Describe the bug
pg_graphql crashes a PostgreSQL backend process (SIGABRT / signal 6) when a GraphQL filter passes a non-numeric string to a BigInt field.
Instead of returning a GraphQL validation/coercion error, the backend process is terminated while running:
SELECT graphql.resolve($1, $2, $3)
After that, Postgres restarts and clients see recovery/pool errors
To Reproduce
- Ensure a GraphQL-exposed type has a
BIGINT column (in our case this is version).
- Run this GraphQL operation through
graphql.resolve:
query GetJobDetails($definitionFilter: jobDefinitionViewFilter, $runtimeFilter: jobsViewFilter) {
jobDefinitionViewCollection(filter: $definitionFilter) {
edges {
node {
id
version
displayName
}
}
}
jobsViewCollection(filter: $runtimeFilter, first: 1) {
edges {
node {
state
}
}
}
}
- Use variables where the
BigInt-typed filter value is not numeric:
{
"definitionFilter": {
"environment": { "eq": "dev" },
"name": { "eq": "job-name" },
"version": { "eq": "not-an-int" }
},
"runtimeFilter": {
"environment": { "eq": "dev" },
"name": { "eq": "job-name" }
}
}
- Observe PostgreSQL logs:
client backend ... was terminated by signal 6: AbortedFailed process was running: SELECT graphql.resolve($1, $2, $3)- followed by recovery mode and pooler login failures.
Expected behavior
A clear and concise description of what you expected to happen.
The invalid BigInt input should return a normal GraphQL/SQL error (similar to invalid input syntax for type bigint) and should not crash the backend process.
Screenshots
If applicable, add screenshots to help explain your problem.
Versions:
- PostgreSQL:
PostgreSQL 18.1 on aarch64-unknown-linux-musl, compiled by gcc (Alpine 15.2.0) 15.2.0, 64-bit
- pg_graphql commit ref: unknown in packaged build (extension version is
1.5.12)
Additional context
- Plain Postgres cast handles this correctly without crashing:
SELECT 'not-an-int'::bigint; -> ERROR: invalid input syntax for type bigint: "not-an-int"
- The crash appears specific to the
graphql.resolve path.
- Observed app-side error after crash:
Lost connection to the database server.
Security
If you beleive you have identified a security vulnerability in pg_graphql, please follow the instructions at security.txt and wait for a response before opening a GitHub issue.
Describe the bug
pg_graphqlcrashes a PostgreSQL backend process (SIGABRT/signal 6) when a GraphQL filter passes a non-numeric string to aBigIntfield.Instead of returning a GraphQL validation/coercion error, the backend process is terminated while running:
SELECT graphql.resolve($1, $2, $3)After that, Postgres restarts and clients see recovery/pool errors
To Reproduce
BIGINTcolumn (in our case this isversion).graphql.resolve:BigInt-typed filter value is not numeric:{ "definitionFilter": { "environment": { "eq": "dev" }, "name": { "eq": "job-name" }, "version": { "eq": "not-an-int" } }, "runtimeFilter": { "environment": { "eq": "dev" }, "name": { "eq": "job-name" } } }client backend ... was terminated by signal 6: AbortedFailed process was running: SELECT graphql.resolve($1, $2, $3)Expected behavior
A clear and concise description of what you expected to happen.
The invalid
BigIntinput should return a normal GraphQL/SQL error (similar toinvalid input syntax for type bigint) and should not crash the backend process.Screenshots
If applicable, add screenshots to help explain your problem.
Versions:
PostgreSQL 18.1 on aarch64-unknown-linux-musl, compiled by gcc (Alpine 15.2.0) 15.2.0, 64-bit1.5.12)Additional context
SELECT 'not-an-int'::bigint;->ERROR: invalid input syntax for type bigint: "not-an-int"graphql.resolvepath.Lost connection to the database server.Security
If you beleive you have identified a security vulnerability in pg_graphql, please follow the instructions at security.txt and wait for a response before opening a GitHub issue.