Hello,
is there anything else we can help with or discuss in order to apply this fix?
26.07.2024 12:16, Alexander Kuznetsov пишет:
> 25.07.2024 20:07, Alvaro Herrera wrote:
>> Maybe for sanity (and perhaps for Svace compliance) we could do it the
>> other way around, i.e. by testing events->tail for nullness instead of
>> events->head, then add the assertion:
>>
>> if (events->tail == NULL)
>> {
>> Assert(events->head == NULL);
>> events->head = chunk;
>> }
>> else
>> events->tail->next = chunk;
>>
>> This way, it's not wholly redundant.
> Thanks for your response!
> I agree with the proposed changes and have updated the patch accordingly. Version 2 is attached.
>> That said, I'm not sure we actually *need* to change this.
> I understand and partly agree. But it appears that with these changes, the dereference of a null pointer is
impossibleeven in builds where assertions are disabled. Previously, this issue could theoretically occur. Consequently,
thesechanges slightly enhance overall security.
>
--
Best regards,
Alexander Kuznetsov