From b0cf3c8fe78d070baa51989928fce6e71d8f99ed Mon Sep 17 00:00:00 2001
From: Nathan Bossart <nathan@postgresql.org>
Date: Thu, 14 May 2026 11:42:40 -0500
Subject: [PATCH v3 1/1] refint: Fix seg-fault in check_foreign_key().

While the refint documentation advises marking the primary key
columns NOT NULL, an UPDATE statement that triggered
check_foreign_key(..., 'cascade', ...) and that set a key value to
NULL accidentally worked before commit 260e97733b because sprintf()
inserted "(null)" into the internally-generated SQL statement.
After commit 260e97733b, the new key value is first passed to
quote_literal_cstr(), which seg-faults for a NULL argument.  To
fix, skip quoting when a new key value is NULL and insert "NULL"
instead.

Reported-by: Nikita Kalinin <n.kalinin@postgrespro.ru>
Author: Ayush Tiwari <ayushtiwari.slg01@gmail.com>
Reviewed-by: Pierre Forstmann <pierre.forstmann@gmail.com>
Discussion: https://postgr.es/m/19476-bd04ea6241345303%40postgresql.org
Backpatch-through: 14
---
 contrib/spi/refint.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/spi/refint.c b/contrib/spi/refint.c
index c44c87bcd96..48512a664d2 100644
--- a/contrib/spi/refint.c
+++ b/contrib/spi/refint.c
@@ -487,7 +487,8 @@ check_foreign_key(PG_FUNCTION_ARGS)
 						nv = SPI_getvalue(newtuple, tupdesc, fn);
 
 						appendStringInfo(&sql, " %s = %s ",
-										 args2[k], quote_literal_cstr(nv));
+										 args2[k],
+										 nv ? quote_literal_cstr(nv) : "NULL");
 						if (k < nkeys)
 							appendStringInfoString(&sql, ", ");
 					}
-- 
2.50.1 (Apple Git-155)