Home > mailing lists

[NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c) - Mailing list pgsql-hackers

From	Ranier Vilela
Subject	[NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)
Date	September 3, 2020 00:39:09
Msg-id	CAEudQApXsNo0pvk_Kt+k8TpFcOtPiiumAnEt3nE1u=ubOf8TjQ@mail.gmail.com Whole thread Raw
Responses	Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c) (Ranier Vilela <ranier.vf@gmail.com>) Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c) (Peter Geoghegan <pg@bowt.ie>)
List	pgsql-hackers

Tree view

Hi,

Is possible that BTreeTupleSetNAtts, leave everything tidy, so that BTreeTupleGetHeapTID doesn't fail.

BTreeTupleGetHeapTID can return NULL.

But, as we can see:

1. Line 2085 (nbtutils.c):

if (BTreeTupleGetHeapTID(itup) != NULL && tupnatts != nkeyatts)

2. Line 803 (nbtsearch.c):

if (heapTid == NULL)

Maybe, better make sure, because:

3. Line 2285 (nbtutils.c):

ItemPointerCopy(BTreeTupleGetMaxHeapTID(lastleft), pivotheaptid);

4. Line 2316 (nbtutils.c) :

ItemPointerCopy(BTreeTupleGetHeapTID(firstright), pivotheaptid);

Can dereference NULL pointer (pivotheaptid) at runtime (release version).

itemptr.h:

#define ItemPointerCopy(fromPointer, toPointer) \
( \
AssertMacro(PointerIsValid(toPointer)), \
AssertMacro(PointerIsValid(fromPointer)), \
*(toPointer) = *(fromPointer) \
)

regards,

Ranier Vilela

pgsql-hackers by date:

From: Jesse Zhang
Date: 03 September 2020, 00:32:20
Subject: Re: Fix for configure error in 9.5/9.6 on macOS 11.0 Big Sur

From: Ranier Vilela
Date: 03 September 2020, 00:46:40
Subject: Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)

[NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c) - Mailing list pgsql-hackers

Previous

Next