| From: | "Christopher Dillard" <csdillard(at)gmail(dot)com> |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #6044: Access violation on XML decl with standalone |
| Date: | 2011-05-27 20:02:04 |
| Message-ID: | 201105272002.p4RK24nG040936@wwwmaster.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged online:
Bug reference: 6044
Logged by: Christopher Dillard
Email address: csdillard(at)gmail(dot)com
PostgreSQL version: 8.4.8
Operating system: Windows
Description: Access violation on XML decl with standalone
Details:
Hello,
In PostgreSQL 8.4.8, the function "xml_recv" (in
src/backend/utils/adt/xml.c) calls the function "parse_xml_decl", passing
NULL for the final "standalone" parameter. However, "parse_xml_decl" does
not check for standalone==NULL, and blindly sets "*standalone = 0". This
causes a crash if the xml declaration actually has a standalone parmeter,
e.g. '<?xml version="1.0" standalone="no"?><anything/>'.
I wish I could provide a SQL test case, but I only found this by setting a
breakpoint on the 0xC0000005 exception in Visual Studio. (And it was
closed-source third party software that was interacting with PostgreSQL when
the crash occurred, so I can't attack it from that angle.)
I speculate that the source code in question has something to do with
binding XML parameters to prepared statements or function arguments, but
since that's the first time I'd looked at the PostgreSQL source code, I
couldn't say anything for sure.
Am I interpreting this right? Can someone more knowledgeable provide a SQL
test case?
Thanks!
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexey Klyukin | 2011-05-27 20:43:54 | Re: 9.1 plperlu bug with null rows in trigger hash |
| Previous Message | Mathew Samuel | 2011-05-27 18:26:34 | UTC4115FATAL: the database system is in recovery mode |