Re: pg_ctl -o option dumps core when processing postmaster arguments...

[ CC to patches.]

Yep, that is a bug. Patch attached and applied.

---------------------------------------------------------------------------

Sean Chittenden wrote:
> > Uh, this patch is strange:
> >
> > -#define WHITESPACE "\f\n\r\t\v" /* as defined by
> > isspace() */
> > +#define WHITESPACE "\f\n\r\t\v\0" /* as defined by isspace() */
> >
> > They are processed the same by the backend because every string has a
> > trailing null. I think there must be some other bug that this covers
> > up.
>
> I was thinking that OS-X had its own implementation of isspace() that
> didn't check '\0', but I have no clue what exactly the problem is
> beyond that. All I know is that on line 362 of
> src/bin/pg_ctl/pg_ctl.h, I'm going *way* past the end post_opts in
> test_postmaster_connection(). I stepped through things, and isspace()
> wasn't stopping on '\0' and kept processing some 2M worth of address
> space before it died in some other chunk of code. Like I said, FYI.
>
> 361 /* Advance to next whitespace */
> 362 while (!isspace(*p))
> 363 p++;
>
> I'd send this to -bugs, but I'm trying to figure out why my ISP is now
> in SpamHaus. I'm pretty sure it's because they acquired another
> company a few months ago and ARIN just processed the change of
> ownership for the IP block. RBLs are horrible. -sc
>
> >> The attached space adds '\0' as a whitespace character and prevents
> >> pg_ctl from running out of bounds when processing arguments for -o. I
> >> don't think this ever worked, at least on Mac, but I suspect every
> >> platform suffered from this bug.
> >>
> >> % gdb ./bin/pg_ctl
> >> GNU gdb 5.3-20030128 (Apple version gdb-309) (Thu Dec 4 15:41:30 GMT
> >> 2003)
> >> This GDB was configured as "powerpc-apple-darwin".
> >> Reading symbols for shared libraries ........ done
> >> (gdb) set arg -w -o -F start
> >> (gdb) run
> >> Starting program: /usr/local/pgsql/bin/pg_ctl -w -o -F start
> >> Reading symbols for shared libraries ++.. done
> >> waiting for postmaster to start...
> >> Program received signal EXC_BAD_ACCESS, Could not access memory.
> >> test_postmaster_connection () at pg_ctl.c:363
> >> 363 p++;
> >> (gdb) bt
> >> #0 test_postmaster_connection () at pg_ctl.c:363
> >> #1 0x00003594 in do_start () at pg_ctl.c:539
> >> #2 0x00003594 in do_start () at pg_ctl.c:539
> >> #3 0x00004874 in main (argc=-1610604968, argv=0x0) at pg_ctl.c:1360
> >> (gdb) p *p
> >> $1 = 0 '\0'
> >>
> >> -sc
> >
> > [ Attachment, skipping... ]
> >
> >>
> >> --
> >> Sean Chittenden
> >
> > --
> > Bruce Momjian | http://candle.pha.pa.us
> > pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
> > + If your life is a hard drive, | 13 Roberts Road
> > + Christ can be your backup. | Newtown Square, Pennsylvania
> > 19073
> >
> --
> Sean Chittenden
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073