| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Incorrect allocation handling for cryptohash functions with OpenSSL |
| Date: | 2020-12-18 09:35:14 |
| Message-ID: | a0b54087-dd11-d9ea-5e86-3fa478ab341c@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 18/12/2020 09:35, Michael Paquier wrote:
> Hi all,
>
> As of the work done in 87ae9691, I have played with error injections
> in the code paths using this code, but forgot to count for cases where
> cascading resowner cleanups are involved. Like other resources (JIT,
> DSM, etc.), this requires an allocation in TopMemoryContext to make
> sure that nothing gets forgotten or cleaned up on the way until the
> resowner that did the cryptohash allocation is handled.
>
> Attached is a small extension I have played with by doing some error
> injections, and a patch. If there are no objections, I would like to
> commit this fix.
pg_cryptohash_create() is now susceptible to leaking memory in
TopMemoryContext, if the allocations fail. I think the attached should
fix it (but I haven't tested it at all).
BTW, looking at pg_cryptohash_ctx and pg_cryptohash_state, why do we
need two structs? They're both allocated and controlled by the
cryptohash implementation. It would seem simpler to have just one.
- Heikki
| Attachment | Content-Type | Size |
|---|---|---|
| cryptohash-leaks.patch | text/x-patch | 1.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2020-12-18 09:35:50 | Re: Deadlock between backend and recovery may not be detected |
| Previous Message | Heikki Linnakangas | 2020-12-18 08:59:33 | Re: pgbench failed when -f option contains a char '@' |