NotificationsYou must be signed in to change notification settings
Fork4.9k
Star17.7k

Commit80c925c

committed

Avoid multiple free_struct_lconv() calls on same data.

A failure partway through PGLC_localeconv() led to a situation wherethe next call would call free_struct_lconv() a second time, leadingto free() on already-freed strings, typically leading to a core dump.Add a flag to remember whether we need to do that.Per report from Thom Brown. His example case only provokes the failureas far back as 9.4, but nonetheless this code is obviously broken, soback-patch to all supported branches.

1 parentf6a6057 commit80c925cCopy full SHA for 80c925c

File tree

1 file changed

+11

-5

lines changed

src/backend/utils/adt
- pg_locale.c

1 file changed

+11

-5

lines changed

`‎src/backend/utils/adt/pg_locale.c`

Lines changed: 11 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -387,9 +387,6 @@ assign_locale_messages(const char newval, void extra)`
`387`	`387`	`staticvoid`
`388`	`388`	`free_struct_lconv(structlconv*s)`
`389`	`389`	`{`
`390`		`-if (s==NULL)`
`391`		`-return;`
`392`		`-`
`393`	`390`	`if (s->currency_symbol)`
`394`	`391`	`free(s->currency_symbol);`
`395`	`392`	`if (s->decimal_point)`
`@@ -441,6 +438,7 @@ struct lconv *`
`441`	`438`	`PGLC_localeconv(void)`
`442`	`439`	`{`
`443`	`440`	`staticstructlconvCurrentLocaleConv;`
	`441`	`+staticboolCurrentLocaleConvAllocated= false;`
`444`	`442`	`structlconv*extlconv;`
`445`	`443`	`char*save_lc_monetary;`
`446`	`444`	`char*save_lc_numeric;`
`@@ -457,7 +455,12 @@ PGLC_localeconv(void)`
`457`	`455`	`if (CurrentLocaleConvValid)`
`458`	`456`	`return&CurrentLocaleConv;`
`459`	`457`
`460`		`-free_struct_lconv(&CurrentLocaleConv);`
	`458`	`+/* Free any already-allocated storage */`
	`459`	`+if (CurrentLocaleConvAllocated)`
	`460`	`+{`
	`461`	`+free_struct_lconv(&CurrentLocaleConv);`
	`462`	`+CurrentLocaleConvAllocated= false;`
	`463`	`+}`
`461`	`464`
`462`	`465`	`/* Save user's values of monetary and numeric locales */`
`463`	`466`	`save_lc_monetary=setlocale(LC_MONETARY,NULL);`
`@@ -521,7 +524,9 @@ PGLC_localeconv(void)`
`521`	`524`
`522`	`525`	`/*`
`523`	`526`	`* Must copy all values since restoring internal settings may overwrite`
`524`		`- * localeconv()'s results.`
	`527`	`+ * localeconv()'s results. Note that if we were to fail within this`
	`528`	`+ * sequence before reaching "CurrentLocaleConvAllocated = true", we could`
	`529`	`+ * leak some memory --- but not much, so it's not worth agonizing over.`
`525`	`530`	`*/`
`526`	`531`	`CurrentLocaleConv=*extlconv;`
`527`	`532`	`CurrentLocaleConv.decimal_point=decimal_point;`
`@@ -534,6 +539,7 @@ PGLC_localeconv(void)`
`534`	`539`	`CurrentLocaleConv.mon_thousands_sep=db_encoding_strdup(encoding,extlconv->mon_thousands_sep);`
`535`	`540`	`CurrentLocaleConv.negative_sign=db_encoding_strdup(encoding,extlconv->negative_sign);`
`536`	`541`	`CurrentLocaleConv.positive_sign=db_encoding_strdup(encoding,extlconv->positive_sign);`
	`542`	`+CurrentLocaleConvAllocated= true;`
`537`	`543`
`538`	`544`	`/* Try to restore internal settings */`
`539`	`545`	`if (save_lc_monetary)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit80c925c

File tree

1 file changed

1 file changed

`‎src/backend/utils/adt/pg_locale.c`

0 commit comments