| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Fix two violations of the ResourceOwnerEnlarge/Remember protocol |
| Date: | 2017-11-08 21:53:17 |
| Message-ID: | E1eCYHd-0006vd-1r@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix two violations of the ResourceOwnerEnlarge/Remember protocol.
The point of having separate ResourceOwnerEnlargeFoo and
ResourceOwnerRememberFoo functions is so that resource allocation
can happen in between. Doing it in some other order is just wrong.
OpenTemporaryFile() did open(), enlarge, remember, which would leak the
open file if the enlarge step ran out of memory. Because fd.c has its own
layer of resource-remembering, the consequences look like they'd be limited
to an intratransaction FD leak, but it's still not good.
IncrBufferRefCount() did enlarge, remember, incr-refcount, which would blow
up if the incr-refcount step ever failed. It was safe enough when written,
but since the introduction of PrivateRefCountHash, I think the assumption
that no error could happen there is pretty shaky.
The odds of real problems from either bug are probably small, but still,
back-patch to supported branches.
Thomas Munro and Tom Lane, per a comment from Andres Freund
Branch
------
REL9_3_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/13492fcf9bb1a25034db3e5ec200a999b1efc371
Modified Files
--------------
src/backend/storage/buffer/bufmgr.c | 2 +-
src/backend/storage/file/fd.c | 10 ++++++++--
2 files changed, 9 insertions(+), 3 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-11-08 22:21:07 | pgsql: Doc: fix erroneous example. |
| Previous Message | Peter Eisentraut | 2017-11-08 16:44:49 | pgsql: Change TRUE/FALSE to true/false |