Re: Use after free? in fe-connect.c:closePGconn

Hi Tom,

> All the callers do, so I don't entirely see your point.
Well, I still confuse...

> The stack traces you show look to me like the fault is probably in
> the caller, ie, calling PQfinish twice on the same "conn".
patch from dbd_pgsql_close function:
275 if (dbd->conn != NULL) {
276 #if defined(DEBUG) && !defined(_WIN32)
277 PQuntrace(dbd->conn);
278 #endif
279 PQfinish(dbd->conn);
280 dbd->conn = NULL;
281 }
282 FREE(dbd);
283 dbd = NULL;

IHMO, the caller of PQfinish can´t call twice.

Best regards,

Ranier

> From: tgl(at)sss(dot)pgh(dot)pa(dot)us
> To: ranier_gyn(at)hotmail(dot)com
> CC: pgsql-bugs(at)postgresql(dot)org
> Subject: Re: [BUGS] Use after free? in fe-connect.c:closePGconn
> Date: Wed, 15 Jun 2016 19:05:53 -0400
>
> Ranier VF <ranier_gyn(at)hotmail(dot)com> writes:
> > In [d:\pginstaller.auto\postgres.windows\src\interfaces\libpq\fe-connect.c,
> > closePGconn(PGconn *conn):
> > Does not check if conn is NULL.
>
> All the callers do, so I don't entirely see your point.
>
> The stack traces you show look to me like the fault is probably in
> the caller, ie, calling PQfinish twice on the same "conn".
>
> regards, tom lane



Livre de vírus. www.avast.com.