Home > mailing lists

pgsql: hstore: Fix NULL pointer dereference with receive function - Mailing list pgsql-committers

From	Michael Paquier
Subject	pgsql: hstore: Fix NULL pointer dereference with receive function
Date	February 17 02:42:01
Msg-id	E1vs8E4-001B86-02@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

hstore: Fix NULL pointer dereference with receive function

The receive function of hstore was not able to handle correctly
duplicate key values when a new duplicate links to a NULL value, where a
pfree() could be attempted on a NULL pointer, crashing due to a pointer
dereference.

This problem would happen for a COPY BINARY, when stacking values like
that:
aa => 5
aa => null

The second key/value pair is discarded and pfree() calls are attempted
on its key and its value, leading to a pointer dereference for the value
part as the value is NULL.  The first key/value pair takes priority when
a duplicate is found.

Per offline report.

Reported-by: "Anemone" <vergissmeinnichtzh@gmail.com>
Reported-by: "A1ex" <alex000young@gmail.com>
Backpatch-through: 14

Branch
------
REL_15_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/63c05e03bcc5e927a3f3f2b283af6f38b9eeb0aa

Modified Files
--------------
contrib/hstore/hstore_io.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Nathan Bossart
Date: 17 February, 00:13:57
Subject: pgsql: pg_upgrade: Use COPY for LO metadata for upgrades from < v12.

From: Noah Misch
Date: 17 February, 05:05:59
Subject: pgsql: Suppress new "may be used uninitialized" warning.

pgsql: hstore: Fix NULL pointer dereference with receive function - Mailing list pgsql-committers

Previous

Next