transformJsonArrayQueryConstructor() applied transformStmt() to
the same subquery tree twice. While this causes no issue in many
cases, there are some where it causes a coredump, thanks to the
parser's habit of scribbling on its input.
Fix by making a copy before the first transformation (compare
0f43083d1). This is quite brute-force, but then so is the
whole business of transforming the input twice. Per discussion
in the bug thread, this implementation of json_array() parsing
should be replaced completely. But that will take some work
and will surely not be back-patchable, so for the moment let's
take the easy way out.
Oversight in
7081ac46a. Back-patch to v16 where that came in.
Bug: #18877
Reported-by: Yu Liang <[email protected]>
Author: Tom Lane <
[email protected]>
Discussion: https://postgr.es/m/18877-
c3c3ad75845833bb@postgresql.org
Backpatch-through: 16
/* Transform query only for counting target list entries. */
qpstate = make_parsestate(pstate);
- query = transformStmt(qpstate, ctor->query);
+ query = transformStmt(qpstate, copyObject(ctor->query));
if (count_nonjunk_tlist_entries(query->targetList) != 1)
ereport(ERROR,
[1, 2, 3]
(1 row)
+SELECT JSON_ARRAY(WITH x AS (SELECT 1) VALUES (TRUE));
+ json_array
+------------
+ [true]
+(1 row)
+
-- Should fail
SELECT JSON_ARRAY(SELECT FROM (VALUES (1)) foo(i));
ERROR: subquery must return only one column
--SELECT JSON_ARRAY(SELECT i FROM (VALUES (NULL::int[]), ('{1,2}'), (NULL), (NULL), ('{3,4}'), (NULL)) foo(i) NULL ON NULL);
--SELECT JSON_ARRAY(SELECT i FROM (VALUES (NULL::int[]), ('{1,2}'), (NULL), (NULL), ('{3,4}'), (NULL)) foo(i) NULL ON NULL RETURNING jsonb);
SELECT JSON_ARRAY(SELECT i FROM (VALUES (3), (1), (NULL), (2)) foo(i) ORDER BY i);
+SELECT JSON_ARRAY(WITH x AS (SELECT 1) VALUES (TRUE));
+
-- Should fail
SELECT JSON_ARRAY(SELECT FROM (VALUES (1)) foo(i));
SELECT JSON_ARRAY(SELECT i, i FROM (VALUES (1)) foo(i));