| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | anisimow(dot)d(at)gmail(dot)com |
| Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #17816: Invalid memory access in translate function |
| Date: | 2023-03-01 15:46:10 |
| Message-ID: | 1399976.1677685570@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> When running this query in psql with valgrind-enabled server:
> select translate('(123)', '()', '');
> I get:
> ==00:00:00:05.576 29520== Invalid read of size 1
> ==00:00:00:05.576 29520== at 0x7605BE: pg_utf_mblen (wchar.c:553)
> ==00:00:00:05.576 29520== by 0x71CEDE: pg_mblen (mbutils.c:968)
> ==00:00:00:05.576 29520== by 0x67B1E3: translate (oracle_compat.c:864)
Thanks for the report!
> These changes fix the issue:
> for (i = 0; i < from_index; i++)
> {
> if (p >= (to_ptr + tolen))
> break;
> p += pg_mblen(p);
> }
Yeah, I agree, we need to switch the order of those two statements.
Will fix.
(Might be worth pulling out the common subexpression here?
I wonder if all compilers are smart enough to evaluate to_ptr + to_len
just once.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2023-03-01 16:35:29 | Re: BUG #17812: LOCK TABLE IN ACCESS EXCLUSIVE MODE with a view returns an empty tuple set |
| Previous Message | Tom Lane | 2023-03-01 15:22:53 | Re: BUG #17812: LOCK TABLE IN ACCESS EXCLUSIVE MODE with a view returns an empty tuple set |