| From: | David Rowley <drowley(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix List memory issue in transformColumnDefinition |
| Date: | 2023-03-30 23:16:01 |
| Message-ID: | E1pi1Ut-000Xlr-Od@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix List memory issue in transformColumnDefinition
When calling generateSerialExtraStmts(), we would pass in the
constraint->options. In some cases, generateSerialExtraStmts() would
modify the referenced List to remove elements from it, but doing so is
invalid without assigning the list back to all variables that point to it.
In the particular reported problem case, the List became empty, in which
cases it became NIL, but the passed in constraint->options didn't get to
find out about that and was left pointing to free'd memory.
To fix this, just perform a list_copy() inside generateSerialExtraStmts().
We could just do a list_copy() just before we perform the delete from the
list, however, that seems less robust. Let's make sure the generated
CreateSeqStmt gets a completely different copy of the list to be safe.
Bug: #17879
Reported-by: Fei Changhong
Diagnosed-by: Fei Changhong
Discussion: https://postgr.es/m/17879-b7dfb5debee58ff5@postgresql.org
Backpatch-through: 11, all supported versions
Branch
------
REL_11_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/07554c99dfdbba7809b73e8028cf8a9f5cbfa36f
Modified Files
--------------
src/backend/parser/parse_utilcmd.c | 3 +++
1 file changed, 3 insertions(+)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2023-03-31 02:38:23 | pgsql: Track shared buffer hits in pg_stat_io |
| Previous Message | David Rowley | 2023-03-30 23:15:27 | pgsql: Fix List memory issue in transformColumnDefinition |