Re: BUG #17300: Server crashes on deserializing text multirange

On Sat, Dec 11, 2021 at 4:48 AM Alexander Korotkov <aekorotkov(at)gmail(dot)com> wrote:
> On Mon, Dec 6, 2021 at 10:39 PM Alexander Korotkov <aekorotkov(at)gmail(dot)com> wrote:
> > On Thu, Dec 2, 2021 at 1:39 AM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> > > PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> > > > The following query:
> > >
> > > > select ('[\"\\\\\",\"\\\\' || repeat('a', 200) ||
> > > > '\"]')::textrange::textmultirange
> > >
> > > > leads to the server crash with the following stacktrace:
> > >
> > > I think the problem here is that the range bound values inside the
> > > multirange are supposed to be aligned (at least, write_multirange_data
> > > thinks so) but multirange_get_range isn't accounting for the alignment
> > > padding between the two values it extracts. In this example that
> > > causes it to extract an insane length for the second value.
> > >
> > > If so, this would indicate extremely slipshod testing of the multirange
> > > stuff, because the breakage is necessarily reached by multirange_out.
> >
> > Sorry for the delay. I'm going to fix this in the next couple of days.
>
> The proposed patch fixes the patch (and adds some minimal testing for
> it). I'm going to push it if no objections (backpatch to v14).

Pushed!

------
Regards,
Alexander Korotkov