Home > mailing lists

Re: Insufficient memory access checks in pglz_decompress - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: Insufficient memory access checks in pglz_decompress
Date	October 19, 2023 03:48:03
Msg-id	3235130.1697676483@sss.pgh.pa.us Whole thread Raw
In response to	Re: Insufficient memory access checks in pglz_decompress (Flavien GUEDEZ <flav.pg@oopacity.net>)
Responses	Re: Insufficient memory access checks in pglz_decompress (Flavien GUEDEZ <flav.pg@oopacity.net>)
List	pgsql-bugs

Tree view

Flavien GUEDEZ <flav.pg@oopacity.net> writes:
> Thanks for your feedback, you are definitely right, I did not notice 
> that (dp - off) was staying the same in the while loop.
> Here is another much smaller patch.

I thought of another thing we should change: it's better to perform
the test as "off > (dp - dest)" than the way you formulated it.
"dp - dest" is certainly computable, since it's the number of bytes
we've written to the output buffer so far.  But "dp - off" could,
with bad luck and a buffer near the start of memory, wrap around
to look like it's after "dest".

Pushed with that change and a little fiddling with the comment.
Thanks for the report!

            regards, tom lane

pgsql-bugs by date:

From: Jeff Janes
Date: 19 October 2023, 03:42:21
Subject: Re: Variable substitution in jsonb functions fails for jsonpath operator like_regex

From: Tom Lane
Date: 19 October 2023, 04:46:29
Subject: Re: Variable substitution in jsonb functions fails for jsonpath operator like_regex

Re: Insufficient memory access checks in pglz_decompress - Mailing list pgsql-bugs

Previous

Next