| From: | SATYANARAYANA NARLAPURAM <satyanarlapuram(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | [PATCH] Fix NULL dereference in subscription REFRESH on concurrent DROP |
| Date: | 2026-05-24 07:57:11 |
| Message-ID: | CAHg+QDcd_o3707Ey8c8b7HkE-t14g8c0tk8ME3ctywDsh3ut8g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi Hackers,
ALTER SUBSCRIPTION ... REFRESH PUBLICATION may crash if a
subscribed table (or sequence) is dropped concurrently.
In check_publications_origin_tables(), the function iterates over
subrel_local_oids without holding locks on the individual relations.
If a table is dropped by another session between when the OID list was
collected and when get_rel_name() is called, it returns NULL. That
NULL is then passed to quote_literal_cstr(), which dereferences it
unconditionally, causing a segfault. The same pattern exists in
check_publications_origin_sequences() as well.
Attached a patch to fix this by doing a null check after get_rel_name() and
get_namespace_name(), and skip the relation if it's gone.
Thanks,
Satya
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-fix-null-deref-in-subscription-refresh-on-concurrent-drop.patch | application/octet-stream | 2.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2026-05-24 08:11:39 | Re: Row pattern recognition |
| Previous Message | ChenhuiMo | 2026-05-24 07:05:41 | Re: [PATCH v4] Make NumericVar storage semantics explicit |