Quick Links

Re: chr() function leads to OOM / killed connection with 8.1, 8.2

From:	Heikki Linnakangas <heikki(at)enterprisedb(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	wiktor(dot)wodecki(at)Net-m(dot)de, pgsql-bugs(at)postgresql(dot)org
Subject:	Re: chr() function leads to OOM / killed connection with 8.1, 8.2
Date:	2007-07-19 19:17:23
Message-ID:	469FB8C3.7000605@enterprisedb.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

Tom Lane wrote:
> Heikki Linnakangas <heikki(at)enterprisedb(dot)com> writes:
>> FWIW, I can reproduce this with UTF-8, on REL_8_2_STABLE.
>
> I can reproduce an out-of-memory condition (basically, replace() is
> going into an infinite loop because of the invalid input) but I'm
> not seeing any crash.

replace_text reads past the end of source string, byte by byte (or
character by character, not sure), and eventually tries to read from an
invalid address which causes a segfault. It happens here when start_posn
== 367368.

--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com

In response to

Re: chr() function leads to OOM / killed connection with 8.1, 8.2 at 2007-07-19 18:42:54 from Tom Lane

Responses

Re: chr() function leads to OOM / killed connection with 8.1, 8.2 at 2007-07-19 19:48:45 from Tom Lane

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Tom Lane	2007-07-19 19:48:45	Re: chr() function leads to OOM / killed connection with 8.1, 8.2
Previous Message	Tom Lane	2007-07-19 18:42:54	Re: chr() function leads to OOM / killed connection with 8.1, 8.2