Lack of Sanity Checking in file 'pctcl.c' for PostgreSQL 9.4.x

Поиск
Список
Период
Сортировка
От Bill Parker
Тема Lack of Sanity Checking in file 'pctcl.c' for PostgreSQL 9.4.x
Дата
Msg-id CAFrbyQwyLDYXfBOhPfoBGqnvuZO_Y90YgqFM11T2jvnxjLFmqw@mail.gmail.com
обсуждение исходный текст
Ответы Re: Lack of Sanity Checking in file 'pctcl.c' for PostgreSQL 9.4.x  (Michael Paquier <michael.paquier@gmail.com>)
Список pgsql-bugs
Дерево обсуждения
============================================================================
                        POSTGRESQL BUG REPORT TEMPLATE
============================================================================

Your name               : Bill Parker
Your email address      : wp02855 at gmail dot com

System Configuration:
---------------------
  Architecture (example: Intel Pentium)         :  x86/x86-64/AMD

  Operating System (example: Linux 2.4.18)      :  Linux 3.11.6-4

  PostgreSQL version (example: PostgreSQL 9.4.3):  PostgreSQL 9.4.x

  Compiler used (example: gcc 3.3.5)            :  gcc version 4.8.1

Please enter a FULL description of your problem:
------------------------------------------------

Hello All,

   In reviewing some code, in directory 'postgresql-9.4.3/src/pl/tcl',
file 'pltcl.c', there are several instances where calls to malloc()
are made, but no check for a return value of NULL is made, which
would indicate failure.   Additionally, it appears when malloc()
returns NULL, previously allocated memory in function 'perm_fmgr_info'
is not released, which could lead to memory leaks (even though the
comment at the top says 'this routine is a crock' :)

If you know how this problem might be fixed, list the solution below:
---------------------------------------------------------------------

The patch file below addresses these issues:

--- pltcl.c.orig        2015-06-11 08:41:24.316077095 -0700
+++ pltcl.c     2015-06-11 08:48:49.186617853 -0700
@@ -2136,11 +2136,28 @@
         * Allocate the new querydesc structure
         ************************************************************/
        qdesc = (pltcl_query_desc *) malloc(sizeof(pltcl_query_desc));
+       if (qdesc == NULL)
+           ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of memory")));
        snprintf(qdesc->qname, sizeof(qdesc->qname), "%p", qdesc);
        qdesc->nargs = nargs;
        qdesc->argtypes = (Oid *) malloc(nargs * sizeof(Oid));
+       if (qdesc->argtypes == NULL) {
+           free(qdesc);
+           ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of memory")));
+       }
        qdesc->arginfuncs = (FmgrInfo *) malloc(nargs * sizeof(FmgrInfo));
+       if (qdesc->arginfuncs == NULL) {
+           free(qdesc->argtypes);
+           free(qdesc);
+           ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of memory")));
+       }
        qdesc->argtypioparams = (Oid *) malloc(nargs * sizeof(Oid));
+       if (qdesc->argtypioparams == NULL) {
+           free(qdesc->inargfuncs);
+           free(qdesc->argtypes);
+           free(qdesc);
+       }
+           ereport(ERROR, ((errcode(ERRCODE_OUT_OF_MEMORY), errmsg("out of memory")));
 
        /************************************************************
         * Execute the prepare inside a sub-transaction, so we can cope with
         
Please feel free to review and comment on the above patch file...

I am attaching the patch file to this bug report

Bill Parker (wp02855 at gmail dot com)

Вложения

В списке pgsql-bugs по дате отправления:

Предыдущее
От: pradit.mix-it@outlook.com
Дата:
Сообщение: BUG #13431: install readline not complete
Следующее
От: Bill Parker
Дата:
Сообщение: Lack of Sanity Checking in file 'misc.c' for PostgreSQL 9.4.x