Quick Links

Re: Fix freeing of dangling IndexScanDesc.xs_hitup in GiST

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Nikita Glukhov <n(dot)gluhov(at)postgrespro(dot)ru>
Cc:	PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Fix freeing of dangling IndexScanDesc.xs_hitup in GiST
Date:	2017-05-04 19:16:40
Message-ID:	25148.1493925400@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Nikita Glukhov <n(dot)gluhov(at)postgrespro(dot)ru> writes:
> In gistrescan() IndexScanDesc.xs_hitup is not reset after MemoryContextReset() of
> so->queueCxt in which xs_hitup was allocated, then getNextNearest() tries to pfree()
> dangling xs_hitup, which results in the reuse of this pointer and the subsequent crash.

Right. I already did something about this, about an hour ago --- a
bit differently from your patch, but same idea.

regards, tom lane

In response to

Fix freeing of dangling IndexScanDesc.xs_hitup in GiST at 2017-05-04 18:46:09 from Nikita Glukhov

Responses

Re: Fix freeing of dangling IndexScanDesc.xs_hitup in GiST at 2017-05-04 19:50:36 from Nikita Glukhov

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2017-05-04 19:49:29	Re: Potential issue with alter system
Previous Message	Tom Lane	2017-05-04 19:14:45	Re: json_agg produces nonstandard json