Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf78ebbe

Browse files
committed
Avoid invalid alloc size error in shm_mq
In shm_mq_receive(), a huge payload could trigger an unjustified"invalid memory alloc request size" error due to the way the buffersize is increased.Add error checks (documenting the upper limit) and avoid the error bylimiting the allocation size to MaxAllocSize.Author: Markus Wanner <markus.wanner@2ndquadrant.com>Discussion:https://www.postgresql.org/message-id/flat/3bb363e7-ac04-0ac4-9fe8-db1148755bfa%402ndquadrant.com
1 parent68f2369 commitf78ebbe

File tree

1 file changed

+24
-0
lines changed

1 file changed

+24
-0
lines changed

‎src/backend/storage/ipc/shm_mq.c

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
#include"storage/procsignal.h"
2525
#include"storage/shm_mq.h"
2626
#include"storage/spin.h"
27+
#include"utils/memutils.h"
2728

2829
/*
2930
* This structure represents the actual queue, stored in shared memory.
@@ -364,6 +365,13 @@ shm_mq_sendv(shm_mq_handle *mqh, shm_mq_iovec *iov, int iovcnt, bool nowait)
364365
for (i=0;i<iovcnt;++i)
365366
nbytes+=iov[i].len;
366367

368+
/* Prevent writing messages overwhelming the receiver. */
369+
if (nbytes>MaxAllocSize)
370+
ereport(ERROR,
371+
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
372+
errmsg("cannot send a message of size %zu via shared memory queue",
373+
nbytes)));
374+
367375
/* Try to write, or finish writing, the length word into the buffer. */
368376
while (!mqh->mqh_length_word_complete)
369377
{
@@ -657,6 +665,17 @@ shm_mq_receive(shm_mq_handle *mqh, Size *nbytesp, void **datap, bool nowait)
657665
}
658666
nbytes=mqh->mqh_expected_bytes;
659667

668+
/*
669+
* Should be disallowed on the sending side already, but better check and
670+
* error out on the receiver side as well rather than trying to read a
671+
* prohibitively large message.
672+
*/
673+
if (nbytes>MaxAllocSize)
674+
ereport(ERROR,
675+
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
676+
errmsg("invalid message size %zu in shared memory queue",
677+
nbytes)));
678+
660679
if (mqh->mqh_partial_bytes==0)
661680
{
662681
/*
@@ -685,8 +704,13 @@ shm_mq_receive(shm_mq_handle *mqh, Size *nbytesp, void **datap, bool nowait)
685704
{
686705
Sizenewbuflen=Max(mqh->mqh_buflen,MQH_INITIAL_BUFSIZE);
687706

707+
/*
708+
* Double the buffer size until the payload fits, but limit to
709+
* MaxAllocSize.
710+
*/
688711
while (newbuflen<nbytes)
689712
newbuflen *=2;
713+
newbuflen=Min(newbuflen,MaxAllocSize);
690714

691715
if (mqh->mqh_buffer!=NULL)
692716
{

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp