| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Avoid crash in estimate_array_length with null root pointer. |
| Date: | 2024-10-09 21:08:00 |
| Message-ID: | E1sydua-00052G-Fq@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Avoid crash in estimate_array_length with null root pointer.
Commit 9391f7152 added a "PlannerInfo *root" parameter to
estimate_array_length, but failed to consider the possibility that
NULL would be passed for that, leading to a null pointer dereference.
We could rectify the particular case shown in the bug report by fixing
simplify_function/inline_function to pass through the root pointer.
However, as long as eval_const_expressions is documented to accept
NULL for root, similar hazards would remain. For now, let's just do
the narrow fix of hardening estimate_array_length to not crash.
Its behavior with NULL root will be the same as it was before
9391f7152, so this is not too awful.
Per report from Fredrik Widlert (via Paul Ramsey). Back-patch to v17
where 9391f7152 came in.
Discussion: https://postgr.es/m/518339E7-173E-45EC-A0FF-9A4A62AA4F40@cleverelephant.ca
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/5a4416192d220410779a4ef6d433e067ba7a7043
Modified Files
--------------
src/backend/optimizer/path/costsize.c | 3 +++
src/backend/utils/adt/selfuncs.c | 5 ++++-
2 files changed, 7 insertions(+), 1 deletion(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2024-10-10 02:58:28 | pgsql: doc PG 17 relnotes: add missing commands for safe search path |
| Previous Message | Michael Paquier | 2024-10-09 09:53:44 | pgsql: Apply GUC name from central table in more places of guc.c |