Bounds-check access to TupleDescAttr with an Assert.
The second argument to TupleDescAttr should always be at least zero
and less than natts; otherwise, we index outside of the attribute
array. Assert that this is the case.
Various violations, or possible violations, of this rule that are
currently in the tree are actually harmless, because while
we do call TupleDescAttr() before verifying that the argument is
within range, we don't actually dereference it unless the argument
was within range all along. Nonetheless, the Assert means we
should be more careful, so tidy up accordingly.
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: http://postgr.es/m/CA+TgmoacixUZVvi00hOjk_d9B4iYKswWP1gNqQ8Vfray-AcOCA@mail.gmail.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/c98ad086ad9b1ca9dbb2725f246298fa8450d82f
Modified Files
--------------
src/backend/access/common/tupdesc.c | 27 +++++++++++++++------------
src/include/access/tupdesc.h | 2 ++
src/pl/plperl/plperl.c | 7 +++++--
src/pl/plpgsql/src/pl_exec.c | 6 ++++--
4 files changed, 26 insertions(+), 16 deletions(-)
