From: | James Coleman <jtc331(at)gmail(dot)com> |
---|---|
To: | Andres Freund <andres(at)anarazel(dot)de> |
Cc: | dhyan(at)nataraj(dot)su, pgsql-hackers(at)lists(dot)postgresql(dot)org, Teodor Sigaev <teodor(at)sigaev(dot)ru>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: pageinspect: add tuple_data_record() |
Date: | 2018-10-17 21:02:20 |
Message-ID: | CAAaqYe9AD8uiioe1i8k_133sAX_2f+4_5UmJ=YqRH92vYNwX7A@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> There's plenty ways it can go horribly wrong. Let's start with something
> simple:
>
> BEGIN;
> ALTER TABLE ... ADD COLUMN blarg INT;
> INSERT ... (blag) VALUES (132467890);
> ROLLBACK;
>
> ALTER TABLE ... ADD COLUMN blarg TEXT;
>
> If you now read the table with your function you'll see a dead row that
> will re-interpret a int datum as a text datum. Which in all likelyhood
> will crash the server.
>
That particular case gives this result:
ERROR: number of attributes in tuple header is greater than number of
attributes in tuple descriptor
Some more extended monkeying with adding/dropping columns repeatedly
gave this result:
ERROR: unexpected end of tuple data
That error (unexpected end of tuple data) should (at least in the non-TOAST
case)
prevent the bug of reading beyond the raw tuple data in memory, which would
be
the easiest way I could imagine to cause a serious problem.
Is there a case that could crash outside of a non-primitive type that has
unsafe
data reading code?
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2018-10-17 21:08:40 | Re: pageinspect: add tuple_data_record() |
Previous Message | Thomas Munro | 2018-10-17 20:43:14 | Re: DSM robustness failure (was Re: Peripatus/failures) |