Postgres Pro
Downloads
Home   >   mailing lists

Re: BUG #1011: Explain analyze "query" cause segv - Mailing list pgsql-bugs

From Tom Lane
Subject Re: BUG #1011: Explain analyze "query" cause segv
Date
Msg-id 10982.1071692286@sss.pgh.pa.us
Whole thread Raw
In response to BUG #1011: Explain analyze "query" cause segv  ("PostgreSQL Bugs List" <pgsql-bugs@postgresql.org>)
Responses Re: BUG #1011: Explain analyze "query" cause segv
List pgsql-bugs
Tree view 
"PostgreSQL Bugs List" <pgsql-bugs@postgresql.org> writes:
> There is test case (notice there is ltree column):

Seems to be a buffer overrun in lquery_out().  I've applied the attached
patch for 7.4.1.

            regards, tom lane

*** contrib/ltree/ltree_io.c.orig    Sun Aug  3 20:43:10 2003
--- contrib/ltree/ltree_io.c    Wed Dec 17 15:09:40 2003
***************
*** 498,518 ****
                 *ptr;
      int            i,
                  j,
!                 totallen = 0;
      lquery_level *curqlevel;
      lquery_variant *curtlevel;

      curqlevel = LQUERY_FIRST(in);
      for (i = 0; i < in->numlevel; i++)
      {
          if (curqlevel->numvar)
!             totallen = (curqlevel->numvar * 4) + 1 + curqlevel->totallen;
          else
!             totallen = 2 * 11 + 4;
!         totallen++;
          curqlevel = LQL_NEXT(curqlevel);
      }
-

      ptr = buf = (char *) palloc(totallen);
      curqlevel = LQUERY_FIRST(in);
--- 498,517 ----
                 *ptr;
      int            i,
                  j,
!                 totallen = 1;
      lquery_level *curqlevel;
      lquery_variant *curtlevel;

      curqlevel = LQUERY_FIRST(in);
      for (i = 0; i < in->numlevel; i++)
      {
+         totallen++;
          if (curqlevel->numvar)
!             totallen += 1 + (curqlevel->numvar * 4) + curqlevel->totallen;
          else
!             totallen += 2 * 11 + 4;
          curqlevel = LQL_NEXT(curqlevel);
      }

      ptr = buf = (char *) palloc(totallen);
      curqlevel = LQUERY_FIRST(in);

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: SELECT FOR UPDATE differs inside and outside a pl/pgsql function (7.4)
Next
From: "PostgreSQL Bugs List"
Date:
Subject: BUG #1012: missing server/*.h on suse devel rpm package