Skip to content
This repository has been archived by the owner on Aug 3, 2022. It is now read-only.

Fix postgres crash due to array indexing issue #20

Merged
merged 3 commits into from
Nov 10, 2016
Merged

Fix postgres crash due to array indexing issue #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
87cad11
Move the output write outside the memory context, and fix the off by …
Nov 9, 2016
e45bdef
Add comment and dry up the prepare write calls
Nov 9, 2016
eff5fa4
Remove duplicate prepare
Nov 9, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions pgoutput/output_proto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ static void tuple_to_proto(
{
int natt;
int cp = 0;
int colnum = 0;

for (natt = 0; natt < tupdesc->natts; natt++)
{
Expand All @@ -87,7 +88,13 @@ static void tuple_to_proto(

col = (Common__ColumnPb*)palloc(sizeof(Common__ColumnPb));
common__column_pb__init(col);
cols[natt] = col;
// NOTE: You cannot use natt here as the array index, as it's counting
// the number of entries in tupdesc, but we've previously computed and
// allocated the cols array based on a count that doesn't include the
// attr's that are dropped or have a negative attnum. If you use
// natt to index into cols, you risk jumping off the end of the array
// and causing a pg crash.
cols[colnum++] = col;

typ = attr->atttypid;
col->name = NameStr(attr->attname);
Expand Down Expand Up @@ -209,7 +216,5 @@ void transicatorOutputChangeProto(
pack = (uint8_t*)palloc(sizeof(uint8_t) * packSize);
common__change_pb__pack(&pb, pack);

OutputPluginPrepareWrite(ctx, true);
appendBinaryStringInfo(ctx->out, (char*)pack, packSize);
OutputPluginWrite(ctx, true);
}
2 changes: 0 additions & 2 deletions pgoutput/output_string.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,6 @@ void transicatorOutputChangeString(
class_form = RelationGetForm(relation);
tupdesc = RelationGetDescr(relation);

OutputPluginPrepareWrite(ctx, true);
appendStringInfoChar(ctx->out, '{');

/* TODO will this produce double-quoted table names? */
Expand Down Expand Up @@ -195,5 +194,4 @@ void transicatorOutputChangeString(
}

appendStringInfoChar(ctx->out, '}');
OutputPluginWrite(ctx, true);
}
2 changes: 2 additions & 0 deletions pgoutput/transicator_output.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,7 @@ static void outputChange(

/* Switch to our private memory context so that we will not leak. */
oldMemCtx = MemoryContextSwitchTo(state->memCtx);
OutputPluginPrepareWrite(ctx, true);
if (state->isBinary) {
transicatorOutputChangeProto(ctx, txn, relation, change, state);
} else {
Expand All @@ -116,6 +117,7 @@ static void outputChange(
/* Switch back to original context and release everything we "palloc"ed */
MemoryContextSwitchTo(oldMemCtx);
MemoryContextReset(state->memCtx);
OutputPluginWrite(ctx, true);
}

void _PG_output_plugin_init(OutputPluginCallbacks *cb) {
Expand Down