database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-08 07:21:33 +03:00
Code

ecpg: fix some minor mishandling of bad input in preprocessor.

Browse Source 
Avoid null-pointer crash when considering a cursor declaration
that's outside any C function (a case which is useless anyway).

Ensure a cursor for a prepared statement is marked as initially
not open.  At worst, if we chanced to get not-already-zeroed memory
from malloc(), this oversight would result in failing to issue a
"cursor "foo" has been declared but not opened" warning that would
have been appropriate.

Avoid running off the end of the buffer when there are mismatched
square brackets following a variable name.  This could lead to
SIGSEGV after reaching the end of memory.

Given the lack of field complaints, none of these seem to be worth
back-patching, but let's clean them up in HEAD.

Per valgrind testing by Alexander Lakhin.

Discussion: https://postgr.es/m/5f5bcecd-d7ec-b8c0-6c92-d1a7c6e0f639@gmail.com
This commit is contained in:
Tom Lane 2024-10-16 12:24:57 -04:00
parent 79fa7b3b1a
commit 9b4bf51690
3 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/interfaces/ecpg/preproc/ecpg.header
View File

@ -432,7 +432,8 @@ adjust_outofscope_cursor_vars(struct cursor *cur)
/* This tests whether the cursor was declared and opened in the same function. */ /* This tests whether the cursor was declared and opened in the same function. */
#define SAMEFUNC(cur) \ #define SAMEFUNC(cur) \
((cur->function == NULL) || \ ((cur->function == NULL) || \
(cur->function != NULL && strcmp(cur->function, current_function) == 0)) (cur->function != NULL && current_function != NULL && \
strcmp(cur->function, current_function) == 0))
static struct cursor * static struct cursor *
add_additional_variables(const char *name, bool insert) add_additional_variables(const char *name, bool insert)

1
src/interfaces/ecpg/preproc/ecpg.trailer
View File

@ -433,6 +433,7 @@ ECPGCursorStmt: DECLARE cursor_name cursor_options CURSOR opt_hold FOR prepared_
this->name = mm_strdup(@2); this->name = mm_strdup(@2);
this->function = (current_function ? mm_strdup(current_function) : NULL); this->function = (current_function ? mm_strdup(current_function) : NULL);
this->connection = connection ? mm_strdup(connection) : NULL; this->connection = connection ? mm_strdup(connection) : NULL;
this->opened = false;
this->command = mm_strdup(cat_str(6, "declare", cursor_marker, @3, "cursor", @5, "for $1")); this->command = mm_strdup(cat_str(6, "declare", cursor_marker, @3, "cursor", @5, "for $1"));
this->argsresult = NULL; this->argsresult = NULL;
this->argsresult_oos = NULL; this->argsresult_oos = NULL;

3
src/interfaces/ecpg/preproc/variable.c
View File

@ -216,6 +216,9 @@ find_variable(const char *name)
case ']': case ']':
count--; count--;
break; break;
case '\0':
mmfatal(PARSE_ERROR, "unmatched brace in variable \"%s\"", name);
break;
default: default:
break; break;
} }