| From: | Daniil Davydov <3danissimo(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | [BUG] Possible occurrence of segfault in ecpg test |
| Date: | 2024-12-10 05:45:15 |
| Message-ID: | CAJDiXgiytSwgU4FLscNXwvz7tp1Qi75utMHhPKNkmy7mnOpAaA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
The src/interfaces/ecpg/test/sql/bytea.pgc file contains the following code :
***
init();
exec sql truncate test;
exec sql insert into test values(:send_buf[0], :send_buf[1]);
exec sql insert into test values(:send_buf[0], :send_buf[1]);
exec sql select data1 into :recv_vlen_buf from test;
dump_binary(recv_vlen_buf[0].arr, recv_vlen_buf[0].len, 0);
dump_binary(recv_vlen_buf[1].arr, recv_vlen_buf[1].len, 0);
free(recv_vlen_buf);
***
recv_vlen_buf is initialized in the following way :
***
bytea recv_vlen_buf[][DATA_SIZE];
recv_vlen_buf = NULL
***
Thus, if the program behaves in an unexpected way and the transaction
is aborted before it executes the
"select data1 into :recv_vlen_buf from test" query, dump_binary will
refer to a null pointer. So, instead of an error
message, the user will see a segfault.
I think that in all such cases it is worth adding some checks into
.pgc and .c files (like in attached patch)
--
Best regards,
Daniil Davydov
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Fix-refer-to-a-null-pointer.patch | text/x-patch | 30.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kirill Reshke | 2024-12-10 05:47:46 | Re: WARNING: missing lock on database "postgres" (OID 5) @ TID (0,4) |
| Previous Message | Kirill Reshke | 2024-12-10 05:45:00 | Re: WARNING: missing lock on database "postgres" (OID 5) @ TID (0,4) |