bytea to XML crash fix

Поиск
Список
Период
Сортировка
От Michael.McMaster@wrsa.com.au
Тема bytea to XML crash fix
Дата
Msg-id OF338DD7D1.BCD98A23-ON4A2574DD.002633DE-4A2574DD.0027789D@wrsl.com
обсуждение исходный текст
Ответы Re: bytea to XML crash fix  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-hackers
Дерево обсуждения 
I discovered a bug (server crash) with the conversion of bytea types to 
xml with base64 (and hex) encoding. 

The patch against the postgres backend at the end of this email seems to 
resolve the problem.  I've never touched the postgres source before, and 
the patch is simply a copy & paste of code elsewhere in the source-tree 
that makes use of bytea types, so the patch may have nasty side-effects.

Tested using postgresql 8.3.4 on Ubuntu Hardy (x86)

./configure --prefix=/opt/postgres-8.3.4 --with-libxml 
--enable-integer-datetimes
make
sudo make install

sudo -u postgres /opt/postgres-8.3.4/bin/pg_ctl start -D 
/etc/postgresql/8.3/main/

/opt/postgres-8.3.4/bin/psql -U postgres test

create schema test;
create table test.foo (       col1 bytea
);

insert into test.foo VALUES(decode('aGVsbG8gd29ybGQK', 'base64'));

test=# select * from test.foo;     col1 
-----------------hello world\012
(1 row)

test=# select query_to_xml('select col1 from test.foo', false, false, '');
server closed the connection unexpectedly       This probably means the server terminated abnormally       before or
whileprocessing the request.
 
The connection to the server was lost. Attempting reset: Failed.
!>

(Server console output)
2008-10-09 15:09:00 EST LOG:  server process (PID 28662) was terminated by 
signal 11: Segmentation fault
2008-10-09 15:09:00 EST LOG:  terminating any other active server 
processes
2008-10-09 15:09:00 EST FATAL:  the database system is in recovery mode
2008-10-09 15:09:00 EST LOG:  all server processes terminated; 
reinitializing
2008-10-09 15:09:00 EST LOG:  database system was interrupted; last known 
up at 2008-10-09 15:06:19 EST
2008-10-09 15:09:00 EST LOG:  database system was not properly shut down; 
automatic recovery in progress
2008-10-09 15:09:00 EST LOG:  redo starts at 21/F09D8A3C
2008-10-09 15:09:00 EST LOG:  record with zero length at 21/F09FAA3C
2008-10-09 15:09:00 EST LOG:  redo done at 21/F09FAA10
2008-10-09 15:09:00 EST LOG:  last completed transaction was at log time 
2008-10-09 15:08:39.153513+10
2008-10-09 15:09:00 EST LOG:  autovacuum launcher started
2008-10-09 15:09:00 EST LOG:  database system is ready to accept 
connections


(syslog)
Oct  9 15:09:00 tr2g606-lx kernel: [22131.779672] postgres[28662]: 
segfault at 0849a000 eip b7f22019 esp bff1b2d0 error 4

(backtrace)
Program received signal SIGSEGV, Segmentation fault.
0xb7f22019 in xmlTextWriterWriteBase64 () from /usr/lib/libxml2.so.2
(gdb) bt
#0  0xb7f22019 in xmlTextWriterWriteBase64 () from /usr/lib/libxml2.so.2
#1  0x082955a5 in map_sql_value_to_xml_value ()
#2  0x08299184 in xmlelement ()
#3  0x08175311 in ExecEvalXml ()
#4  0x0816f98f in ExecProject ()
#5  0x08175e17 in ExecScan ()
#6  0x08180ec9 in ExecSeqScan ()
#7  0x0816f36d in ExecProcNode ()
#8  0x0816e51b in ExecutorRun ()
#9  0x08205168 in PortalRunSelect ()
#10 0x0820616a in PortalRun ()
#11 0x08201613 in exec_simple_query ()
#12 0x082024fc in PostgresMain ()
#13 0x081d6fd3 in ServerLoop ()
#14 0x081d7c6d in PostmasterMain ()
#15 0x0818f499 in main ()


Index: src/backend/utils/adt/xml.c
===================================================================
RCS file: /projects/cvsroot/pgsql/src/backend/utils/adt/xml.c,v
retrieving revision 1.77
diff -c -r1.77 xml.c
*** src/backend/utils/adt/xml.c 16 Sep 2008 00:49:41 -0000      1.77
--- src/backend/utils/adt/xml.c 9 Oct 2008 06:38:49 -0000
***************
*** 1701,1716 ****                       xmlBufferPtr buf;                       xmlTextWriterPtr writer;
       char       *result;                       xml_init();                       buf = xmlBufferCreate();
         writer = xmlNewTextWriterMemory(buf, 0);                       if (xmlbinary == XMLBINARY_BASE64)
 
!                               xmlTextWriterWriteBase64(writer, 
VARDATA(value), 0, VARSIZE(value) - VARHDRSZ);                       else
!                               xmlTextWriterWriteBinHex(writer, 
VARDATA(value), 0, VARSIZE(value) - VARHDRSZ);                       xmlFreeTextWriter(writer);
result= pstrdup((const char *) 
 
xmlBufferContent(buf));
--- 1701,1722 ----                       xmlBufferPtr buf;                       xmlTextWriterPtr writer;
       char       *result;
 
+                       bytea      *bstr;                       xml_init();                       buf =
xmlBufferCreate();                      writer = xmlNewTextWriterMemory(buf, 0);
 
+                       bstr = DatumGetByteaP(value);
+                        if (xmlbinary == XMLBINARY_BASE64)
!                               xmlTextWriterWriteBase64(writer, 
VARDATA(bstr), 0, VARSIZE(bstr) - VARHDRSZ);                       else
!                               xmlTextWriterWriteBinHex(writer, 
VARDATA(bstr), 0, VARSIZE(bstr) - VARHDRSZ);
! 
!                       if ((Pointer) bstr != DatumGetPointer(value))
!                               pfree(bstr);                       xmlFreeTextWriter(writer);
result= pstrdup((const char *) 
 
xmlBufferContent(buf));

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Matthew Wakeling
Дата:
Сообщение: Re: CREATE DATABASE vs delayed table unlink
Следующее
От: Matthew Wakeling
Дата:
Сообщение: Re: CREATE DATABASE vs delayed table unlink