| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix pfree crash in pg_get_role_ddl() and pg_get_database_ddl(). |
| Date: | 2026-04-14 22:51:08 |
| Message-ID: | E1wCmb6-0010Er-0R@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix pfree crash in pg_get_role_ddl() and pg_get_database_ddl().
DatumGetArrayTypeP() can return a pointer into the tuple when the
datum is stored as a short varlena, so pfree() on the result crashes.
Use DatumGetArrayTypePCopy() to always get a palloc'd copy.
Bug introduced in 76e514ebb4b and a4f774cf1c7.
Reported-by: Jeff Davis <pgsql(at)j-davis(dot)com>
Author: Satya Narlapuram <satya(dot)narlapuram(at)gmail(dot)com>
Discussion: https://postgr.es/m/CAHg+QDdWtv9PKtPZEokwGCNtbv4MVnfYw5wMZrsEj4xizSNe5Q@mail.gmail.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/1f108fc02ece09da5773ece74e25812cb952ebfc
Modified Files
--------------
src/backend/utils/adt/ddlutils.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Guo | 2026-04-15 00:39:30 | pgsql: Fix var_is_nonnullable() to handle invalid NOT NULL constraints |
| Previous Message | Jeff Davis | 2026-04-14 21:48:01 | pgsql: Check for unterminated strings when calling uloc_getLanguage(). |