Thread: pgsql: Fix incorrect sentinel byte logic in GenerationRealloc()
Fix incorrect sentinel byte logic in GenerationRealloc() This only affects MEMORY_CONTEXT_CHECKING builds. This fixes an off-by-one issue in GenerationRealloc() where the fast-path code which tries to reuse the existing allocation if the existing chunk is >= the new requested size. The code there thought it was always ok to use the existing chunk, but when oldsize == size there isn't enough space to store the sentinel byte. If both sizes matched exactly set_sentinel() would overwrite the first byte beyond the chunk and then subsequent GenerationRealloc() calls could then fail the Assert(chunk->requested_size < oldsize) check which is trying to ensure the chunk is large enough to store the sentinel. The same issue does not exist in aset.c as the sentinel checking code only adds a sentinel byte if there's enough space in the chunk. Reported-by: Alexander Lakhin <exclusion@gmail.com> Discussion: https://postgr.es/m/49275921-7b39-41af-5eb8-97b50ce3312e@gmail.com Backpatch-through: 16, where the problem was introduced by 0e480385e Branch ------ REL_16_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/49e29cbe8cbcb6bd4ac6c5dc64b1ad27844c1b5c Modified Files -------------- src/backend/utils/mmgr/generation.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-)