| From: | Bill Parker <wp02855(at)gmail(dot)com> |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Lack of Sanity Checking in file 'pctcl.c' for PostgreSQL 9.4.x |
| Date: | 2015-06-11 19:22:41 |
| Message-ID: | CAFrbyQwyLDYXfBOhPfoBGqnvuZO_Y90YgqFM11T2jvnxjLFmqw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
============================================================================
POSTGRESQL BUG REPORT TEMPLATE
============================================================================
Your name : Bill Parker
Your email address : wp02855 at gmail dot com
System Configuration:
---------------------
Architecture (example: Intel Pentium) : x86/x86-64/AMD
Operating System (example: Linux 2.4.18) : Linux 3.11.6-4
PostgreSQL version (example: PostgreSQL 9.4.3): PostgreSQL 9.4.x
Compiler used (example: gcc 3.3.5) : gcc version 4.8.1
Please enter a FULL description of your problem:
------------------------------------------------
Hello All,
In reviewing some code, in directory 'postgresql-9.4.3/src/pl/tcl',
file 'pltcl.c', there are several instances where calls to malloc()
are made, but no check for a return value of NULL is made, which
would indicate failure. Additionally, it appears when malloc()
returns NULL, previously allocated memory in function 'perm_fmgr_info'
is not released, which could lead to memory leaks (even though the
comment at the top says 'this routine is a crock' :)
If you know how this problem might be fixed, list the solution below:
---------------------------------------------------------------------
The patch file below addresses these issues:
--- pltcl.c.orig 2015-06-11 08:41:24.316077095 -0700
+++ pltcl.c 2015-06-11 08:48:49.186617853 -0700
@@ -2136,11 +2136,28 @@
* Allocate the new querydesc structure
************************************************************/
qdesc = (pltcl_query_desc *) malloc(sizeof(pltcl_query_desc));
+ if (qdesc == NULL)
+ ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of
memory")));
snprintf(qdesc->qname, sizeof(qdesc->qname), "%p", qdesc);
qdesc->nargs = nargs;
qdesc->argtypes = (Oid *) malloc(nargs * sizeof(Oid));
+ if (qdesc->argtypes == NULL) {
+ free(qdesc);
+ ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of
memory")));
+ }
qdesc->arginfuncs = (FmgrInfo *) malloc(nargs * sizeof(FmgrInfo));
+ if (qdesc->arginfuncs == NULL) {
+ free(qdesc->argtypes);
+ free(qdesc);
+ ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of
memory")));
+ }
qdesc->argtypioparams = (Oid *) malloc(nargs * sizeof(Oid));
+ if (qdesc->argtypioparams == NULL) {
+ free(qdesc->inargfuncs);
+ free(qdesc->argtypes);
+ free(qdesc);
+ }
+ ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of
memory")));
/************************************************************
* Execute the prepare inside a sub-transaction, so we can cope with
Please feel free to review and comment on the above patch file...
I am attaching the patch file to this bug report
Bill Parker (wp02855 at gmail dot com)
| Attachment | Content-Type | Size |
|---|---|---|
| pltcl.c.patch | application/octet-stream | 1.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Venkata Balaji N | 2015-06-12 00:12:01 | Re: BUG #13431: install readline not complete |
| Previous Message | Bill Parker | 2015-06-11 19:11:37 | Lack of Sanity Checking in file 'misc.c' for PostgreSQL 9.4.x |