| From: | Shruthi Gowda <gowdashru(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all() when connection is NULL |
| Date: | 2026-01-07 18:00:27 |
| Message-ID: | CAASxf_P5f=Frf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g+w@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Dec 8, 2025 at 9:39 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Shruthi Gowda <gowdashru(at)gmail(dot)com> writes:
> > The ECPG application crashes with a segmentation fault when calling
> > specific deallocation or prepared statement functions without an
> > established database connection. This is caused by a missing NULL check
> on
> > the connection handle before attempting to access it.
>
> Hmm ... poking around, I see several other places that aren't checking
> the result of ecpg_get_connection. Shouldn't we tighten them all?
>
> regards, tom lane
>
I agree. I’ve reviewed all occurrences of ecpg_get_connection() and noted
that, in most instances, it is followed by ecpg_init(), which validates the
connection and returns immediately if the connection is NULL.
In a few cases, the caller had already validated the connection. However, I
identified an additional case that lacked this check, so I have revised the
patch to include the missing validation.
Thanks & Regards,
Shruthi K C
EnterpriseDB: http://www.enterprisedb.com
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0001-Add-missing-connection-validation-in-ECPG.patch | application/octet-stream | 2.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Mlodgenski | 2026-01-07 18:30:52 | Re: Support allocating memory for large strings |
| Previous Message | Peter Geoghegan | 2026-01-07 17:54:49 | Re: Fix comments on _bt_skiparray_strat_increment/decrement |