Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit459c3cd

Browse files
committed
Don't read fields of a misaligned ExpandedObjectHeader or AnyArrayType.
UBSan complains about this. Instead, cast to a suitable type requiringonly 4-byte alignment. DatumGetAnyArrayP() already assumes one can castbetween AnyArrayType and ArrayType, so this doesn't introduce a newassumption. Back-patch to 9.5, where AnyArrayType was introduced.Reviewed by Tom Lane.Discussion:https://postgr.es/m/20190629210334.GA1244217@rfd.leadboat.com
1 parentda53be2 commit459c3cd

File tree

4 files changed

+17
-10
lines changed

4 files changed

+17
-10
lines changed

‎src/backend/utils/adt/arrayfuncs.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4159,7 +4159,7 @@ array_contain_compare(AnyArrayType *array1, AnyArrayType *array2, Oid collation,
41594159
nelems2=array2->xpn.nelems;
41604160
}
41614161
else
4162-
deconstruct_array(&(array2->flt),
4162+
deconstruct_array((ArrayType*)array2,
41634163
element_type,typlen,typbyval,typalign,
41644164
&values2,&nulls2,&nelems2);
41654165

‎src/include/utils/array.h

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,10 @@ typedef struct ExpandedArrayHeader
157157

158158
/*
159159
* Functions that can handle either a "flat" varlena array or an expanded
160-
* array use this union to work with their input.
160+
* array use this union to work with their input. Don't refer to "flt";
161+
* instead, cast to ArrayType. This struct nominally requires 8-byte
162+
* alignment on 64-bit, but it's often used for an ArrayType having 4-byte
163+
* alignment. UBSan complains about referencing "flt" in such cases.
161164
*/
162165
typedefunionAnyArrayType
163166
{
@@ -311,17 +314,21 @@ typedef struct ArrayIteratorData *ArrayIterator;
311314
* Macros for working with AnyArrayType inputs. Beware multiple references!
312315
*/
313316
#defineAARR_NDIM(a) \
314-
(VARATT_IS_EXPANDED_HEADER(a) ? (a)->xpn.ndims : ARR_NDIM(&(a)->flt))
317+
(VARATT_IS_EXPANDED_HEADER(a) ? \
318+
(a)->xpn.ndims : ARR_NDIM((ArrayType *) (a)))
315319
#defineAARR_HASNULL(a) \
316320
(VARATT_IS_EXPANDED_HEADER(a) ? \
317321
((a)->xpn.dvalues != NULL ? (a)->xpn.dnulls != NULL : ARR_HASNULL((a)->xpn.fvalue)) : \
318-
ARR_HASNULL(&(a)->flt))
322+
ARR_HASNULL((ArrayType *) (a)))
319323
#defineAARR_ELEMTYPE(a) \
320-
(VARATT_IS_EXPANDED_HEADER(a) ? (a)->xpn.element_type : ARR_ELEMTYPE(&(a)->flt))
324+
(VARATT_IS_EXPANDED_HEADER(a) ? \
325+
(a)->xpn.element_type : ARR_ELEMTYPE((ArrayType *) (a)))
321326
#defineAARR_DIMS(a) \
322-
(VARATT_IS_EXPANDED_HEADER(a) ? (a)->xpn.dims : ARR_DIMS(&(a)->flt))
327+
(VARATT_IS_EXPANDED_HEADER(a) ? \
328+
(a)->xpn.dims : ARR_DIMS((ArrayType *) (a)))
323329
#defineAARR_LBOUND(a) \
324-
(VARATT_IS_EXPANDED_HEADER(a) ? (a)->xpn.lbound : ARR_LBOUND(&(a)->flt))
330+
(VARATT_IS_EXPANDED_HEADER(a) ? \
331+
(a)->xpn.lbound : ARR_LBOUND((ArrayType *) (a)))
325332

326333

327334
/*

‎src/include/utils/arrayaccess.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,8 @@ array_iter_setup(array_iter *it, AnyArrayType *a)
7171
{
7272
it->datumptr=NULL;
7373
it->isnullptr=NULL;
74-
it->dataptr=ARR_DATA_PTR(&a->flt);
75-
it->bitmapptr=ARR_NULLBITMAP(&a->flt);
74+
it->dataptr=ARR_DATA_PTR((ArrayType*)a);
75+
it->bitmapptr=ARR_NULLBITMAP((ArrayType*)a);
7676
}
7777
it->bitmask=1;
7878
}

‎src/include/utils/expandeddatum.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,7 @@ struct ExpandedObjectHeader
126126
*/
127127
#defineEOH_HEADER_MAGIC (-1)
128128
#defineVARATT_IS_EXPANDED_HEADER(PTR) \
129-
(((ExpandedObjectHeader *) (PTR))->vl_len_ == EOH_HEADER_MAGIC)
129+
(((varattrib_4b *) (PTR))->va_4byte.va_header == EOH_HEADER_MAGIC)
130130

131131
/*
132132
* Generic support functions for expanded objects.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp