| From: | PG Bug reporting form <noreply(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Cc: | petrum(at)gmail(dot)com |
| Subject: | BUG #15312: Possible access to unintended variable in "postgres/src/backend/postmaster/pgstat.c" line 2698 |
| Date: | 2018-08-07 10:52:10 |
| Message-ID: | 153363913073.1303.6518849192351268091@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 15312
Logged by: Petru-Florin Mihancea
Email address: petrum(at)gmail(dot)com
PostgreSQL version: Unsupported/Unknown
Operating system: Macosx
Description:
While experimenting with a CodeSonar plugin we develop, we noticed a
potential bug in file "postgres/src/backend/postmaster/pgstat.c" line 2698
function CreateSharedBackendStatus.
/* Create or attach to the shared activity buffer */
BackendActivityBufferSize = mul_size(pgstat_track_activity_query_size,
NumBackendStatSlots);
BackendActivityBuffer = (char *)
ShmemInitStruct("Backend Activity Buffer",
BackendActivityBufferSize,
&found);
if (!found)
{
MemSet(BackendActivityBuffer, 0, size); //HERE
/* Initialize st_activity pointers. */
buffer = BackendActivityBuffer;
for (i = 0; i < NumBackendStatSlots; i++)
{
BackendStatusArray[i].st_activity_raw = buffer;
buffer += pgstat_track_activity_query_size;
}
}
Shouldn't BackendActivityBufferSize be accessed in the marked line instead
of size?
Thanks,
Petru Florin Mihancea
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2018-08-07 11:29:10 | Re: BUG #15310: pg_upgrade dissociates event triggers from extensions |
| Previous Message | PG Bug reporting form | 2018-08-07 09:59:50 | BUG #15311: Incorrect comparison of the empty array with the value of the custom type from the table field |