Re: DEREF_AFTER_NULL: src/common/jsonapi.c:2529

On 4/6/26 10:26 AM, Галкин Сергей wrote:
> That seemed plausible to me, since there is a comment just above saying 
> that lex->errormsg can be NULL in shlib code. I also checked 
> PQExpBufferBroken(), and it does handle NULL, but that call is under 
> #ifdef, while the final access to lex->errormsg->data is unconditional.
> 
> I may be missing some invariant here, but it seems worth adding an 
> explicit NULL check. I prepared a corresponding patch and am attaching 
> it below in case you agree that this is a real issue.

The code is correct but a bit confusing. When JSONAPI_USE_PQEXPBUFFER is 
not defined jsonapi_makeStringInfo() will call palloc() which cannot 
return NULL so the NULL check (currently done by PQExpBufferBroken()) is 
only necessary when JSONAPI_USE_PQEXPBUFFER is defined.

If someone has a patch improving readability I would personally before 
merging this since this code feels more complex than it ideally should 
be but adding this noop NULL check to silence a false positive from a 
static analyzer does not seem like an improvement.

-- 
Andreas Karlsson
Percona