| From: | PG Bug reporting form <noreply(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Cc: | sibowu(at)amazon(dot)com |
| Subject: | BUG #19054: Memory exhaustion vulnerability in PostgreSQL array operations leads to server crash |
| Date: | 2025-09-15 20:00:12 |
| Message-ID: | 19054-b3e91211012e644a@postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 19054
Logged by: sibo wu
Email address: sibowu(at)amazon(dot)com
PostgreSQL version: 17.6
Operating system: mac
Description:
PostgreSQL's array implementation can lead to server crashes due to
uncontrolled memory consumption during array operations. When performing
continuous array modifications within a loop, the server eventually exhausts
available memory and crashes, affecting all connected sessions.
psql (17.6)
Type "help" for help.
DO
$$
DECLARE
a_1 text[];
a text;
i bigint default 1;
BEGIN
a := repeat('A',pow(2,29)::int);
while true
loop
a_1[i] := a;
i := i + 1;
END LOOP;
END
$$;
server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.
The connection to the server was lost. Attempting reset: Failed.
!?> quit
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-09-15 20:06:26 | Re: BUG #18959: Name collisions of expression indexes during parallel Index creations on a pratitioned table. |
| Previous Message | Robert Haas | 2025-09-15 18:23:45 | Re: BUG #18959: Name collisions of expression indexes during parallel Index creations on a pratitioned table. |