From: | Heikki Linnakangas <heikki(dot)linnakangas(at)iki(dot)fi> |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Don't get confused if a WAL partial record header has xl_tot_len |
Date: | 2012-08-20 16:59:15 |
Message-ID: | E1T3VJr-0000rX-7H@gemulon.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Don't get confused if a WAL partial record header has xl_tot_len == 0.
If a WAL record header was split across pages, but xl_tot_len was 0, we
would get confused and conclude that we had already read the whole record,
and proceed to CRC check it. That can lead to a crash in RecordIsValid(),
which isn't careful to not read beyond end-of-record, as defined by
xl_tot_len.
Add an explicit sanity check for xl_tot_len <= SizeOfXlogRecord. Also,
make RecordIsValid() more robust by checking in each step that it doesn't
try to access memory beyond end of record, even if a length field in the
record's or a backup block's header is bogus.
Per report and analysis by Tom Lane.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/51fed14d73ed3acd2282b531fb1396877e44e86a
Modified Files
--------------
src/backend/access/transam/xlog.c | 38 +++++++++++++++++++++++++++++++++++-
1 files changed, 36 insertions(+), 2 deletions(-)
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2012-08-20 17:26:05 | pgsql: Fix bugs in contrib/pg_trgm's LIKE pattern analysis code. |
Previous Message | Tom Lane | 2012-08-20 02:56:36 | pgsql: Fix typo in comment. |