Thread: BUG #18981: Fault tolerance and improvement for xmltotext_with_options (xml.c)

The following bug has been logged on the website:

Bug reference:      18981
Logged by:          Dmitry Kovalenko
Email address:      d.kovalenko@postgrespro.ru
PostgreSQL version: 18beta1
Operating system:   any
Description:

Hello,
Please look at this code:
https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L730
xmlerrcxt = pg_xml_init(PG_XML_STRICTNESS_ALL);
pg_xml_init uses palloc and may "raise an exception".
1)
https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L1254
2)
https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L1258
t it occurres we do not release 'doc' pointer and get memory leaks.
I offer to move a call of pg_xml_init in try{...}catch section
See this commit:
https://github.com/dmitry-lipetsk/postgres/commit/c66d2b05077a8d1f3057560303f3a82f7d717569
Also
Within PG_CATCH 'doc' is not NULL.

https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L866-L867
It allocates before PG_TRY statement.
https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L709
So, we can call xmlFreeDoc(doc) without a verification.
Thanks&Regards,
Dmitry Kovalenko

PG Bug reporting form <noreply@postgresql.org> writes:
> Please look at this code:
> https://github.com/postgres/postgres/blob/a27893df45ec5d8c657899202e9cf0b9a816fe2f/src/backend/utils/adt/xml.c#L730
> xmlerrcxt = pg_xml_init(PG_XML_STRICTNESS_ALL);
> pg_xml_init uses palloc and may "raise an exception".

Yup, we should cover that case.

> Also
> Within PG_CATCH 'doc' is not NULL.

Agreed.  Pushed your fix with small editorialization.

            regards, tom lane