Обсуждение: BUG #6700: Potential Bug in numeric.c

Поиск
Список
Период
Сортировка

BUG #6700: Potential Bug in numeric.c

От
msrbugzilla@gmail.com
Дата:
The following bug has been logged on the website:

Bug reference:      6700
Logged by:          Ken Cheung
Email address:      msrbugzilla@gmail.com
PostgreSQL version: Unsupported/Unknown
Operating system:   Linux
Description:=20=20=20=20=20=20=20=20

I observed a code clone in the following files. In the function
PGTYPESnumeric_copy, the variable dst is ensured to be not NULL before
passing to zero_var(). However, the function PGTYPESnumeric_from_decimal
does not perform this checking. It will cause an exception when dst is NULL
and passed to zero_var().

function : PGTYPESnumeric_copy @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1476)~1491
    if (dst =3D=3D NULL)
        return -1;
    zero_var(dst);

    dst->weight =3D src->weight;
    dst->rscale =3D src->rscale;
    dst->dscale =3D src->dscale;
    dst->sign =3D src->sign;

    if (alloc_var(dst, src->ndigits) !=3D 0)
        return -1;

    for (i =3D 0; i < src->ndigits; i++)
        dst->digits[i] =3D src->digits[i];

    return 0;

function : PGTYPESnumeric_from_decimal @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1650)~1663
    zero_var(dst);

    dst->weight =3D src->weight;
    dst->rscale =3D src->rscale;
    dst->dscale =3D src->dscale;
    dst->sign =3D src->sign;

    if (alloc_var(dst, src->ndigits) !=3D 0)
        return -1;

    for (i =3D 0; i < src->ndigits; i++)
        dst->digits[i] =3D src->digits[i];

    return 0;

Re: BUG #6700: Potential Bug in numeric.c

От
Michael Meskes
Дата:
On Wed, Jun 20, 2012 at 05:53:14AM +0000, msrbugzilla@gmail.com wrote:
> I observed a code clone in the following files. In the function
> PGTYPESnumeric_copy, the variable dst is ensured to be not NULL before
> passing to zero_var(). However, the function PGTYPESnumeric_from_decimal
> does not perform this checking. It will cause an exception when dst is NU=
LL
> and passed to zero_var().

To be honest most of the functions do not check if the parameters are indeed
set. Of course we could easily add the chekc for variable !=3D NULL but that
doesn't ensure that variable points to a valid numeric datatype. Suggestion=
s?

Michael
--=20
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org
Jabber: michael.meskes at googlemail dot com
VfL Borussia! For=C3=A7a Bar=C3=A7a! Go SF 49ers! Use Debian GNU/Linux, Pos=
tgreSQL