| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Fix potential memory clobber in tsvector_concat(). |
| Date: | 2011-08-26 20:52:43 |
| Message-ID: | E1Qx3ON-0006JI-Lr@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix potential memory clobber in tsvector_concat().
tsvector_concat() allocated its result workspace using the "conservative"
estimate of the sum of the two input tsvectors' sizes. Unfortunately that
wasn't so conservative as all that, because it supposed that the number of
pad bytes required could not grow. Which it can, as per test case from
Jesper Krogh, if there's a mix of lexemes with positions and lexemes
without them in the input data. The fix is to assume that we might add
a not-previously-present pad byte for each and every lexeme in the two
inputs; which really is conservative, but it doesn't seem worthwhile to
try to be more precise.
This is an aboriginal bug in tsvector_concat, so back-patch to all
versions containing it.
Branch
------
REL8_3_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/dc62704af7c691be383a850ad2c7cbf4f8458571
Modified Files
--------------
src/backend/utils/adt/tsvector_op.c | 36 +++++++++++++++++++++++++++++-----
1 files changed, 30 insertions(+), 6 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2011-08-26 22:15:23 | pgsql: do include files first |
| Previous Message | Tom Lane | 2011-08-26 17:53:34 | pgsql: Clean up weird corner cases in lexing of psql meta-command argum |