mirror of
				https://github.com/postgres/postgres.git
				synced 2025-10-24 01:29:19 +03:00 
			
		
		
		
	Fix use of dangling pointer in heap_delete() when logging replica identity
When logging the replica identity of a deleted tuple, XLOG_HEAP_DELETE records include references of the old tuple. Its data is stored in an intermediate variable used to register this information for the WAL record, but this variable gets away from the stack when the record gets actually inserted. Spotted by clang's AddressSanitizer. Author: Stas Kelvish Discussion: https://postgr.es/m/085C8825-AD86-4E93-AF80-E26CDF03D1EA@postgrespro.ru Backpatch-through: 9.4
This commit is contained in:
		| @@ -3265,6 +3265,7 @@ l1: | |||||||
| 	if (RelationNeedsWAL(relation)) | 	if (RelationNeedsWAL(relation)) | ||||||
| 	{ | 	{ | ||||||
| 		xl_heap_delete xlrec; | 		xl_heap_delete xlrec; | ||||||
|  | 		xl_heap_header xlhdr; | ||||||
| 		XLogRecPtr	recptr; | 		XLogRecPtr	recptr; | ||||||
|  |  | ||||||
| 		/* For logical decode we need combocids to properly decode the catalog */ | 		/* For logical decode we need combocids to properly decode the catalog */ | ||||||
| @@ -3295,8 +3296,6 @@ l1: | |||||||
| 		 */ | 		 */ | ||||||
| 		if (old_key_tuple != NULL) | 		if (old_key_tuple != NULL) | ||||||
| 		{ | 		{ | ||||||
| 			xl_heap_header xlhdr; |  | ||||||
|  |  | ||||||
| 			xlhdr.t_infomask2 = old_key_tuple->t_data->t_infomask2; | 			xlhdr.t_infomask2 = old_key_tuple->t_data->t_infomask2; | ||||||
| 			xlhdr.t_infomask = old_key_tuple->t_data->t_infomask; | 			xlhdr.t_infomask = old_key_tuple->t_data->t_infomask; | ||||||
| 			xlhdr.t_hoff = old_key_tuple->t_data->t_hoff; | 			xlhdr.t_hoff = old_key_tuple->t_data->t_hoff; | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user