Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 713cfaf

Browse files
committed
Silence Coverity complaint about possible null-pointer dereference.
If pg_init_privs were to contain a NULL ACL field, this code would pass old_acl == NULL to merge_acl_with_grant, which would crash. The case shouldn't happen, but it just takes a couple more lines of code to guard against it, so do so. Oversight in 5342874; no back-patch needed.
1 parent c34d7df commit 713cfaf

File tree

1 file changed

+11
-8
lines changed

1 file changed

+11
-8
lines changed

src/backend/catalog/aclchk.c

+11-8
Original file line numberDiff line numberDiff line change
@@ -4934,14 +4934,17 @@ RemoveRoleFromInitPriv(Oid roleid, Oid classid, Oid objid, int32 objsubid)
49344934
/*
49354935
* Generate new ACL. Grantor of rights is always the same as the owner.
49364936
*/
4937-
new_acl = merge_acl_with_grant(old_acl,
4938-
false, /* is_grant */
4939-
false, /* grant_option */
4940-
DROP_RESTRICT,
4941-
list_make1_oid(roleid),
4942-
ACLITEM_ALL_PRIV_BITS,
4943-
ownerId,
4944-
ownerId);
4937+
if (old_acl != NULL)
4938+
new_acl = merge_acl_with_grant(old_acl,
4939+
false, /* is_grant */
4940+
false, /* grant_option */
4941+
DROP_RESTRICT,
4942+
list_make1_oid(roleid),
4943+
ACLITEM_ALL_PRIV_BITS,
4944+
ownerId,
4945+
ownerId);
4946+
else
4947+
new_acl = NULL; /* this case shouldn't happen, probably */
49454948

49464949
/* If we end with an empty ACL, delete the pg_init_privs entry. */
49474950
if (new_acl == NULL || ACL_NUM(new_acl) == 0)

0 commit comments

Comments
 (0)