Home > mailing lists

Re: BUG #17830: Incorrect memory access in trgm_regexp - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: BUG #17830: Incorrect memory access in trgm_regexp
Date	March 11, 2023 19:39:30
Msg-id	1190342.1678552770@sss.pgh.pa.us Whole thread Raw
In response to	BUG #17830: Incorrect memory access in trgm_regexp (PG Bug reporting form <noreply@postgresql.org>)
Responses	Re: BUG #17830: Incorrect memory access in trgm_regexp (Alexander Lakhin <exclusion@gmail.com>)
List	pgsql-bugs

Tree view

PG Bug reporting form <noreply@postgresql.org> writes:
> When the following script executed:
> CREATE EXTENSION pg_trgm;
> CREATE TABLE t(t text);
> CREATE INDEX t_idx_gin ON t USING gin (t gin_trgm_ops);
> SELECT * FROM t WHERE t ~ '.*$x';
> valgrind detects an invalid memory read:
> ...
> The invalid access occurs in the line:
>         while (j < arcsCount && arcs[j].sourceState == i)
> here arcsCount == 1 even when arcs contains no elements, due to the
> assignment above:
>     arcsCount = (p2 - arcs) + 1;

Yeah, that de-duplication code is incorrectly assuming that the
NFA has more than zero arcs, which it doesn't because the regex
compiler saw that the pattern is unsatisfiable.

Thanks for the report!

            regards, tom lane

pgsql-bugs by date:

From: Tom Lane
Date: 11 March 2023, 18:51:45
Subject: Re: BUG #17831: server crash

From: Tom Lane
Date: 11 March 2023, 20:23:56
Subject: Re: BUG #17826: An assert failed in /src/backend/optimizer/util/var.c

Re: BUG #17830: Incorrect memory access in trgm_regexp - Mailing list pgsql-bugs

Previous

Next