pgsql: Fix use-after-free around DISTINCT transition function calls. - Mailing list pgsql-committers

From Heikki Linnakangas
Subject pgsql: Fix use-after-free around DISTINCT transition function calls.
Date
Msg-id E1bw43f-0004MF-AD@gemulon.postgresql.org
Whole thread Raw
List pgsql-committers
Fix use-after-free around DISTINCT transition function calls.

Have tuplesort_gettupleslot() copy the contents of its current table slot
as needed. This is based on an approach taken by tuplestore_gettupleslot().
In the future, tuplesort_gettupleslot() may also be taught to avoid copying
the tuple where caller can determine that that is safe (the
tuplestore_gettupleslot() interface already offers this option to callers).

Patch by Peter Geoghegan. Fixes bug #14344, reported by Regina Obe.

Report: <20160929035538.20224.39628@wrigleys.postgresql.org>

Backpatch-through: 9.6

Branch
------
REL9_6_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/a5f0bd77a2fab60a52dc335a63efc21abc806aa7

Modified Files
--------------
src/backend/utils/sort/tuplesort.c | 9 +++++++++
1 file changed, 9 insertions(+)


pgsql-committers by date:

Previous
From: Heikki Linnakangas
Date:
Subject: pgsql: Fix use-after-free around DISTINCT transition function calls.
Next
From: Heikki Linnakangas
Date:
Subject: pgsql: Use OpenSSL EVP API for symmetric encryption in pgcrypto.