| From: | Tender Wang <tndrwang(at)gmail(dot)com> |
|---|---|
| To: | Xuneng Zhou <xunengzhou(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Unsafe access BufferDescriptors array in BufferGetLSNAtomic() |
| Date: | 2025-02-03 14:28:59 |
| Message-ID: | CAHewXNmZQOvHqMgpSYtTmiQ99nBMfx+56VO=-Hc=G3J=e4tEcg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Xuneng Zhou <xunengzhou(at)gmail(dot)com> 于2025年1月8日周三 13:35写道:
> Hi Tender,
>
> I’ve looked through the patch, and I believe there is a potential issue.
> The default size for BufferDescriptors appears to be 16,384. Passing and
> casting a negative buffer ID to a large unsigned integer in
> GetBufferDescriptor, and then using it as an array subscript, could
> potentially lead to an overflow.
>
> void
> BufferManagerShmemInit(void)
> {
> bool foundBufs,
> foundDescs,
> foundIOCV,
> foundBufCkpt;
>
> /* Align descriptors to a cacheline boundary. */
> BufferDescriptors = (BufferDescPadded *)
> ShmemInitStruct("Buffer Descriptors",
> NBuffers *
> sizeof(BufferDescPadded),
> &foundDescs);
>
> int NBuffers = 16384;
>
> The changes proposed in the patch seem reasonable to me, but it might be
> helpful to include an explanation of the error case and how it’s handled.
>
Thanks for reviewing.
The BufferGetLSNAtomic() with this patch looks not complex. I think no
need more explanation here.
> Best regards,
> [Xuneng]
>
> The new status of this patch is: Waiting on Author
>
I change the status to Ready for commiter
--
Thanks,
Tender Wang
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nisha Moond | 2025-02-03 14:33:57 | Re: Introduce XID age and inactive timeout based replication slot invalidation |
| Previous Message | torikoshia | 2025-02-03 13:35:20 | Change log level for notifying hot standby is waiting non-overflowed snapshot |