Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit50ff07d

Browse files
committed
Remove arbitrary 10MB limit on two-phase state file size. It's not that hard
to go beoynd 10MB, as demonstrated by Gavin Sharry's example of dropping aschema with ~25000 objects. The really bogus thing about the limit was thatit was enforced when a state file file was read in, not when it was written,so you would end up with a prepared transaction that you can't commit orabort, and the only recourse was to shut down the server and remove the fileby hand.Raise the limit to MaxAllocSize, and enforce it also when a state file iswritten. We could've removed the limit altogether, but reading in a filelarger than MaxAllocSize would fail anyway because we read it into apalloc'd buffer.Backpatch down to 8.1, where 2PC and this issue was introduced.
1 parent07a5606 commit50ff07d

File tree

1 file changed

+15
-3
lines changed

1 file changed

+15
-3
lines changed

‎src/backend/access/transam/twophase.c

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
* Portions Copyright (c) 1994, Regents of the University of California
88
*
99
* IDENTIFICATION
10-
*$PostgreSQL: pgsql/src/backend/access/transam/twophase.c,v 1.42 2008/05/12 00:00:45 alvherre Exp $
10+
*$PostgreSQL: pgsql/src/backend/access/transam/twophase.c,v 1.43 2008/05/19 18:16:26 heikki Exp $
1111
*
1212
* NOTES
1313
*Each global transaction is associated with a global transaction
@@ -56,6 +56,7 @@
5656
#include"storage/procarray.h"
5757
#include"storage/smgr.h"
5858
#include"utils/builtins.h"
59+
#include"utils/memutils.h"
5960

6061

6162
/*
@@ -865,6 +866,15 @@ EndPrepare(GlobalTransaction gxact)
865866
Assert(hdr->magic==TWOPHASE_MAGIC);
866867
hdr->total_len=records.total_len+sizeof(pg_crc32);
867868

869+
/*
870+
* If the file size exceeds MaxAllocSize, we won't be able to read it in
871+
* ReadTwoPhaseFile. Check for that now, rather than fail at commit time.
872+
*/
873+
if (hdr->total_len>MaxAllocSize)
874+
ereport(ERROR,
875+
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
876+
errmsg("two-phase state file maximum length exceeded")));
877+
868878
/*
869879
* Create the 2PC state file.
870880
*
@@ -1045,7 +1055,9 @@ ReadTwoPhaseFile(TransactionId xid)
10451055

10461056
/*
10471057
* Check file length. We can determine a lower bound pretty easily. We
1048-
* set an upper bound mainly to avoid palloc() failure on a corrupt file.
1058+
* set an upper bound to avoid palloc() failure on a corrupt file, though
1059+
* we can't guarantee that we won't get an out of memory error anyway,
1060+
* even on a valid file.
10491061
*/
10501062
if (fstat(fd,&stat))
10511063
{
@@ -1060,7 +1072,7 @@ ReadTwoPhaseFile(TransactionId xid)
10601072
if (stat.st_size< (MAXALIGN(sizeof(TwoPhaseFileHeader))+
10611073
MAXALIGN(sizeof(TwoPhaseRecordOnDisk))+
10621074
sizeof(pg_crc32))||
1063-
stat.st_size>10000000)
1075+
stat.st_size>MaxAllocSize)
10641076
{
10651077
close(fd);
10661078
returnNULL;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp