On Tue, Oct 3, 2017 at 3:04 AM, Andreas Seltenreich <seltenreich@gmx.de> wrote:
> Tom Lane writes:
>> Presumably somebody could dig into the libc source code and prove or
>> disprove this, though it would sure help to know exactly what platform
>> and version Andreas is testing on.
>
> This is the code in glibc-2.24 around the crash site:
>
> ,----[ glibc-2.24/elf/dl-load.c:442 ]
> | to_free = cp = expand_dynamic_string_token (l, cp, 1);
> |
> | size_t len = strlen (cp);
> `----
>
> …while expand_dynamic_string_token will indeed return NULL on a failed
> malloc. Code in the most recent glibc looks the same, so I'll carry
> this issue over to the glibc bugzilla then.
You know, I was pretty impressed with sqlsmith when it was only
finding bugs in PostgreSQL. Finding bugs in glibc is even more
impressive.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
