Postgres Pro
Downloads
Home   >   mailing lists

Thread: pgsql: Various Coverity-spotted fixes

pgsql: Various Coverity-spotted fixes

From
Stephen Frost
Date:
Various Coverity-spotted fixes

A number of issues were identified by the Coverity scanner and are
addressed in this patch.  None of these appear to be security issues
and many are mostly cosmetic changes.

Short comments for each of the changes follows.

Correct the semi-colon placement in be-secure.c regarding SSL retries.
Remove a useless comparison-to-NULL in proc.c (value is dereferenced
  prior to this check and therefore can't be NULL).
Add checking of chmod() return values to initdb.
Fix a couple minor memory leaks in initdb.
Fix memory leak in pg_ctl- involves free'ing the config file contents.
Use an int to capture fgetc() return instead of an enum in pg_dump.
Fix minor memory leaks in pg_dump.
  (note minor change to convertOperatorReference()'s API)
Check fclose()/remove() return codes in psql.
Check fstat(), find_my_exec() return codes in psql.
Various ECPG memory leak fixes.
Check find_my_exec() return in ECPG.
Explicitly ignore pqFlush return in libpq error-path.
Change PQfnumber() to avoid doing an strdup() when no changes required.
Remove a few useless check-against-NULL's (value deref'd beforehand).
Check rmtree(), malloc() results in pg_regress.
Also check get_alternative_expectfile() return in pg_regress.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/b1aebbb6a86e96d7b8f3035ac730dfc24652496c

Modified Files
--------------
src/backend/libpq/be-secure.c          |    2 +-
src/backend/storage/lmgr/proc.c        |    3 +-
src/bin/initdb/initdb.c                |   36 +++++++++++++--
src/bin/pg_ctl/pg_ctl.c                |   34 ++++++++++++++
src/bin/pg_dump/pg_backup_archiver.c   |    4 +-
src/bin/pg_dump/pg_dump.c              |   79 ++++++++++++++++++++++----------
src/bin/psql/command.c                 |   12 +++--
src/bin/psql/copy.c                    |   15 ++++--
src/bin/psql/startup.c                 |    7 ++-
src/interfaces/ecpg/ecpglib/execute.c  |   27 +++++++++--
src/interfaces/ecpg/preproc/ecpg.c     |    6 ++-
src/interfaces/ecpg/preproc/type.c     |   76 ++++++++++++++++++++++--------
src/interfaces/ecpg/preproc/variable.c |    5 +-
src/interfaces/libpq/fe-connect.c      |    2 +-
src/interfaces/libpq/fe-exec.c         |   28 +++++++++--
src/test/regress/pg_regress.c          |   27 ++++++++++-
16 files changed, 290 insertions(+), 73 deletions(-)

Re: pgsql: Various Coverity-spotted fixes

From
Bruce Momjian
Date:
On Sun, Mar  2, 2014 at 03:14:35AM +0000, Stephen Frost wrote:
> Various Coverity-spotted fixes
>
> A number of issues were identified by the Coverity scanner and are
> addressed in this patch.  None of these appear to be security issues
> and many are mostly cosmetic changes.
>
> Short comments for each of the changes follows.
>
> Correct the semi-colon placement in be-secure.c regarding SSL retries.
> Remove a useless comparison-to-NULL in proc.c (value is dereferenced
>   prior to this check and therefore can't be NULL).
> Add checking of chmod() return values to initdb.
> Fix a couple minor memory leaks in initdb.
> Fix memory leak in pg_ctl- involves free'ing the config file contents.
  ----------------------------------------------------------------------

I am seeing a pg_ctl crash if you run 'pg_ctl status' when the server is
running:

    *** glibc detected *** pg_ctl: free(): invalid pointer:
    0x00000000011c42c8 ***

The error is coming from the new free_readfile() function.  I believe
the error was introduced in this commit.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + Everyone has their own god. +

Re: pgsql: Various Coverity-spotted fixes

From
Stephen Frost
Date:
K, will check it out. Thanks!

On Tuesday, March 4, 2014, Bruce Momjian <bruce@momjian.us> wrote:
On Sun, Mar  2, 2014 at 03:14:35AM +0000, Stephen Frost wrote:
> Various Coverity-spotted fixes
>
> A number of issues were identified by the Coverity scanner and are
> addressed in this patch.  None of these appear to be security issues
> and many are mostly cosmetic changes.
>
> Short comments for each of the changes follows.
>
> Correct the semi-colon placement in be-secure.c regarding SSL retries.
> Remove a useless comparison-to-NULL in proc.c (value is dereferenced
>   prior to this check and therefore can't be NULL).
> Add checking of chmod() return values to initdb.
> Fix a couple minor memory leaks in initdb.
> Fix memory leak in pg_ctl- involves free'ing the config file contents.
  ----------------------------------------------------------------------

I am seeing a pg_ctl crash if you run 'pg_ctl status' when the server is
running:

        *** glibc detected *** pg_ctl: free(): invalid pointer:
        0x00000000011c42c8 ***

The error is coming from the new free_readfile() function.  I believe
the error was introduced in this commit.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + Everyone has their own god. +