Thread: BUG #14930: Unchecked AllocateDir() return value inSlruScanDirectory()
BUG #14930: Unchecked AllocateDir() return value inSlruScanDirectory()
From
bianpan2016@163.com
Date:
The following bug has been logged on the website: Bug reference: 14930 Logged by: Pan Bian Email address: bianpan2016@163.com PostgreSQL version: 10.1 Operating system: Linux Description: File: src/backend/access/transam/slru.c Function: SlruScanDirectory Line: 1385 AllocateDir() will return a NULL pointer if it fails to open the specified directory. However, in function SlruScanDirectory(), its return value is not checked. This may result in a NULL pointer dereference when trying to free it (see line 1405). For your convenience, I copy and paste related codes as follows: 1376 bool 1377 SlruScanDirectory(SlruCtl ctl, SlruScanCallback callback, void *data) 1378 { 1379 bool retval = false; 1380 DIR *cldir; 1381 struct dirent *clde; 1382 int segno; 1383 int segpage; 1384 1385 cldir = AllocateDir(ctl->Dir); ... 1405 FreeDir(cldir); 1406 1407 return retval; 1408 } Thank you! Pan Bian