Quick Links

BUG #8552: NEGATIVE_RETURNS in contrib/pageinspect/rawpage.c:83

From:	jmlich(at)redhat(dot)com
To:	pgsql-bugs(at)postgresql(dot)org
Subject:	BUG #8552: NEGATIVE_RETURNS in contrib/pageinspect/rawpage.c:83
Date:	2013-10-24 09:41:23
Message-ID:	E1VZHPv-0007u5-VU@wrigleys.postgresql.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

The following bug has been logged on the website:

Bug reference: 8552
Logged by: Jozef Mlich
Email address: jmlich(at)redhat(dot)com
PostgreSQL version: 9.2.5
Operating system: any
Description:

NEGATIVE_RETURNS in contrib/pageinspect/rawpage.c:83

Dear postgresql mainainers,

I was testing the postgresql using coverity scan tool. It reports following
problem:

1. postgresql-9.2.5/contrib/pageinspect/rawpage.c:81:negative_return_fn –
Function "forkname_to_number(text_to_cstring(forkname))" returns a negative
number.
15.
postgresql-9.2.5/src/backend/catalog/catalog.c:79:2:return_negative_constant
– Explicitly returning negative value "InvalidForkNumber".
16. postgresql-9.2.5/contrib/pageinspect/rawpage.c:81:var_assign –
Assigning: signed variable "forknum" = "forkname_to_number(char *)".
17. postgresql-9.2.5/contrib/pageinspect/rawpage.c:83:negative_returns –
Passing variable "forknum" to a parameter that cannot be negative.
30. postgresql-9.2.5/contrib/pageinspect/rawpage.c:146:2:index – Function
"ReadBufferExtended(Relation, ForkNumber, BlockNumber, ReadBufferMode,
BufferAccessStrategy)" uses "forknum" as an array index.
36. postgresql-9.2.5/src/backend/storage/buffer/bufmgr.c:248:2:index –
Function "ReadBuffer_common(SMgrRelation, char, ForkNumber, BlockNumber,
ReadBufferMode, BufferAccessStrategy, bool *)" uses "forkNum" as an array
index.
51. postgresql-9.2.5/src/backend/storage/buffer/bufmgr.c:377:4:index –
Function "relpathbackend(RelFileNode, BackendId, ForkNumber)" uses "forkNum"
as an array index.
54. postgresql-9.2.5/src/backend/catalog/catalog.c:131:4:index – Indexing
"forkNames" with "forknum".

In my opinion it worth to fix. I am not sure how to do it as I am not very
familiar with postgresql source code. I suggest to add assert into
relpathbackend in calalog.c or to add condition into rawpage.c. In case it
is not a bug, I would appreciate short explanation.

(1)
$ diff postgresql-9.2.5/src/backend/catalog/catalog.c.orig
postgresql-9.2.5/src/backend/catalog/catalog.c
122a123,124
> Assert(forknum == InvalidForkNumber);
>

(2)
$ diff postgresql-9.2.5/contrib/pageinspect/rawpage.c.orig
postgresql-9.2.5/contrib/pageinspect/rawpage.c
82a83,87
> if (forknum == InvalidForkNumber)
> {
> foo() // FIXME
> }
>

--
regards,
Jozef Mlich

Responses

Re: BUG #8552: NEGATIVE_RETURNS in contrib/pageinspect/rawpage.c:83 at 2013-10-24 11:39:40 from Haribabu kommi

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Haribabu kommi	2013-10-24 11:39:40	Re: BUG #8552: NEGATIVE_RETURNS in contrib/pageinspect/rawpage.c:83
Previous Message	Frank van Vugt	2013-10-24 09:12:43	Re: array_agg() on a set larger than some arbitrary(?) limit causes runaway memory usage and eventually memory exhaustion