From: | Michael Paquier <michael(at)paquier(dot)xyz> |
---|---|
To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
Cc: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, alvherre(at)alvh(dot)no-ip(dot)org |
Subject: | Re: Support json_errdetail in FRONTEND builds |
Date: | 2024-03-15 00:10:01 |
Message-ID: | ZfOR2f6jbCZjBVoS@paquier.xyz |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, Mar 14, 2024 at 10:56:46AM +0100, Daniel Gustafsson wrote:
> + /* don't allow destroys of read-only StringInfos */
> + Assert(str->maxlen != 0);
> Considering that StringInfo.c don't own the memory here I think it's warranted
> to turn this assert into an elog() to avoid the risk of use-after-free bugs.
Hmm. I am not sure how much protection this would offer, TBH. One
thing that I find annoying with common/stringinfo.c as it is currently
is that we have two exit() calls in the enlarge path, and it does not
seem wise to me to spread that even more.
My last argument sounds like a nit for HEAD knowing that this does not
impact libpq that has its own pqexpbuffer.c to avoid issues with
palloc, elog and exit, but that could be a problem if OAuth relies
more on these code paths in libpq.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Thomas Munro | 2024-03-15 00:54:38 | Re: broken JIT support on Fedora 40 |
Previous Message | Thomas Munro | 2024-03-14 23:44:45 | Re: broken JIT support on Fedora 40 |