git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9c679a0)
Fix out-of-memory handling in ecpglib.
author Tom Lane <tgl@sss.pgh.pa.us>
2020年1月20日 00:15:15 +0000 (19:15 -0500)
committer Tom Lane <tgl@sss.pgh.pa.us>
2020年1月20日 00:15:15 +0000 (19:15 -0500)
ecpg_build_params() would crash on a null pointer dereference if
realloc() failed, due to updating the persistent "stmt" struct
too aggressively. (Even without the crash, this would've leaked
the old storage that we were trying to realloc.)

Per Coverity. This seems to have been broken in commit 0cc050794,
so back-patch into v12.

src/interfaces/ecpg/ecpglib/execute.c patch | blob | blame | history

diff --git a/src/interfaces/ecpg/ecpglib/execute.c b/src/interfaces/ecpg/ecpglib/execute.c
index e261cf916714d7240de10beab1aa35da1d7d5059..59e8e3a8258bc2f804ae7c522b7c5f994741cf2d 100644 (file)
--- a/src/interfaces/ecpg/ecpglib/execute.c
+++ b/src/interfaces/ecpg/ecpglib/execute.c
@@ -1499,26 +1499,37 @@ ecpg_build_params(struct statement *stmt)
}
else
{
- if (!(stmt->paramvalues = (char **) ecpg_realloc(stmt->paramvalues, sizeof(char *) * (stmt->nparams + 1), stmt->lineno)))
+ bool realloc_failed = false;
+ char **newparamvalues;
+ int *newparamlengths;
+ int *newparamformats;
+
+ /* enlarge all the param arrays */
+ if ((newparamvalues = (char **) ecpg_realloc(stmt->paramvalues, sizeof(char *) * (stmt->nparams + 1), stmt->lineno)))
+ stmt->paramvalues = newparamvalues;
+ else
+ realloc_failed = true;
+
+ if ((newparamlengths = (int *) ecpg_realloc(stmt->paramlengths, sizeof(int) * (stmt->nparams + 1), stmt->lineno)))
+ stmt->paramlengths = newparamlengths;
+ else
+ realloc_failed = true;
+
+ if ((newparamformats = (int *) ecpg_realloc(stmt->paramformats, sizeof(int) * (stmt->nparams + 1), stmt->lineno)))
+ stmt->paramformats = newparamformats;
+ else
+ realloc_failed = true;
+
+ if (realloc_failed)
{
ecpg_free_params(stmt, false);
ecpg_free(tobeinserted);
return false;
}
- stmt->paramvalues[stmt->nparams] = tobeinserted;
- if (!(stmt->paramlengths = (int *) ecpg_realloc(stmt->paramlengths, sizeof(int) * (stmt->nparams + 1), stmt->lineno)))
- {
- ecpg_free_params(stmt, false);
- return false;
- }
+ /* only now can we assign ownership of "tobeinserted" to stmt */
+ stmt->paramvalues[stmt->nparams] = tobeinserted;
stmt->paramlengths[stmt->nparams] = binary_length;
-
- if (!(stmt->paramformats = (int *) ecpg_realloc(stmt->paramformats, sizeof(int) * (stmt->nparams + 1), stmt->lineno)))
- {
- ecpg_free_params(stmt, false);
- return false;
- }
stmt->paramformats[stmt->nparams] = (binary_format ? 1 : 0);
stmt->nparams++;
This is the main PostgreSQL git repository.
RSS Atom

AltStyle によって変換されたページ (->オリジナル) /