Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c) - Mailing list pgsql-hackers

From Peter Geoghegan
Subject Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)
Date
Msg-id CAH2-WznuZz2XYGZqrJZd-eB2MSbUvsFaczjM=no3a89tTBizgw@mail.gmail.com
Whole thread Raw
In response to [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)  (Ranier Vilela <ranier.vf@gmail.com>)
Responses Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)
List pgsql-hackers
On Wed, Sep 2, 2020 at 2:41 PM Ranier Vilela <ranier.vf@gmail.com> wrote:
> Maybe, better make sure, because:
> 3. Line 2285 (nbtutils.c):
>     ItemPointerCopy(BTreeTupleGetMaxHeapTID(lastleft), pivotheaptid);
> 4. Line 2316 (nbtutils.c) :
>     ItemPointerCopy(BTreeTupleGetHeapTID(firstright), pivotheaptid);
>
> Can dereference NULL pointer (pivotheaptid) at runtime (release version).

The entire codepath in question exists to set a new pivot tuple's heap
TID, in the case where we have to include a heap TID in a new leaf
page high key. This is a tuple in palloc()'d memory that we ourselves
just created.

We know that BTreeTupleGetHeapTID() will return a valid heap TID
pointer (a pointer into the end of the new pivot tuple buffer) because
we just marked the pivot tuple as having space for one ourselves -- we
still completely own the tuple. While it's true that in general
BTreeTupleGetHeapTID() can return a NULL pointer, it does not matter
here. Even if BTreeTupleGetHeapTID() did somehow return a NULL
pointer, then the user would be getting off lightly by experiencing a
hard crash instead of data corruption.

You should spend more time (as in more than zero time) trying to
understand the intent of the code that you write these reports about.

-- 
Peter Geoghegan



pgsql-hackers by date:

Previous
From: Ranier Vilela
Date:
Subject: Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)
Next
From: Ranier Vilela
Date:
Subject: Re: [NBTREE] Possible NULL pointer dereference (backend/access/nbtree/nbutils.c)