From: | Andres Freund <andres(at)anarazel(dot)de> |
---|---|
To: | James Coleman <jtc331(at)gmail(dot)com> |
Cc: | dhyan(at)nataraj(dot)su, pgsql-hackers(at)lists(dot)postgresql(dot)org, Teodor Sigaev <teodor(at)sigaev(dot)ru>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: pageinspect: add tuple_data_record() |
Date: | 2018-10-17 21:08:40 |
Message-ID: | 20181017210840.qtbt7knlnu4mkmvp@alap3.anarazel.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2018-10-17 17:02:20 -0400, James Coleman wrote:
> > There's plenty ways it can go horribly wrong. Let's start with something
> > simple:
> >
> > BEGIN;
> > ALTER TABLE ... ADD COLUMN blarg INT;
> > INSERT ... (blag) VALUES (132467890);
> > ROLLBACK;
> >
> > ALTER TABLE ... ADD COLUMN blarg TEXT;
> >
> > If you now read the table with your function you'll see a dead row that
> > will re-interpret a int datum as a text datum. Which in all likelyhood
> > will crash the server.
> >
>
> That particular case gives this result:
> ERROR: number of attributes in tuple header is greater than number of
> attributes in tuple descriptor
I don't see why you'd get that error, if you re-add a column (with a
different type), as I did above? Obviously the "replacement" column
addition would need to be committed.
> Some more extended monkeying with adding/dropping columns repeatedly
> gave this result:
> ERROR: unexpected end of tuple data
>
> That error (unexpected end of tuple data) should (at least in the non-TOAST
> case)
> prevent the bug of reading beyond the raw tuple data in memory, which would
> be
> the easiest way I could imagine to cause a serious problem.
You don't need to read beyond the end of the data. You just need to do
something like reinterpret types, where the original type looks enough
like a toast header (e.g.) to cause problems.
> Is there a case that could crash outside of a non-primitive type that has
> unsafe data reading code?
Just about anything that's not a fixed length type would be unsafe.
Greetings,
Andres Freund
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2018-10-17 21:16:15 | Re: Perl 5.26 and windows build system |
Previous Message | James Coleman | 2018-10-17 21:02:20 | Re: pageinspect: add tuple_data_record() |