| From: | SATYANARAYANA NARLAPURAM <satyanarlapuram(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Cc: | jian he <jian(dot)universality(at)gmail(dot)com> |
| Subject: | COPY FROM ON_ERROR SET_NULL bypasses domain NOT NULL with partial column list |
| Date: | 2026-04-16 17:09:40 |
| Message-ID: | CAHg+QDdej0c0gWJi2FnbirzhgzyZNPiTwC1P5B_-dSNCzq-91A@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
HI hackers,
domain_with_constraint[] was allocated with list_length(attnumlist)
elements and indexed sequentially via foreach_current_index(), but
copyfromparse.c accesses it via attnum - 1 (physical attribute index).
With a partial column list targeting high-numbered columns, this caused
an out-of-bounds read that bypassed domain NOT NULL checks, silently
inserting NULL into NOT NULL domain columns.
Fix by allocating with num_phys_attrs and indexing by attnum - 1,
consistent with all other per-column arrays in BeginCopyFrom().
Patch is attached, and added a new test case to cover this scenario.
Repro:
CREATE DOMAIN d_notnull_int AS int NOT NULL;
CREATE TABLE t (
c1 text, c2 text, c3 text, c4 text, c5 text,
c6 text, c7 text, c8 text, c9 text,
c10 d_notnull_int
);
COPY t(c1, c10) FROM stdin WITH (on_error set_null);
hello bad
\.
SELECT c10 IS NULL FROM t;
Thanks,
Satya
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Fix-COPY-FROM-ON_ERROR-SET_NULL-OOB-read-with-partia.patch | application/octet-stream | 5.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2026-04-16 17:30:51 | Re: Reduce build times of pg_trgm GIN indexes |
| Previous Message | Fujii Masao | 2026-04-16 17:09:32 | Re: Fix tab completion after EXCEPT (...) in IMPORT FOREIGN SCHEMA |