forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commite7fa121
Robustify find_base_rel and find_base_rel_ignore_join
Improve find_base_rel() and find_base_rel_ignore_join() so that theyraise an ERROR if they ever receive a negative relid value innon-cassert builds. If either of these functions had ever received anegative relid then they'd have attempted to access memory that does notbelong to simple_rel_array.Because no evidence has been presented of actual cases where bugs havecaused this to happen, here we take a lightweight approach to checkingfor negative values and simply cast both values to uint32 beforeperforming the comparison. This will cause any negative relids to beseen as greater than simple_rel_array_size which will ERROR rather thanattempt to access a negative simple_rel_array element. Obviously, therun-time error is better than a crash, so it makes sense to protectagainst this, especially when it can be done without adding anyadditional run-time overhead.There is a slight change here if the functions are ever called with arelid of 0. This will pass the bounds check, but that array entryshould be NULL (along with the corresponding simple_rte_array entry), sowon't pass the "if (rel)" condition and still fall through and raise anERROR.Author: Ranier VilelaReviewed-by: Ashutosh Bapat, David RowleyDiscussion:https://postgr.es/m/CAEudQArQSghBu2gLojg4o_tnHj_x2HcS%3D%2BwewL3NJS8z0VnK%2Bg%40mail.gmail.com1 parente6ec7c9 commite7fa121
1 file changed
+4
-6
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
406 | 406 | | |
407 | 407 | | |
408 | 408 | | |
409 | | - | |
410 | | - | |
411 | | - | |
| 409 | + | |
| 410 | + | |
412 | 411 | | |
413 | 412 | | |
414 | 413 | | |
| |||
432 | 431 | | |
433 | 432 | | |
434 | 433 | | |
435 | | - | |
436 | | - | |
437 | | - | |
| 434 | + | |
| 435 | + | |
438 | 436 | | |
439 | 437 | | |
440 | 438 | | |
| |||
0 commit comments
Comments
(0)