Quick Links

Re: [PATCH] Avoid potential NULL dereference in LIKE/ILIKE with C locale

From:	Neil Chen <carpenter(dot)nail(dot)cz(at)gmail(dot)com>
To:	Eugeny Goryachev <gorcom2012(at)gmail(dot)com>
Cc:	pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject:	Re: [PATCH] Avoid potential NULL dereference in LIKE/ILIKE with C locale
Date:	2026-01-26 00:41:34
Message-ID:	CAA3qoJkj0QaFhk5vA9vO3xis2dMr2Q4o7963eT2eoVE0XCDf7w@mail.gmail.com
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi Eugeny,

On Fri, Jan 23, 2026 at 5:41 PM Eugeny Goryachev <gorcom2012(at)gmail(dot)com>
wrote:

> Hi hackers,
>
> While reviewing the MatchText function in backend/utils/adt/like_match.c,
> I noticed a potential NULL pointer dereference when using LIKE or ILIKE
> with the C locale.
>
> The issue arises because the locale argument (of type pg_locale_t, which
> is a pointer) can be NULL when the C collation is in use. However, the
> GETCHAR macro unconditionally passes this locale to MATCH_LOWER, which -
> depending on its definition - may attempt to dereference it (e.g., to
> access locale->provider or other fields).
>
> This can lead to a crash in builds or configurations where MATCH_LOWER is
> not safe to call with a NULL locale.
>
> The proposed patch adds an explicit check for locale == NULL in the
> GETCHAR macro and falls back to pg_ascii_tolower() in that case, which is
> both safe and correct for the C locale (since no locale-specific case
> folding is needed).
>
> The change aligns with existing patterns in the codebase (e.g., in
> text_cmp and other collation-aware functions) where NULL locale is
> treated as equivalent to C/POSIX behavior.
>
> Best regards, Eugeny Goryachev.
>
> Patch:
> Subject: [PATCH] Avoid potential NULL dereference in LIKE/ILIKE with C
> locale
>
> ---
> src/backend/utils/adt/like_match.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/backend/utils/adt/like_match.c
> b/src/backend/utils/adt/like_match.c
> index 892f8a745ea..884edc7ff42 100644
> --- a/src/backend/utils/adt/like_match.c
> +++ b/src/backend/utils/adt/like_match.c
> @@ -71,7 +71,8 @@
> */
>
> #ifdef MATCH_LOWER
> -#define GETCHAR(t, locale) MATCH_LOWER(t, locale)
> +#define GETCHAR(t, locale) \
> + ((locale) == 0 ? pg_ascii_tolower((unsigned char)(t)) : MATCH_LOWER(t,
> locale))
> #else
> #define GETCHAR(t, locale) (t)
> #endif
> --
> 2.42.4
>

This issue appears to have already been fixed in commit
1e493158d3d25771ed066028c00cbbdb41573496.
Discussion:
https://postgr.es/m/450ceb6260cad30d7afdf155d991a9caafee7c0d.camel@j-davis.com

In response to

[PATCH] Avoid potential NULL dereference in LIKE/ILIKE with C locale at 2026-01-23 09:41:03 from Eugeny Goryachev

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Mihail Nikalayeu	2026-01-26 01:09:38	Re: Issues with ON CONFLICT UPDATE and REINDEX CONCURRENTLY
Previous Message	Michael Paquier	2026-01-26 00:33:09	Re: Some tests for TOAST, STORAGE MAIN/EXTENDED