC"
>10.3. Functions</A
></H1
><P
>   The specific function that is referenced by a function call
   is determined using the following procedure.
  </P
><DIV
CLASS="PROCEDURE"
><P
><B
>Function Type Resolution</B
></P
><OL
TYPE="1"
><LI
CLASS="STEP"
><P
>Select the functions to be considered from the
<CODE
CLASS="CLASSNAME"
>pg_proc</CODE
> system catalog.  If a non-schema-qualified
function name was used, the functions
considered are those with the matching name and argument count that are
visible in the current search path (see <A
HREF="ddl-schemas.html#DDL-SCHEMAS-PATH"
>Section 5.8.3</A
>).
If a qualified function name was given, only functions in the specified
schema are considered.</P
><OL
CLASS="SUBSTEPS"
TYPE="a"
><LI
CLASS="STEP"
><P
>If the search path finds multiple functions of identical argument types,
only the one appearing earliest in the path is considered.  Functions of
different argument types are considered on an equal footing regardless of
search path position.</P
></LI
><LI
CLASS="STEP"
><P
>If a function is declared with a <TT
CLASS="LITERAL"
>VARIADIC</TT
> array parameter, and
the call does not use the <TT
CLASS="LITERAL"
>VARIADIC</TT
> keyword, then the function
is treated as if the array parameter were replaced by one or more occurrences
of its element type, as needed to match the call.  After such expansion the
function might have effective argument types identical to some non-variadic
function.  In that case the function appearing earlier in the search path is
used, or if the two functions are in the same schema, the non-variadic one is
preferred.</P
><P
>This creates a security hazard when calling, via qualified name
  <A
NAME="FUNC-QUALIFIED-SECURITY"
HREF="#FTN.FUNC-QUALIFIED-SECURITY"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
>,
a variadic function found in a schema that permits untrusted users to create
objects.  A malicious user can take control and execute arbitrary SQL
functions as though you executed them.  Substitute a call bearing
the <TT
CLASS="LITERAL"
>VARIADIC</TT
> keyword, which bypasses this hazard.  Calls
populating <TT
CLASS="LITERAL"
>VARIADIC "any"</TT
> parameters often have no
equivalent formulation containing the <TT
CLASS="LITERAL"
>VARIADIC</TT
> keyword.  To
issue those calls safely, the function's schema must permit only trusted users
to create objects.</P
></LI
><LI
CLASS="STEP"
><P
>Functions that have default values for parameters are considered to match any
call that omits zero or more of the defaultable parameter positions.  If more
than one such function matches a call, the one appearing earliest in the
search path is used.  If there are two or more such functions in the same
schema with identical parameter types in the non-defaulted positions (which is
possible if they have different sets of defaultable parameters), the system
will not be able to determine which to prefer, and so an <SPAN
CLASS="QUOTE"
>"ambiguous
function call"</SPAN
> error will result if no better match to the call can be
found.</P
><P
>This creates an availability hazard when calling, via qualified
name<A
HREF="typeconv-func.html#FTN.FUNC-QUALIFIED-SECURITY"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
>, any function found in a
schema that permits untrusted users to create objects.  A malicious user can
create a function with the name of an existing function, replicating that
function's parameters and appending novel parameters having default values.
This precludes new calls to the original function.  To forestall this hazard,
place functions in schemas that permit only trusted users to create objects.</P
></LI
></OL
></LI
><LI
CLASS="STEP"
><P
>Check for a function accepting exactly the input argument types.
If one exists (there can be only one exact match in the set of
functions considered), use it.  Lack of an exact match creates a security
hazard when calling, via qualified
name<A
HREF="typeconv-func.html#FTN.FUNC-QUALIFIED-SECURITY"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
>, a function found in a
schema that permits untrusted users to create objects.  In such situations,
cast arguments to force an exact match.  (Cases involving <TT
CLASS="TYPE"
>unknown</TT
>
will never find a match at this step.)</P
></LI
><LI
CLASS="STEP"
><P
>If no exact match is found, see if the function call appears
to be a special type conversion request.  This happens if the function call
has just one argument and the function name is the same as the (internal)
name of some data type.  Furthermore, the function argument must be either
an unknown-type literal, or a type that is binary-coercible to the named
data type, or a type that could be converted to the named data type by
applying that type's I/O functions (that is, the conversion is either to or
from one of the standard string types).  When these conditions are met,
the function call is treated as a form of <TT
CLASS="LITERAL"
>CAST</TT
> specification.
  <A
NAME="AEN25590"
HREF="#FTN.AEN25590"
><SPAN
CLASS="footnote"
>[2]</SPAN
></A
></P
></LI
><LI
CLASS="STEP"
><P
>Look for the best match.</P
><OL
CLASS="SUBSTEPS"
TYPE="a"
><LI
CLASS="STEP"
><P
>Discard candidate functions for which the input types do not match
and cannot be converted (using an implicit conversion) to match.
<TT
CLASS="TYPE"
>unknown</TT
> literals are
assumed to be convertible to anything for this purpose.  If only one
candidate remains, use it; else continue to the next step.</P
></LI
><LI
CLASS="STEP"
><P
>If any input argument is of a domain type, treat it as being of the
domain's base type for all subsequent steps.  This ensures that domains
act like their base types for purposes of ambiguous-function resolution.</P
></LI
><LI
CLASS="STEP"
><P
>Run through all candidates and keep those with the most exact matches
on input types.  Keep all candidates if none have exact matches.
If only one candidate remains, use it; else continue to the next step.</P
></LI
><LI
CLASS="STEP"
><P
>Run through all candidates and keep those that accept preferred types (of the
input data type's type category) at the most positions where type conversion
will be required.
Keep all candidates if none accept preferred types.
If only one candidate remains, use it; else continue to the next step.</P
></LI
><LI
CLASS="STEP"
><P
>If any input arguments are <TT
CLASS="TYPE"
>unknown</TT
>, check the type categories
accepted
at those argument positions by the remaining candidates.  At each position,
select the <TT
CLASS="TYPE"
>string</TT
> category if any candidate accepts that category.
(This bias towards string
is appropriate since an unknown-type literal looks like a string.)
Otherwise, if all the remaining candidates accept the same type category,
select that category; otherwise fail because
the correct choice cannot be deduced without more clues.
Now discard candidates that do not accept the selected type category.
Furthermore, if any candidate accepts a preferred type in that category,
discard candidates that accept non-preferred types for that argument.
Keep all candidates if none survive these tests.
If only one candidate remains, use it; else continue to the next step.</P
></LI
><LI
CLASS="STEP"
><P
>If there are both <TT
CLASS="TYPE"
>unknown</TT
> and known-type arguments, and all
the known-type arguments have the same type, assume that the
<TT
CLASS="TYPE"
>unknown</TT
> arguments are also of that type, and check which
candidates can accept that type at the <TT
CLASS="TYPE"
>unknown</TT
>-argument
positions.  If exactly one candidate passes this test, use it.
Otherwise, fail.</P
></LI
></OL
></LI
></OL
></DIV
><P
>Note that the <SPAN
CLASS="QUOTE"
>"best match"</SPAN
> rules are identical for operator and
function type resolution.
Some examples follow.</P
><DIV
CLASS="EXAMPLE"
><A
NAME="AEN25616"
></A
><P
><B
>Example 10-6. Rounding Function Argument Type Resolution</B
></P
><P
>There is only one <CODE
CLASS="FUNCTION"
>round</CODE
> function that takes two
arguments; it takes a first argument of type <TT
CLASS="TYPE"
>numeric</TT
> and
a second argument of type <TT
CLASS="TYPE"
>integer</TT
>.
So the following query automatically converts
the first argument of type <TT
CLASS="TYPE"
>integer</TT
> to
<TT
CLASS="TYPE"
>numeric</TT
>:

</P><PRE
CLASS="SCREEN"
>SELECT round(4, 4);

 round
--------
 4.0000
(1 row)</PRE
><P>

That query is actually transformed by the parser to:
</P><PRE
CLASS="SCREEN"
>SELECT round(CAST (4 AS numeric), 4);</PRE
><P></P
><P
>Since numeric constants with decimal points are initially assigned the
type <TT
CLASS="TYPE"
>numeric</TT
>, the following query will require no type
conversion and therefore might be slightly more efficient:
</P><PRE
CLASS="SCREEN"
>SELECT round(4.0, 4);</PRE
><P></P
></DIV
><DIV
CLASS="EXAMPLE"
><A
NAME="AEN25629"
></A
><P
><B
>Example 10-7. Variadic Function Resolution</B
></P
><P
></P><PRE
CLASS="SCREEN"
>CREATE FUNCTION public.variadic_example(VARIADIC numeric[]) RETURNS int
  LANGUAGE sql AS 'SELECT 1';
CREATE FUNCTION</PRE
><P>

This function accepts, but does not require, the VARIADIC keyword.  It
tolerates both integer and numeric arguments:

</P><PRE
CLASS="SCREEN"
>SELECT public.variadic_example(0),
       public.variadic_example(0.0),
       public.variadic_example(VARIADIC array[0.0]);
 variadic_example | variadic_example | variadic_example
------------------+------------------+------------------
                1 |                1 |                1
(1 row)</PRE
><P>

However, the first and second calls will prefer more-specific functions, if
available:

</P><PRE
CLASS="SCREEN"
>CREATE FUNCTION public.variadic_example(numeric) RETURNS int
  LANGUAGE sql AS 'SELECT 2';
CREATE FUNCTION

CREATE FUNCTION public.variadic_example(int) RETURNS int
  LANGUAGE sql AS 'SELECT 3';
CREATE FUNCTION

SELECT public.variadic_example(0),
       public.variadic_example(0.0),
       public.variadic_example(VARIADIC array[0.0]);
 variadic_example | variadic_example | variadic_example
------------------+------------------+------------------
                3 |                2 |                1
(1 row)</PRE
><P>

Given the default configuration and only the first function existing, the
first and second calls are insecure.  Any user could intercept them by
creating the second or third function.  By matching the argument type exactly
and using the <TT
CLASS="LITERAL"
>VARIADIC</TT
> keyword, the third call is secure.</P
></DIV
><DIV
CLASS="EXAMPLE"
><A
NAME="AEN25636"
></A
><P
><B
>Example 10-8. Substring Function Type Resolution</B
></P
><P
>There are several <CODE
CLASS="FUNCTION"
>substr</CODE
> functions, one of which
takes types <TT
CLASS="TYPE"
>text</TT
> and <TT
CLASS="TYPE"
>integer</TT
>.  If called
with a string constant of unspecified type, the system chooses the
candidate function that accepts an argument of the preferred category
<TT
CLASS="LITERAL"
>string</TT
> (namely of type <TT
CLASS="TYPE"
>text</TT
>).

</P><PRE
CLASS="SCREEN"
>SELECT substr('1234', 3);

 substr
--------
     34
(1 row)</PRE
><P></P
><P
>If the string is declared to be of type <TT
CLASS="TYPE"
>varchar</TT
>, as might be the case
if it comes from a table, then the parser will try to convert it to become <TT
CLASS="TYPE"
>text</TT
>:
</P><PRE
CLASS="SCREEN"
>SELECT substr(varchar '1234', 3);

 substr
--------
     34
(1 row)</PRE
><P>

This is transformed by the parser to effectively become:
</P><PRE
CLASS="SCREEN"
>SELECT substr(CAST (varchar '1234' AS text), 3);</PRE
><P></P
><P
></P><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
>The parser learns from the <TT
CLASS="STRUCTNAME"
>pg_cast</TT
> catalog that
<TT
CLASS="TYPE"
>text</TT
> and <TT
CLASS="TYPE"
>varchar</TT
>
are binary-compatible, meaning that one can be passed to a function that
accepts the other without doing any physical conversion.  Therefore, no
type conversion call is really inserted in this case.</P
></BLOCKQUOTE
></DIV
><P></P
><P
>And, if the function is called with an argument of type <TT
CLASS="TYPE"
>integer</TT
>,
the parser will try to convert that to <TT
CLASS="TYPE"
>text</TT
>:
</P><PRE
CLASS="SCREEN"
>SELECT substr(1234, 3);
ERROR:  function substr(integer, integer) does not exist
HINT:  No function matches the given name and argument types. You might need
to add explicit type casts.</PRE
><P>

This does not work because <TT
CLASS="TYPE"
>integer</TT
> does not have an implicit cast
to <TT
CLASS="TYPE"
>text</TT
>.  An explicit cast will work, however:
</P><PRE
CLASS="SCREEN"
>SELECT substr(CAST (1234 AS text), 3);

 substr
--------
     34
(1 row)</PRE
><P></P
></DIV
></DIV
><H3
CLASS="FOOTNOTES"
>Notes</H3
><TABLE
BORDER="0"
CLASS="FOOTNOTES"
WIDTH="100%"
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="5%"
><A
NAME="FTN.FUNC-QUALIFIED-SECURITY"
HREF="typeconv-func.html#FUNC-QUALIFIED-SECURITY"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="95%"
><P
>    The hazard does not arise with a non-schema-qualified name, because a
    search path containing schemas that permit untrusted users to create
    objects is not a <A
HREF="ddl-schemas.html#DDL-SCHEMAS-PATTERNS"
>secure schema usage
    pattern</A
>.
   </P
></TD
></TR
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="5%"
><A
NAME="FTN.AEN25590"
HREF="typeconv-func.html#AEN25590"
><SPAN
CLASS="footnote"
>[2]</SPAN
></A
></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="95%"
><P
>    The reason for this step is to support function-style cast specifications
    in cases where there is not an actual cast function.  If there is a cast
    function, it is conventionally named after its output type, and so there
    is no need to have a special case.  See
    <A
HREF="sql-createcast.html"
>CREATE CAST</A
>
    for additional commentary.
   </P
></TD
></TR
></TABLE
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="typeconv-oper.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="typeconv-query.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Operators</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="typeconv.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Value Storage</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional