Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit793704d

Browse files
Jan WieckJan Wieck
Jan Wieck
authored and
Jan Wieck
committed
Some security checks that we've found an external value completely
when fetching toasted values.Jan
1 parentf3e5d86 commit793704d

File tree

1 file changed

+34
-2
lines changed

1 file changed

+34
-2
lines changed

‎src/backend/access/heap/tuptoaster.c‎

Lines changed: 34 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/access/heap/tuptoaster.c,v 1.6 2000/07/06 18:22:45 wieck Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/access/heap/tuptoaster.c,v 1.7 2000/07/11 12:32:03 wieck Exp $
1212
*
1313
*
1414
* INTERFACE ROUTINES
@@ -929,9 +929,17 @@ toast_fetch_datum(varattrib *attr)
929929
Datumchunk;
930930
boolisnull;
931931

932+
char*chunks_found;
933+
char*chunks_expected;
934+
932935
ressize=attr->va_content.va_external.va_extsize;
933936
numchunks= (ressize /TOAST_MAX_CHUNK_SIZE)+1;
934937

938+
chunks_found=palloc(numchunks);
939+
chunks_expected=palloc(numchunks);
940+
memset(chunks_found,0,numchunks);
941+
memset(chunks_expected,1,numchunks);
942+
935943
result= (varattrib*)palloc(ressize+VARHDRSZ);
936944
VARATT_SIZEP(result)=ressize+VARHDRSZ;
937945
if (VARATT_IS_COMPRESSED(attr))
@@ -971,7 +979,7 @@ toast_fetch_datum(varattrib *attr)
971979
heap_fetch(toastrel,SnapshotAny,&toasttup,&buffer);
972980
pfree(indexRes);
973981

974-
if (!toasttup.t_data)
982+
if (toasttup.t_data==NULL)
975983
continue;
976984
ttup=&toasttup;
977985

@@ -982,6 +990,20 @@ toast_fetch_datum(varattrib *attr)
982990
residx= (int32)heap_getattr(ttup,2,toasttupDesc,&isnull);
983991
chunk=heap_getattr(ttup,3,toasttupDesc,&isnull);
984992

993+
/* ----------
994+
* Some checks on the data we've found
995+
* ----------
996+
*/
997+
if (residx*TOAST_MAX_CHUNK_SIZE+VARATT_SIZE(chunk)-VARHDRSZ
998+
>ressize)
999+
elog(ERROR,"chunk data exceeds original data size for "
1000+
"toast value %d",
1001+
attr->va_content.va_external.va_valueid);
1002+
if (chunks_found[residx]++>0)
1003+
elog(ERROR,"chunk %d for toast value %d appears multiple times",
1004+
residx,
1005+
attr->va_content.va_external.va_valueid);
1006+
9851007
/* ----------
9861008
* Copy the data into our result
9871009
* ----------
@@ -993,6 +1015,16 @@ toast_fetch_datum(varattrib *attr)
9931015
ReleaseBuffer(buffer);
9941016
}
9951017

1018+
/* ----------
1019+
* Final checks that we successfully fetched the datum
1020+
* ----------
1021+
*/
1022+
if (memcmp(chunks_found,chunks_expected,numchunks)!=0)
1023+
elog(ERROR,"not all toast chunks found for value %d",
1024+
attr->va_content.va_external.va_valueid);
1025+
pfree(chunks_expected);
1026+
pfree(chunks_found);
1027+
9961028
/* ----------
9971029
* End scan and close relations
9981030
* ----------

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp