Re: Out-of-bounds (src/backend/utils/misc/queryjumble.c)

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Ranier Vilela <ranier(dot)vf(at)gmail(dot)com>
Cc: Pg Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Out-of-bounds (src/backend/utils/misc/queryjumble.c)
Date: 2021-06-21 17:19:19
Message-ID: 1652632.1624295959@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> writes:
> Per Coverity.
> 3 out-of-bounds at function AppendJumble.

> They have the face, smell and color of typo.
> And we usually increment the character count after a memcpy.

> Coverity no longer complained after the patch.

> Thoughts?

This patch is incorrect on its face, as you would know if you'd
spent even a couple minutes absorbing the comment in that function.

I wonder about Coverity here ... independently of whether the
hash-accumulation logic does what we want, it looks to me like
the proposed change doesn't so much remove a buffer overrun as
create one. It would break the property jumble_len < JUMBLE_SIZE
that the subsequent lines rely on.

Please stop sending us random patches and expecting us to sort
out which ones are valid. You're rapidly approaching the status
of "boy who cried wolf too many times".

regards, tom lane

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Robert Haas 2021-06-21 17:35:42 Re: disfavoring unparameterized nested loops
Previous Message Robert Haas 2021-06-21 17:14:03 Re: disfavoring unparameterized nested loops