Home > mailing lists

Dereferenced pointer in tablesample.c - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Dereferenced pointer in tablesample.c
Date	June 30, 2015 10:10:54
Msg-id	CAB7nPqSq06h2tVH7RoVnXmj_da4uGzxnk2-JUZnphG1NFqfYuQ@mail.gmail.com Whole thread Raw
Responses	Re: Dereferenced pointer in tablesample.c (Petr Jelinek <petr@2ndquadrant.com>)
List	pgsql-hackers

Tree view

Hi all,

(Petr in CC)

Coverity is complaining about the following pointer dereference in tablesample_init@tablesample.c:
+ ExprState *argstate = ExecInitExpr(argexpr, (PlanState *) scanstate);
+
+ if (argstate == NULL)
+ {
+ fcinfo.argnull[i] = true;
+ fcinfo.arg[i] = (Datum) 0;;
+ }
+
+ fcinfo.arg[i] = ExecEvalExpr(argstate, econtext,
+ &fcinfo.argnull[i], NULL);

If the expression argstate is NULL when calling ExecInitExpr(), argstate is going to be NULL and dereferenced afterwards, see execQual.c for more details. Hence I think that the patch attached should be applied. Thoughts?

At the same time I noted a double semicolon, fixed as well in the attached.

Regards,

--
Michael

Attachment

20150630_tablesample_dereference.patch

pgsql-hackers by date:

From: Simon Riggs
Date: 30 June 2015, 10:02:37
Subject: Reducing ClogControlLock contention

From: Michael Paquier
Date: 30 June 2015, 10:13:30
Subject: Re: Reducing ClogControlLock contention

Dereferenced pointer in tablesample.c - Mailing list pgsql-hackers

Attachment

Previous

Next