| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Be more wary of corrupt data in pageinspect's heap_page_items(). |
| Date: | 2025-04-19 20:37:58 |
| Message-ID: | E1u6Ewo-000qPl-1S@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Be more wary of corrupt data in pageinspect's heap_page_items().
The original intent in heap_page_items() was to return nulls, not
throw an error or crash, if an item was sufficiently corrupt that
we couldn't safely extract data from it. However, commit d6061f83a
utterly missed that memo, and not only put in an un-length-checked
copy of the tuple's data section, but also managed to break the check
on sane nulls-bitmap length. Either mistake could possibly lead to
a SIGSEGV crash if the tuple is corrupt.
Bug: #18896
Reported-by: Dmitry Kovalenko <d(dot)kovalenko(at)postgrespro(dot)ru>
Author: Dmitry Kovalenko <d(dot)kovalenko(at)postgrespro(dot)ru>
Reviewed-by: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Discussion: https://postgr.es/m/18896-add267b8e06663e3@postgresql.org
Backpatch-through: 13
Branch
------
REL_16_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/2d33cf7b8b699ea0158e27f3b8182b0731f6273b
Modified Files
--------------
contrib/pageinspect/heapfuncs.c | 45 ++++++++++++++++++++++++-----------------
1 file changed, 27 insertions(+), 18 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2025-04-19 23:16:24 | pgsql: psql: Fix incorrect status code returned by \getresults |
| Previous Message | Michael Paquier | 2025-04-19 10:20:45 | pgsql: Fix typos and grammar in the code |