Thread: Possible NULL pointer deferenced (src/interfaces/libpq/fe-exec.c(line 563)

Possible NULL pointer deferenced (src/interfaces/libpq/fe-exec.c(line 563)

From
Ranier Vilela
Date:
Hi Mark,
please, can you take a look?

This possible bug was appeared before, see at:

The trap still persist, in HEAD see:

src/interfaces/libpq/fe-exec.c (line 563)
/* If there's enough space in the current block, no problem. */
if (nBytes <= (size_t) res->spaceLeft)
{
   space = res->curBlock->space + res->curOffset;
   res->curOffset += nBytes;
   res->spaceLeft -= nBytes;

   return space;
}

The res->curBlock pointer possibly, can be NULL here (line 563).

See at:
src/interfaces/libpq/fe-exec.c (line 585)
if (res->curBlock)

The path is res->curBlock be NULL and res->spaceLeft > nBytes.

If res->curBlock it not can be NULL, inside pqResultAlloc function, why is verified against NULL at line 585?

regards,
Ranier Vilela
Ranier Vilela <ranier.vf@gmail.com> writes:
> The res->curBlock pointer possibly, can be NULL here (line 563).

No, it can't.

To get to that line, nBytes has to be > 0, which means res->spaceLeft
has to be > 0, which cannot happen while res->curBlock is NULL.

            regards, tom lane



Em dom., 21 de jun. de 2020 às 02:16, Tom Lane <tgl@sss.pgh.pa.us> escreveu:
Ranier Vilela <ranier.vf@gmail.com> writes:
> The res->curBlock pointer possibly, can be NULL here (line 563).

No, it can't.

To get to that line, nBytes has to be > 0, which means res->spaceLeft
has to be > 0, which cannot happen while res->curBlock is NULL.
Hi Tom, thanks for answer.

regards,
Ranier Vilela