| From: | bianpan2016(at)163(dot)com |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Cc: | bianpan2016(at)163(dot)com |
| Subject: | BUG #14929: Unchecked AllocateDir() return value in restoreTwoPhaseData() |
| Date: | 2017-11-27 09:31:07 |
| Message-ID: | 20171127093107.1473.70477@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 14929
Logged by: Pan Bian
Email address: bianpan2016(at)163(dot)com
PostgreSQL version: 10.1
Operating system: Linux
Description:
File: src/backend/access/transam/twophase.c
Function: restoreTwoPhaseData
Line: 1738
AllocateDir() will return a NULL pointer if it fails to open the specified
directory. However, in function restoreTwoPhaseData(), its return value is
not checked. This may result in a NULL pointer dereference when trying to
free it (see line 1759).
For your convenience, I copy and paste related codes as follows:
1732 void
1733 restoreTwoPhaseData(void)
1734 {
1735 DIR *cldir;
1736 struct dirent *clde;
1737
1738 cldir = AllocateDir(TWOPHASE_DIR);
1739 LWLockAcquire(TwoPhaseStateLock, LW_EXCLUSIVE);
1740 while ((clde = ReadDir(cldir, TWOPHASE_DIR)) != NULL)
1741 {
...
1758 LWLockRelease(TwoPhaseStateLock);
1759 FreeDir(cldir);
1760 }
Thank you!
Pan Bian
| From | Date | Subject | |
|---|---|---|---|
| Next Message | bianpan2016 | 2017-11-27 09:36:50 | BUG #14930: Unchecked AllocateDir() return value in SlruScanDirectory() |
| Previous Message | bianpan2016 | 2017-11-27 09:13:41 | BUG #14928: Unchecked SearchSysCacheCopy1() return value |